Comment suprimer Gibmed.B.3????

Coks

31 Janvier 2010 02:14:01

Bonjour, donc voila, j'ai un petit virus sur mon pc se nommant Gibmed.B.3 (c'est d'ailleur pas le seul virus que j'ai).
Je galere un peu a la virer.
en lisant un autre sujet sur ce forum, mais malheuresement pas achevé, j'ai pris l'initiative d'installer Malwarebytes', et de faire une analyse (voir reponse ci-desous)
Pouvez vous m'aidez a m'en débarasser?
Merci d'avance.

Autres pages sur : suprimer gibmed

| Etre averti des réponses
| Alerter

Répondre à Coks

Coks

31 Janvier 2010 02:14:45

voici l'analyse faite avec Malwarebytes': (a la suite de quoi j'ai suprimé la quarantaine et est redemarer le system)

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3665
Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

31/01/2010 03:09:37
mbam-log-2010-01-31 (03-09-37).txt

Type de recherche: Examen rapide
Eléments examinés: 130323
Temps écoulé: 7 minute(s), 11 second(s)

Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 10
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 3
Fichier(s) infecté(s): 15

Processus mémoire infecté(s):
C:\Users\PARENTS\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (Rogue.Eorezo) -> Unloaded process successfully.
C:\Program Files\Winsudate\gibsvc.exe (Adware.Gibmedia) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{1d4db7d3-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c14e6230-757d-4246-81ce-b34e2940c722} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winsvc (Adware.Gibmedia) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\BIFROST1.2 (Backdoor.Bifrose) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\IGB (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\softwarehelper (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\winusr (Adware.Gibmedia) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bend logo clock film (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\ProgramData\Frag great bend logo (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\POL (PUP.ArdamaxKeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\Winsudate (Adware.Gibmedia) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Users\PARENTS\Local Settings\Application Data\symsu_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\PARENTS\Local Settings\Application Data\symsu_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\PARENTS\Local Settings\Application Data\symsu.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\PARENTS\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-1908288780-3657467650-1890825559-1001\$RE99ND2.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\ProgramData\Frag great bend logo\Love Play.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\POL\akv.cfg (PUP.ArdamaxKeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\POL\key.bin (PUP.ArdamaxKeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\POL\POL.001 (PUP.ArdamaxKeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\POL\POL.002 (PUP.ArdamaxKeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\POL\POL.005 (PUP.ArdamaxKeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\POL\POL.009 (PUP.ArdamaxKeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\Winsudate\gibsvc.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\minftnet.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\PARENTS\AppData\Local\Temp\mspass.exe (HackTool.Agent) -> Quarantined and deleted successfully.

| Alerter

Répondre à Coks

Destrio5

31 Janvier 2010 09:09:04

Bonjour,

Relance MBAM, va dans Quarantaine et supprime tout.

Désactive l'UAC le temps de la désinfection.

Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

/!\ Déconnecte-toi et ferme toutes applications en cours /!\

Double-clique sur AD-R situé sur ton Bureau pour le lancer.
(Sous Vista, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)

Choisis la langue F pour français.

Au menu principal, choisis l'option L.

/!\ Laisse travailler l'outil /!\

Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.

| Alerter

Répondre à Destrio5

Coks

31 Janvier 2010 12:57:25

Merci a toi Destrio5
résultat de l'analyse de Ad-Remover:

.
======= RAPPORT D'AD-REMOVER 1.1.4.6_J | UNIQUEMENT XP/VISTA/7 =======
.
Mis à jour par C_XX le 29.01.2010 à 16:43
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 13:39:25, 31/01/2010 | Mode Normal | Option: CLEAN
Exécuté de: C:\Ad-Remover\
Système d'exploitation: Microsoft® Windows Vista™ HomePremium Service Pack 2 v6.0.6001
Nom du PC: XXXXX | Utilisateur actuel: PARENTS
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
Service: *ASKService*
Service: *ASKUpgrade*

C:\Users\PARENTS\AppData\Roaming\Mozilla\FireFox\Profiles\mhn84evu.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Everest Poker
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Games-Attack
C:\Program Files\AGI
C:\Program Files\AskBarDis
C:\Program Files\Everest Poker
C:\Program Files\Games-Attack
C:\Program Files\vmntoolbar
C:\Users\PARENTS\AppData\Roaming\Desktopicon
C:\Users\PARENTS\AppData\Roaming\EoRezo
C:\Users\PARENTS\AppData\Roaming\Games-Attack
C:\Users\PARENTS\AppData\Roaming\ItsLabel
C:\Users\PARENTS\AppData\LocalLow\vmntoolbar
C:\ProgramData\Games-Attack
C:\ProgramData\Trymedia
C:\Users\PARENTS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Ebay.lnk
C:\Users\PARENTS\AppData\Roaming\MICROS~1\Windows\STARTM~1\Ebay.lnk
C:\Users\BENJAMIN\AppData\Local\Temp\AskBarDis
C:\Users\BENJAMIN\AppData\Local\Temp\Low\AskBarDis
C:\Users\BENJAMIN\AppData\Local\VirtualStore\Program Files\InternetGameBox
C:\Users\BENJAMIN\AppData\LocalLow\VMNTOOLBAR
C:\Users\laurie\Desktop\trucs ki servent a rien\Everest Poker.lnk
C:\Users\Public\Desktop\Everest Poker.lnk
C:\Users\PARENTS\AppData\Local\ygguoyw.bat

(!) -- Fichiers temporaires supprimés.

.
HKCU\software\appdatalow\AskBarDis
HKCU\software\appdatalow\software\VMNTOOLBAR
HKCU\software\EoRezo
HKCU\software\Games-Attack
HKCU\software\Grand Virtual
HKCU\software\ItsLabel
HKCU\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\software\appdatalow\AskBarDis
HKLM\software\classes\AskIBar.PopSwatterBarButton
HKLM\software\classes\AskIBar.PopSwatterBarButton.1
HKLM\software\classes\AskIBar.PopSwatterSettingsControl
HKLM\software\classes\AskIBar.PopSwatterSettingsControl.1
HKLM\software\classes\AskToolBar.SettingsPlugin
HKLM\software\classes\AskToolBar.SettingsPlugin.1
HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
HKLM\Software\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}
HKLM\Software\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}
HKLM\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKLM\Software\Classes\CLSID\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
HKLM\Software\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}
HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}
HKLM\Software\Classes\CLSID\{A057A204-BACC-4D26-8287-79A187E26987}
HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
HKLM\Software\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
HKLM\Software\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
HKLM\software\classes\vmntoolbar.VMNTOOLBAR
HKLM\software\Games-Attack
HKLM\Software\Microsoft\Code Store Database\Distribution Units\CabBuilder
HKLM\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-8287-79A187E26987}
HKLM\software\microsoft\windows\currentversion\uninstall\Ask Toolbar_is1
HKLM\software\microsoft\windows\currentversion\uninstall\Everest Poker
HKLM\software\microsoft\windows\currentversion\uninstall\SoftwareUpdate_is1
HKLM\software\microsoft\windows\currentversion\uninstall\vmntoolbar
HKLM\software\microsoft\windows\currentversion\uninstall\ygguoyw
HKLM\software\Trymedia Systems
HKU\.default\software\EoRezo
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.5.7 [fr] *
.
Nom du profil: mhn84evu.default (PARENTS)
.
(PARENTS, Invalidprefs.js) Browser.download.dir, C:\Users\PARENTS\Downloads
(PARENTS, Invalidprefs.js) Browser.search.defaultenginename, Google
(PARENTS, Invalidprefs.js) Browser.search.defaulturl, hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
(PARENTS, Invalidprefs.js) Browser.search.selectedEngine, Google
(PARENTS, Invalidprefs.js) Browser.startup.homepage, hxxp://y.lo.st
(PARENTS, Invalidprefs.js) Extensions.enabledItems, {bfcdcebe-e1fb-40f9-b4e2-7bb1138ef76c}:1.5.46.5,{3112ca9c-de6d-4884-a869-9855de68056c}:3.1.20080730W,{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10,{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}:10.1.0,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.4
.
(PARENTS, Invalidprefs.js) EFFACE - Browser.startup.homepage, hxxp://y.lo.st
.
(PARENTS, prefs.js) Browser.download.dir, C:\Users\PARENTS\Downloads
(PARENTS, prefs.js) Browser.search.defaultenginename, Google
(PARENTS, prefs.js) Browser.search.defaulturl, hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
(PARENTS, prefs.js) Browser.search.selectedEngine, Google
(PARENTS, prefs.js) Browser.startup.homepage, hxxp://y.lo.st
(PARENTS, prefs.js) Extensions.enabledItems, {71328583-3CA7-4809-B4BA-570A85818FBB}:0.5,{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1,{3112ca9c-de6d-4884-a869-9855de68056c}:6.1.20091216W,{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10,{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11,{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13,{20a82645-c095-46ed-80e3-08825760534b}:1.1,personas@christopher.beard:1.5,{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}:10.1.0,{E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.7
.
(PARENTS, prefs.js) EFFACE - Browser.startup.homepage, hxxp://y.lo.st
.
.
* Internet Explorer Version 7.0.6001.18000 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Do404Search: 01000000
Local Page: C:\Windows\system32\blank.htm
Show_ToolBar: yes
Enable Browser Extensions: yes
Start Page: hxxp://fr.msn.com/
Use Search Asst: no
Use Custom Search URL: 1 (0x1)
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: %SystemRoot%\system32\blank.htm
Enable Browser Extensions: yes
Use Search Asst: no
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials, ...) ==============
.
C:\Users\PARENTS\AppData\Roaming\BitTorrent\FARCRY 2 + CRACK.torrent
C:\Users\PARENTS\Desktop\ACCESSOIRES\Patch MsnCreative WLM 8.5 final[www.msncreative.net].exe
C:\Users\PARENTS\Desktop\ACCESSOIRES\Rapidshare Database Searcher\Rapidshare Database Searcher\keygen.exe
C:\Users\PARENTS\Desktop\Hacking\dossier de hack\crack me\crack me (tuto2)\CrackmeDaube.exe
C:\Users\PARENTS\Desktop\Hacking\dossier de hack\crack me\crack me daube(tuto1)\CrackmeDaube.exe
C:\Users\PARENTS\Desktop\truc a joan\Winrar pro\keygen.exe
C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Downloads\crakeur de mdp pour .rar-zip\crackeur nø=2\ARCHPR.EXE
C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Downloads\crakeur de mdp pour .rar-zip\crackeur nø=2\setup.exe
C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Downloads\Script MSN\script msn 2\patch.exe
C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\patchv2[1]\patch.exe
C:\Users\PARENTS\Favorites\..CRACKWEB...url
C:\Users\PARENTS\Favorites\video Hack MSN Script By Seboss ! By Nicos11 - habbo, hacking, cracking - videos wideo.url
C:\Users\TOKEN\Downloads\eMule\Incoming\mes logiciels\Virtual DJ Studio 4.6\Crack\virtualdj.exe
.
===================================
.
9177 Octet(s) - C:\Ad-Report-CLEAN[1].log
.
522 Fichier(s) - C:\Users\PARENTS\AppData\Local\Temp
31 Fichier(s) - C:\Windows\Temp
10 Fichier(s) - C:\Windows\Prefetch
.
20 Fichier(s) - C:\Ad-Remover\BACKUP
1229 Fichier(s) - C:\Ad-Remover\QUARANTINE
.
Fin à: 13:46:43 | 31/01/2010 - CLEAN[1]
.
============== E.O.F ==============
.

| Alerter

Répondre à Coks

Destrio5

31 Janvier 2010 13:22:53

Désinstalle Ad-Remover.

Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)

Clique sur Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : les rapports sont sauvegardés dans le dossier C:\Rsit.

| Alerter

Répondre à Destrio5

Coks

31 Janvier 2010 19:51:57

contenu de log.txt:

Logfile of random's system information tool 1.06 (written by random/random)
Run by PARENTS at 2010-01-31 20:39:11
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 61 GB (26%) free of 233 GB
Total RAM: 2046 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:39:56, on 31/01/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\conime.exe
C:\Windows\V0420Mon.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DNA\btdna.exe
C:\Users\PARENTS\AppData\Local\Clavier+\Clavier.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Club-Internet\Lanceur\lanceur.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\eMule2\emule.exe
C:\Program Files\Opera\opera.exe
C:\Users\PARENTS\AppData\Local\Opera\Opera\profile\cache4\temporary_download\RSIT.exe
C:\Program Files\trend micro\PARENTS.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: LphantBar Toolbar - {6b284373-1765-4464-a587-80fbc2b2eefa} - C:\Program Files\LphantBar\tbLpha.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: LphantBar Toolbar - {6b284373-1765-4464-a587-80fbc2b2eefa} - C:\Program Files\LphantBar\tbLpha.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: LphantBar Toolbar - {6b284373-1765-4464-a587-80fbc2b2eefa} - C:\Program Files\LphantBar\tbLpha.dll
O3 - Toolbar: (no name) - {A057A204-BACC-4D26-8287-79A187E26987} - (no file)
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [V0420Mon.exe] C:\Windows\V0420Mon.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam2\Steam.exe" -silent
O4 - HKCU\..\Run: [Clavier+] C:\Users\PARENTS\AppData\Local\Clavier+\Clavier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [program defy] "C:\ProgramData\LongDashDash.bqsdus"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Program Files\Opera\Program\Plugins\NPSWF32_FlashUtil.exe -p
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpld...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/Gam...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://11lolori11.spaces.live.com/PhotoUpload/VistaMsnP...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\System32\LEXBCES.EXE
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe

--
End of file - 12783 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{A31F4002-238A-45B7-A55A-161B716BEBE1}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6b284373-1765-4464-a587-80fbc2b2eefa}]
LphantBar Toolbar - C:\Program Files\LphantBar\tbLpha.dll [2008-09-15 1784856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-02-12 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-02-12 657904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-02-12 522224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll [2005-02-07 203464]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]
{6b284373-1765-4464-a587-80fbc2b2eefa} - LphantBar Toolbar - C:\Program Files\LphantBar\tbLpha.dll [2008-09-15 1784856]
{A057A204-BACC-4D26-8287-79A187E26987}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-02-12 251504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"V0420Mon.exe"=C:\Windows\V0420Mon.exe [2007-04-30 32768]
"RegistryMechanic"= []
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-29 4317184]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2008-11-02 167936]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-09-17 13580832]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-09-17 92704]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-01-06 290088]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2008-05-28 570664]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"WPCUMI"=C:\Windows\system32\WpcUmi.exe [2006-11-02 176128]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
""= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-10-24 68856]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856]
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2010-01-31 323392]
"Speech Recognition"=C:\Windows\Speech\Common\sapisvr.exe [2008-01-19 49664]
"Steam"=C:\Program Files\Steam2\Steam.exe [2009-10-28 1217808]
"Clavier+"=C:\Users\PARENTS\AppData\Local\Clavier+\Clavier.exe [2007-10-21 88576]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2008-01-22 152872]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"program defy"=C:\ProgramData\LongDashDash.bqsdus [2009-12-03 311312]
"Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2009-10-09 25623336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Program Files\Opera\Program\Plugins\NPSWF32_FlashUtil.exe [2009-07-18 257440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnumanLive]
C:\Users\PARENTS\AppData\Roaming\Anuman Interactive\AnumanLive\AnumanLive.exe [2007-10-30 347136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative Live! Cam Manager]
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe [2007-06-07 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
C:\Windows\ehome\ehTray.exe [2008-01-19 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\MsnMsgr.Exe /background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwhypbpydz]
c:\users\parents\appdata\local\mwhypbpydz.exe mwhypbpydz []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
C:\Program Files\Spyware Doctor\SDTrayApp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shareaza]
C:\Program Files\Shareaza\Shareaza.exe -tray []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\Steam.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-10-24 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
C:\PROGRA~1\Adobe\READER~1.0\Reader\ADOBEC~1.EXE [2009-02-27 542096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Reader.lnk]
C:\PROGRA~1\Adobe\READER~1.0\Reader\READER~1.EXE [2009-10-03 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Outil de mise à jour Google.lnk]
C:\PROGRA~1\Google\GOOGLE~2\GOOGLE~1.EXE [2008-10-10 161264]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\PARENTS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Club Internet.lnk - C:\Program Files\Club-Internet\Lanceur\lanceur.exe
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="wbsys.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
C:\Program Files\AlienGUIse\fastload.dll [2001-12-20 24576]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"RunStartupScriptSync"=1
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"RunStartupScriptSync"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2c27af1b-ac0b-11dc-a2d0-001a922cce5e}]
shell\AutoRun\command - L:\usb\run.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f4b2f128-51a5-11dc-bd95-806e6f6e6963}]
shell\AutoRun\command - F:\autorun.bat

======List of files/folders created in the last 1 months======

2010-01-31 20:39:12 ----D---- C:\Program Files\trend micro
2010-01-31 20:39:11 ----D---- C:\rsit
2010-01-31 13:36:20 ----D---- C:\Ad-Remover
2010-01-31 03:00:06 ----D---- C:\Users\PARENTS\AppData\Roaming\Malwarebytes
2010-01-31 02:59:57 ----D---- C:\ProgramData\Malwarebytes
2010-01-31 02:59:57 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-01-22 10:56:57 ----A---- C:\Windows\system32\wininet.dll
2010-01-22 10:56:57 ----A---- C:\Windows\system32\occache.dll
2010-01-22 10:56:57 ----A---- C:\Windows\system32\mshtml.dll
2010-01-22 10:56:56 ----A---- C:\Windows\system32\urlmon.dll
2010-01-22 10:56:55 ----A---- C:\Windows\system32\ieframe.dll
2010-01-22 10:56:54 ----A---- C:\Windows\system32\msfeeds.dll
2010-01-22 10:56:54 ----A---- C:\Windows\system32\iertutil.dll
2010-01-22 10:56:54 ----A---- C:\Windows\system32\iedkcs32.dll
2010-01-22 10:56:54 ----A---- C:\Windows\system32\ieapfltr.dll
2010-01-22 10:56:53 ----A---- C:\Windows\system32\mstime.dll
2010-01-22 10:56:53 ----A---- C:\Windows\system32\ieUnatt.exe
2010-01-22 10:56:53 ----A---- C:\Windows\system32\iepeers.dll
2010-01-22 10:56:53 ----A---- C:\Windows\system32\ieencode.dll
2010-01-22 10:56:53 ----A---- C:\Windows\system32\ieaksie.dll
2010-01-22 10:56:52 ----A---- C:\Windows\system32\jsproxy.dll
2010-01-19 13:56:49 ----D---- C:\Program Files\IDoser v4
2010-01-13 09:49:03 ----A---- C:\Windows\system32\t2embed.dll
2010-01-13 09:49:03 ----A---- C:\Windows\system32\fontsub.dll
2010-01-11 13:50:33 ----D---- C:\Users\PARENTS\AppData\Roaming\PhotoFiltre
2010-01-11 13:50:28 ----D---- C:\Program Files\PhotoFiltre
2010-01-11 13:48:27 ----A---- C:\Windows\Instaler Setup Log.txt
2010-01-05 16:39:25 ----D---- C:\Rummy Royal

======List of files/folders modified in the last 1 months======

2010-01-31 20:39:24 ----D---- C:\Windows\Prefetch
2010-01-31 20:39:18 ----D---- C:\Windows\TEMP
2010-01-31 20:39:12 ----RD---- C:\Program Files
2010-01-31 20:39:12 ----D---- C:\Windows\tracing
2010-01-31 20:37:52 ----D---- C:\Users\PARENTS\AppData\Roaming\DNA
2010-01-31 16:07:35 ----D---- C:\Program Files\Mozilla Firefox
2010-01-31 14:56:55 ----SHD---- C:\System Volume Information
2010-01-31 13:48:32 ----D---- C:\Program Files\Steam2
2010-01-31 13:48:15 ----D---- C:\Users\PARENTS\AppData\Roaming\OpenOffice.org2
2010-01-31 13:47:07 ----D---- C:\Program Files\DNA
2010-01-31 13:46:49 ----D---- C:\Windows\System32
2010-01-31 13:46:49 ----D---- C:\Windows\inf
2010-01-31 13:46:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-01-31 13:43:06 ----HD---- C:\ProgramData
2010-01-31 13:27:30 ----D---- C:\Windows\system32\drivers
2010-01-31 13:26:38 ----D---- C:\Windows\system32\catroot2
2010-01-31 03:09:36 ----D---- C:\Program Files\Internet Explorer
2010-01-31 02:35:13 ----D---- C:\Windows
2010-01-29 10:47:34 ----D---- C:\Windows\system32\Macromed
2010-01-24 17:34:01 ----D---- C:\ProgramData\Sizeencreal
2010-01-23 03:19:10 ----D---- C:\Program Files\Microsoft Silverlight
2010-01-23 03:02:15 ----D---- C:\Windows\winsxs
2010-01-22 23:47:41 ----D---- C:\ProgramData\Messenger Plus!
2010-01-22 10:54:21 ----D---- C:\Windows\system32\catroot
2010-01-21 15:28:59 ----D---- C:\Program Files\Messenger Plus! Live
2010-01-21 03:10:49 ----SHD---- C:\$Recycle.Bin
2010-01-21 03:00:58 ----SHD---- C:\Windows\Installer
2010-01-20 15:44:47 ----D---- C:\Users\PARENTS\AppData\Roaming\BitTorrent
2010-01-20 08:00:15 ----D---- C:\Users\PARENTS\AppData\Roaming\skypePM
2010-01-18 23:30:17 ----D---- C:\Users\PARENTS\AppData\Roaming\Skype
2010-01-18 20:44:06 ----D---- C:\Program Files\Circle Developement
2010-01-14 11:12:06 ----N---- C:\Windows\system32\MpSigStub.exe
2010-01-14 03:03:34 ----D---- C:\Program Files\Windows Mail
2010-01-05 01:17:46 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2008-10-15 371248]
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2007-12-24 111632]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-11-02 56572]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2007-11-30 43696]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-07-13 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-12-10 56816]
R3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys [2006-11-22 34576]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys [2006-11-22 27792]
R3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys [2006-11-22 18320]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-01-02 1668456]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-17 7379872]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-19 8192]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-11-24 50688]
R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-19 73088]
R3 V0420VID;Live! Cam Vista IM (VF0420); C:\Windows\system32\DRIVERS\V0420Vid.sys [2007-05-31 99648]
R3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys [2006-11-22 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys [2006-11-22 44304]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080421.002\IDSvix86.sys []
S1 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2007-11-30 279088]
S3 ad00qzf1;ad00qzf1; C:\Windows\system32\drivers\ad00qzf1.sys []
S3 BDFsDrv;BDFsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []
S3 BDRsDrv;BDRsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2006-11-22 33936]
S3 catchme;catchme; \??\C:\TRISTAN\catchme.sys []
S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2007-04-05 19712]
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [2007-04-05 18304]
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080421.003\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080421.003\NAVEX15.SYS []
S3 Nokia USB Generic;Nokia USB Generic; C:\Windows\system32\drivers\nmwcdc.sys [2005-10-13 8704]
S3 Nokia USB Modem;Nokia USB Modem; C:\Windows\system32\drivers\nmwcdcm.sys [2005-10-13 12800]
S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\Windows\system32\drivers\nmwcd.sys [2005-10-13 124928]
S3 PCAMPR4;PCAMPR4 NDIS Protocol Driver; \??\C:\Windows\system32\PCAMPR4.SYS []
S3 PCANDIS4;PCANDIS4 NDIS Protocol Driver; \??\C:\Windows\system32\PCANDIS4.SYS []
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2007-11-30 317616]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2005-08-17 8272]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2005-08-17 93872]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\Windows\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\Windows\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2007-12-25 123952]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-02-18 30464]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 vtany;vtany; \??\C:\Windows\vtany.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S3 xhunter1;xhunter1; \??\C:\Windows\xhunter1.sys [2009-08-11 50688]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2008-07-08 103936]
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2008-07-08 103936]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2008-07-08 103936]
S4 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2006-05-11 247808]
S4 nvatabus;nvatabus; C:\Windows\system32\drivers\nvatabus.sys [2006-07-14 105088]
S4 viamraid;viamraid; C:\Windows\system32\drivers\viamraid.sys [2006-03-31 100992]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-10-01 611664]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-18 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 LexBceS;LexBce Server; C:\Windows\System32\LEXBCES.EXE [2003-08-18 303104]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-17 196608]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-12-10 75064]
R2 TeamViewer4;TeamViewer 4; C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe [2009-01-28 185640]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-01-06 536872]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-26 135664]
S2 SymAppCore;Symantec AppCore Service; C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [2007-02-19 47712]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-04-13 655624]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2008-04-08 800040]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-12-30 321320]

-----------------EOF-----------------

contenu de info.txt :

info.txt logfile of random's system information tool 1.06 2010-01-31 20:40:01

======Uninstall list======

-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{15B3F9F8-4CF9-452A-9AF2-AA8553765DA7}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34EDB7E6-D292-44BD-8CA6-A3E33C9D7750}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{513D9FB1-27A2-44E4-8F2D-77A6737921A5}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6BE926E5-66F4-4166-A5E5-E14D7A165BBD}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x40c
32 Bit HP CIO Components Installer-->MsiExec.exe /I{2614F54E-A828-49FA-93BA-45A3F756BFAA}
ABBYY FineReader 5.0 Sprint-->MsiExec.exe /X{D1696920-9794-4BBC-8A30-7A88763DE5A2}
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color EU Recommended Settings CS4-->MsiExec.exe /I{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Extra Settings CS4-->MsiExec.exe /I{098A2A49-7CF3-4F08-A38D-FB879117152A}
Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Illustrator CS4-->C:\Program Files\Common Files\Adobe\Installers\2a31ae7a5c43ff52d8577782dd34e04\Setup.exe --uninstall=1
Adobe Illustrator CS4-->MsiExec.exe /I{87532CAB-7932-4F84-8937-823337622807}
Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
Adobe Setup-->MsiExec.exe /I{8CE08C3C-8FF4-45D9-925E-4F3CE2D7FA7D}
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
AlienGUIse Theme Manager-->C:\PROGRA~1\ALIENG~1\thememgr.exe /uninstallwise
AppCore-->MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
AutoIt v3.3.0.0-->C:\Program Files\AutoIt3\Uninstall.exe
AVIConverter 5.0.1-->C:\Program Files\AVIConverter\uninst.exe
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
AVS Audio Converter version 5.1-->"C:\Program Files\AVS4YOU\AVSAudioConverter\unins000.exe"
AVS Disc Creator version 2.1-->"C:\Program Files\AVSMedia\DiscCreator\unins000.exe"
AVS4YOU Software Navigator 1.2-->"C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
Barre d'outils MSN-->C:\Program Files\MSN Toolbar\01.01.2607.0\fr\mtbs.exe c
BlueSoleil 3.0 Std Release-->MsiExec.exe /X{B174DCA1-D1AF-45B4-976D-87943E4C5957}
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
CA VMN Anti-Spyware (remove only)-->"C:\Program Files\CA VMN Anti-Spyware\uninstall.exe"
Cartoonist 1.2-->"C:\Program Files\Cartoonist\unins000.exe"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CDex extraction audio-->"C:\Program Files\CDex_170b2\uninstall.exe"
Clavier+ 10.6.1-->"C:\Users\PARENTS\AppData\Local\Clavier+\unins000.exe"
Clé Internet de prêt-->"C:\Program Files\InstallShield Installation Information\{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}\setup.exe" -runfromtemp -l0x040c -removeonly
Codeur Windows Media Série 9-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Codeur Windows Media Série 9-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
Counter-Strike: Source-->"C:\Program Files\Steam2\steam.exe" steam://uninstall/240
Counter-Strike-->"C:\Program Files\Steam2\steam.exe" steam://uninstall/10
Creative Live! Cam Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6BE926E5-66F4-4166-A5E5-E14D7A165BBD}\setup.exe" -l0x40c /remove
Creative Live! Cam Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{15B3F9F8-4CF9-452A-9AF2-AA8553765DA7}\setup.exe" -l0x40c /remove
Creative Live! Cam Vista IM Driver (1.00.03.0000)-->C:\Windows\CtDrvIns.exe -uninstall -script VF0420.uns -unsext NT -plugin V0420Pin.dll -pluginres CtCamPin.crl
Creative Software AutoUpdate-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c /remove
Creative System Information-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c /remove
dBpoweramp Music Converter-->"C:\Windows\system32\SpoonUninstall.exe" <uninstall>C:\Windows\system32\SpoonUninstall-dBpoweramp Music Converter.dat
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
eBay Icon-->C:\Users\PARENTS\AppData\Roaming\Desktopicon\uninst.exe
eMule-->"C:\Program Files\eMule2\Uninstall.exe"
Farces & Attrapes 2.0-->C:\Program Files\Atlence\Farces & Attrapes 2.0\unins000.exe
FaxTools-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F45298E5-0083-426F-A668-1A2C5F04B8A0}\setup.exe" -l0x40c ControlPanel
FileZilla Client 3.2.1-->C:\Program Files\FileZilla FTP Client\uninstall.exe
Free Audio CD Burner version 1.2-->"C:\Program Files\DVDVideoSoft\Free Audio CD Burner\unins000.exe"
Free Easy Burner V 3.8-->"C:\Program Files\Free Easy Burner\unins000.exe"
Free FLV Converter V 6.7.4-->"C:\Program Files\Free FLV Converter\unins000.exe"
Free Mp3 Wma Converter V 1.5.5-->"C:\Program Files\Free Audio Pack\unins000.exe"
Free YouTube Download 2.3-->"C:\Program Files\DVDVideoSoft\Free YouTube Download\unins000.exe"
Free YouTube to MP3 Converter version 3.2-->"C:\Program Files\DVDVideoSoft\Free YouTube to MP3 Converter\unins000.exe"
Fruity Loops Studio Producer Edition XXL v6.04 Patcher-->C:\PROGRA~1\IMAGE-~1\FLSTUD~1\UNWISE.EXE C:\PROGRA~1\IMAGE-~1\FLSTUD~1\INSTALL.LOG
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
Gestionnaire de photos Creative-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{513D9FB1-27A2-44E4-8F2D-77A6737921A5}\setup.exe" -l0x40c /remove
GIMP 2.6.4-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
Google Chrome-->"C:\Program Files\Google\Chrome\Application\3.0.195.38\Installer\setup.exe" --uninstall --system-level
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Earth-->MsiExec.exe /X{C084BC61-E537-11DE-8616-005056806466}
Guide de l'utilisateur Creative Live! Cam-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34EDB7E6-D292-44BD-8CA6-A3E33C9D7750}\setup.exe" -l0x40c /remove
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Encoder (KB929182)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={5406B219-A1AC-4BC4-8695-72292C8195AC} /qb
HP Customer Participation Program 9.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Deskjet All-In-One Software 9.0-->C:\Program Files\HP\Digital Imaging\{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}\setup\hpzscr01.exe -datfile hposcr14.dat
HP Imaging Device Functions 9.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential 2.01-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Product Assistant-->MsiExec.exe /I{36FDBE6E-6684-462B-AE98-9A39A1B200CC}
HP Smart Web Printing-->MsiExec.exe /X{415CDA53-9100-476F-A7B2-476691E117C7}
HP Solution Center 9.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{818ABC3C-635C-4651-8183-D0E9640B7DD1}
HPSSupply-->MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
iTunes-->MsiExec.exe /I{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
La Somme de Toutes les Peurs-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6736E2A0-3B7C-4CAA-A508-7400F6A8969B}\Setup.exe" -l0x40c
Lanceur Club Internet v6-->"C:\Program Files\Club-Internet\Lanceur\uninstall.exe"
LastChaos-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{99A37AC7-E724-4621-B167-500B5A52B69C}\setup.exe" -l0x9 -removeonly
Les Sims™ 3-->"C:\Program Files\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\Sims3Setup.exe" -runfromtemp -l0x040c -removeonly
Lexmark X1100 Series-->C:\Windows\system32\spool\drivers\w32x86\3\LXBKUN5C.EXE -dLexmark X1100 Series
LG PC Suite II-->C:\Program Files\InstallShield Installation Information\{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}\setup.exe -runfromtemp -l0x040c -removeonly
LG USB Modem driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C3ABE126-2BB2-4246-BFE1-6797679B3579}\setup.exe" -l0x40c LG -removeonly
LimeWire 4.14.10-->"C:\Program Files\LimeWire\uninstall.exe"
livebox-->C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe -runfromtemp -l0x040c -removeonly
Lphant v3.51-->"C:\Program Files\Lphant\unins000.exe"
LphantBar Toolbar-->C:\PROGRA~1\LPHANT~1\UNWISE.EXE C:\PROGRA~1\LPHANT~1\INSTALL.LOG
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
Midnight Club II-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F3856E7C-AD71-48E1-9A95-6D7E7FCB164A}\Setup.exe" -l0x40c
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.5.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSNPlus-->C:\Program Files\groups.im\MSNPlus\uninstall.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
muveeNow 2.0 - Creative-->C:\Program Files\InstallShield Installation Information\{B0F64C44-DC77-497D-9A27-C0F5BAB12493}\setup.exe -runfromtemp -l0x040c -removeonly
Native Instruments Audio 8 DJ Driver-->"C:\ProgramData\{D6072FCA-C57E-4A39-92CE-3ABE6C6D694B}\Audio 8 DJ Driver Setup.exe" REMOVE=TRUE MODIFY=FALSE
Native Instruments Audio 8 DJ Driver-->C:\ProgramData\{D6072FCA-C57E-4A39-92CE-3ABE6C6D694B}\Audio 8 DJ Driver Setup.exe
Native Instruments Service Center-->"C:\ProgramData\{442B6EC3-77A0-4817-825F-67F47D7A2E54}\Service Center Setup.exe" REMOVE=TRUE MODIFY=FALSE
Native Instruments Service Center-->C:\ProgramData\{442B6EC3-77A0-4817-825F-67F47D7A2E54}\Service Center Setup.exe
Native Instruments Traktor-->"C:\ProgramData\{0D1E323F-9D1D-410B-9F3E-FBF24ECC2B05}\Traktor Setup.exe" REMOVE=TRUE MODIFY=FALSE
Native Instruments Traktor-->C:\ProgramData\{0D1E323F-9D1D-410B-9F3E-FBF24ECC2B05}\Traktor Setup.exe
Nero 7 Essentials-->MsiExec.exe /X{F90D6825-8F1F-4E3A-9E42-A9C8A9DD1036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Norton Internet Security-->MsiExec.exe /I{3672B097-EA69-4bfe-B92F-29AE6D9D2B34}
Notepad++-->C:\Program Files\Notepad++\uninstall.exe
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
OpenOffice.org 2.4-->MsiExec.exe /I{1E0FF527-971B-4BBF-83D1-987E8DEE437D}
Opera 9.63-->MsiExec.exe /X{1BC4026B-1957-4514-9058-2B542557F143}
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Outils Club Internet-->"C:\Program Files\Club-Internet\Assistance\OutilsCI\uninstall.exe"
Paint Shop Pro 7 Try And Buy-->MsiExec.exe /I{D6DE02C7-1F47-11D4-9515-00105AE4B89A}
Paper Folding 3D-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EFC6C19-B06F-41B7-9763-42538D5B5CB3}\setup.exe" -l0x9 -removeonly
PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
Prototype(TM)-->C:\Program Files\InstallShield Installation Information\{9322A850-9091-4D0E-B252-3E82EDA3D94A}\setup.exe -runfromtemp -l0x040c
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Rami Royal-->MsiExec.exe /I{A7FAC5BD-6361-436A-B593-715241CF198F}
RAR Password Cracker 4.12-->C:\Program Files\RAR Password Cracker\uninstall.exe
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Reason Demo 4.0-->"C:\Program Files\Propellerhead\Reason Demo\Uninstall Reason Demo\unins000.exe"
Registry Mechanic 7.0-->"C:\Program Files\Registry Mechanic\unins000.exe"
Risk II-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0EE11800-A1BD-11D3-BFEB-005004AF2D32}\setup.exe" -l0x040c
SAMSUNG CDMA Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3 USB Driver Installer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -l0x40c -removeonly
SC Ver 2.62-->"C:\Program Files\SC\unins000.exe"
SecondLife (remove only)-->"C:\Program Files\SecondLife\uninst.exe" /P="SecondLife"
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb
SightSpeed (remove only)-->"C:\Program Files\SightSpeed\uninst.exe"
Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
SuddenAttackNA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{732799C0-7785-43C5-8496-71546A062992}\setup.exe" -l0x9 -removeonly
Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
SUPER © Version 2008.bld.33 (Sep 2, 2008)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
TC:Elite Test-->C:\PROGRA~1\WOLFEN~1\tcetest\uninst.exe
TeamViewer 4-->C:\Program Files\TeamViewer\Version4\uninstall.exe
The Cleaner 5.3-->"C:\Program Files\The Cleaner Free\unins000.exe"
TmNationsForever-->"C:\Program Files\TmNationsForever\unins000.exe"
Todae - Live Media-->C:\Program Files\Windows Media Player\Plugins\Todae\RMP\uninstall_fr.exe
Uninstall 1.0.0.1-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
Virtual DJ - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
Virtual DJ Home Edition - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
VLC media player 0.9.2-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Vuze-->C:\Program Files\Vuze\uninstall.exe
WebExpert 6-->"C:\Program Files\Visicom Media\WebExpert 6\uninst-web.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
WinHTTrack Website Copier 3.43-2-->"C:\Program Files\WinHTTrack\unins000.exe"
Wolfenstein - Enemy Territory-->C:\PROGRA~1\WOLFEN~1\Uninstall\Unwise.exe /u C:\PROGRA~1\WOLFEN~1\Uninstall\Install.log
Xfire (remove only)-->"C:\Program Files\Xfire\uninst.exe"
Xvid 1.1.3 final uninstall-->"C:\Program Files\Xvid\unins000.exe"
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

======System event log======

Computer Name: lafitte-Corp
Event Code: 5
Message: Error loading Symantec real time Anti-Virus driver.
Record Number: 204580
Source Name: SRTSP
Time Written: 20100131123842.578125-000
Event Type: Erreur
User:

Computer Name: lafitte-Corp
Event Code: 15016
Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur.
Record Number: 204588
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20100131123904.626628-000
Event Type: Erreur
User:

Computer Name: lafitte-Corp
Event Code: 7000
Message: Le service Parallel port driver n'a pas pu démarrer en raison de l'erreur :
Le service ne peut pas être démarré parce qu'il est désactivé ou qu'aucun périphérique activé ne lui est associé.
Record Number: 204625
Source Name: Service Control Manager
Time Written: 20100131124027.000000-000
Event Type: Erreur
User:

Computer Name: lafitte-Corp
Event Code: 7022
Message: Le service Service HP CUE DeviceDiscovery est en attente de démarrage.
Record Number: 204662
Source Name: Service Control Manager
Time Written: 20100131124041.000000-000
Event Type: Erreur
User:

Computer Name: lafitte-Corp
Event Code: 7026
Message: Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
SRTSP
Record Number: 204666
Source Name: Service Control Manager
Time Written: 20100131124041.000000-000
Event Type: Erreur
User:

=====Application event log=====

Computer Name: lafitte-Corp
Event Code: 4113
Message: AntiVir a détecté dans le fichier C:\Program Files\Winsudate\gibsvc.exe un code suspect avec la désignation 'ADSPY/Gibmed.B.3'!
Record Number: 75890
Source Name: Avira AntiVir
Time Written: 20100131012525.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: lafitte-Corp
Event Code: 4113
Message: AntiVir a détecté dans le fichier C:\Program Files\Winsudate\gibsvc.exe un code suspect avec la désignation 'ADSPY/Gibmed.B.3'!
Record Number: 75891
Source Name: Avira AntiVir
Time Written: 20100131020212.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: lafitte-Corp
Event Code: 4113
Message: AntiVir a détecté dans le fichier C:\Users\PARENTS\AppData\Local\Temp\bis54AA.exe un code suspect avec la désignation 'TR/Dldr.Swizzor.Gen2'!
Record Number: 75892
Source Name: Avira AntiVir
Time Written: 20100131020637.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: lafitte-Corp
Event Code: 4113
Message: AntiVir a détecté dans le fichier C:\Program Files\Winsudate\gibsvc.exe un code suspect avec la désignation 'ADSPY/Gibmed.B.3'!
Record Number: 75893
Source Name: Avira AntiVir
Time Written: 20100131020934.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: lafitte-Corp
Event Code: 1002
Message: Le programme msnmsgr.exe version 14.0.8089.726 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans l’application Rapports et solutions aux problèmes du Panneau de configuration. ID de processus : 964 Heure de début : 01caa271138e4cfe Heure de fin : 60
Record Number: 75927
Source Name: Application Hang
Time Written: 20100131123445.000000-000
Event Type: Erreur
User:

=====Security event log=====

Computer Name: lafitte-Corp
Event Code: 4648
Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : LAFITTE-CORP$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Compte dont les informations d’identification ont été utilisées :
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Serveur cible :
Nom du serveur cible : localhost
Informations supplémentaires : localhost

Informations sur le processus :
ID du processus : 0x320
Nom du processus : C:\

| Alerter

Répondre à Coks

Destrio5

31 Janvier 2010 22:33:46

Je vois une infection Lop/Swizzor.

Télécharge Lop S&D (par Eric_71) sur ton Bureau.

Puis double-clique sur Lop S&D présent sur ton Bureau.
(Sous Vista, il faut cliquer droit sur Lop S&D et choisir Exécuter en tant qu'administrateur)

Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche).

Patiente jusqu'à la fin du scan.

Poste le rapport généré (C:\lopR.txt).

| Alerter

Répondre à Destrio5

Coks

2 Février 2010 19:01:51

recherche Lop S&D

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : PARENTS ( Not Administrator ! )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:227 Go (Free:59 Go)
D:\ (CD or DVD)
E:\ (Local Disk) - NTFS - Total:59 Go (Free:10 Go)
F:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)
K:\ (USB)
L:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 02/02/2010|19:56 )

[ UAC => 0 ]

--------------------\\ Listing des dossiers dans Local

[04/11/2009|12:21] C:\Users\PARENTS\AppData\Local\Adobe
[27/09/2007|18:42] C:\Users\PARENTS\AppData\Local\Ahead
[09/03/2008|12:26] C:\Users\PARENTS\AppData\Local\Apple Computer
[23/08/2007|19:38] C:\Users\PARENTS\AppData\Local\Application Data
[15/09/2008|18:48] C:\Users\PARENTS\AppData\Local\Apps
[03/02/2009|21:10] C:\Users\PARENTS\AppData\Local\Clavier+
[31/12/2009|21:45] C:\Users\PARENTS\AppData\Local\d3d9caps.dat
[24/01/2009|16:43] C:\Users\PARENTS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[15/09/2008|20:36] C:\Users\PARENTS\AppData\Local\Deployment
[15/10/2008|19:35] C:\Users\PARENTS\AppData\Local\DNA
[08/07/2009|00:34] C:\Users\PARENTS\AppData\Local\eMule
[15/09/2008|18:49] C:\Users\PARENTS\AppData\Local\EPS-FileDownloader
[14/04/2009|18:43] C:\Users\PARENTS\AppData\Local\GDIPFONTCACHEV1.DAT
[23/01/2010|21:47] C:\Users\PARENTS\AppData\Local\Google
[30/09/2009|20:19] C:\Users\PARENTS\AppData\Local\groups.im
[23/08/2007|19:38] C:\Users\PARENTS\AppData\Local\Historique
[21/10/2008|21:59] C:\Users\PARENTS\AppData\Local\HP
[31/01/2010|13:37] C:\Users\PARENTS\AppData\Local\IconCache.db
[17/10/2007|20:50] C:\Users\PARENTS\AppData\Local\IM
[06/12/2008|00:34] C:\Users\PARENTS\AppData\Local\Mango_Enterprise_-_http__
[10/03/2009|19:43] C:\Users\PARENTS\AppData\Local\MessengerGroup
[11/01/2010|09:44] C:\Users\PARENTS\AppData\Local\Microsoft
[26/08/2007|10:24] C:\Users\PARENTS\AppData\Local\Microsoft Games
[14/10/2007|18:51] C:\Users\PARENTS\AppData\Local\Mozilla
[28/01/2009|21:01] C:\Users\PARENTS\AppData\Local\Opera
[11/10/2007|18:51] C:\Users\PARENTS\AppData\Local\oxyidtndxh.dat
[10/12/2009|17:52] C:\Users\PARENTS\AppData\Local\PunkBuster
[31/01/2008|21:31] C:\Users\PARENTS\AppData\Local\Steam
[02/02/2010|19:55] C:\Users\PARENTS\AppData\Local\Temp
[23/08/2007|19:38] C:\Users\PARENTS\AppData\Local\Temporary Internet Files
[14/10/2007|12:18] C:\Users\PARENTS\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[02/02/2010 19:18][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[01/02/2010 21:18][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[02/02/2010 05:12][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{A31F4002-238A-45B7-A55A-161B716BEBE1}.job
[31/01/2010 13:39][--ah-----] C:\Windows\tasks\SA.DAT
[31/01/2010 13:37][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[08/01/2009|14:18] C:\ProgramData\{0D1E323F-9D1D-410B-9F3E-FBF24ECC2B05}
[01/02/2009|13:54] C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[08/01/2009|14:16] C:\ProgramData\{442B6EC3-77A0-4817-825F-67F47D7A2E54}
[08/01/2009|14:16] C:\ProgramData\{D6072FCA-C57E-4A39-92CE-3ABE6C6D694B}
[04/11/2009|12:22] C:\ProgramData\Adobe
[18/03/2009|12:31] C:\ProgramData\Ahead
[13/04/2009|13:13] C:\ProgramData\ALM
[26/02/2009|22:19] C:\ProgramData\ANGYHDL.txt
[11/11/2007|19:08] C:\ProgramData\Apple
[02/03/2008|08:36] C:\ProgramData\Apple Computer
[02/11/2006|14:02] C:\ProgramData\Application Data
[04/09/2008|19:36] C:\ProgramData\Avg8
[01/06/2009|12:52] C:\ProgramData\Avira
[21/01/2008|20:26] C:\ProgramData\AVS4YOU
[19/06/2009|19:26] C:\ProgramData\Azureus
[03/12/2009|12:08] C:\ProgramData\bits download body.4citl
[25/12/2007|02:51] C:\ProgramData\Bluetooth
[20/04/2008|14:24] C:\ProgramData\BM4ffc8a4f.txt
[25/04/2008|05:57] C:\ProgramData\BM4ffc8a4f.xml
[23/08/2007|19:27] C:\ProgramData\Bureau
[27/08/2007|16:48] C:\ProgramData\BVRP Software
[20/03/2008|16:32] C:\ProgramData\Creative
[25/06/2009|19:29] C:\ProgramData\DAEMON Tools Lite
[02/11/2006|14:02] C:\ProgramData\Desktop
[02/11/2006|14:02] C:\ProgramData\Documents
[13/01/2009|17:32] C:\ProgramData\EmailNotifier
[11/11/2007|19:00] C:\ProgramData\eMule
[11/03/2009|06:14] C:\ProgramData\ezsidmv.dat
[23/08/2007|19:27] C:\ProgramData\Favoris
[02/11/2006|14:02] C:\ProgramData\Favorites
[16/04/2009|10:45] C:\ProgramData\FLEXnet
[12/02/2009|19:01] C:\ProgramData\Google
[23/03/2009|18:33] C:\ProgramData\Google Updater
[21/10/2008|18:37] C:\ProgramData\Hewlett-Packard
[31/07/2009|23:24] C:\ProgramData\HP
[21/10/2008|18:33] C:\ProgramData\HP Product Assistant
[21/10/2008|18:35] C:\ProgramData\HPSSUPPLY
[23/09/2009|07:06] C:\ProgramData\hpzinstall.log
[14/05/2008|19:18] C:\ProgramData\Kaspersky Lab
[01/10/2008|19:33] C:\ProgramData\Lavasoft
[03/12/2009|12:07] C:\ProgramData\LongDashDash.bqsdus
[03/12/2009|12:07] C:\ProgramData\LongDashDash.uy5jk
[31/01/2010|02:59] C:\ProgramData\Malwarebytes
[23/08/2007|19:27] C:\ProgramData\Menu D‚marrer
[22/01/2010|23:47] C:\ProgramData\Messenger Plus!
[23/05/2009|13:27] C:\ProgramData\MGS
[23/05/2009|13:21] C:\ProgramData\Microgaming
[06/11/2009|20:34] C:\ProgramData\Microsoft
[23/08/2007|19:27] C:\ProgramData\ModŠles
[07/11/2007|19:04] C:\ProgramData\Motive
[14/10/2007|09:42] C:\ProgramData\Mozilla
[25/12/2007|01:34] C:\ProgramData\muvee Technologies
[08/01/2009|14:18] C:\ProgramData\Native Instruments
[18/03/2009|12:28] C:\ProgramData\Nero
[05/05/2009|09:45] C:\ProgramData\ntuser.pol
[12/12/2008|20:47] C:\ProgramData\NVIDIA
[27/02/2008|00:32] C:\ProgramData\pixelStorm
[19/11/2009|19:34] C:\ProgramData\Propellerhead Software
[25/04/2008|06:43] C:\ProgramData\pskt.ini
[24/01/2010|17:34] C:\ProgramData\Sizeencreal
[06/12/2009|01:01] C:\ProgramData\Skype
[01/06/2009|12:55] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|14:02] C:\ProgramData\Start Menu
[09/11/2008|18:03] C:\ProgramData\Symantec
[27/10/2008|18:57] C:\ProgramData\TEMP
[02/11/2006|14:02] C:\ProgramData\Templates
[28/08/2009|10:01] C:\ProgramData\TrackMania
[19/11/2008|23:05] C:\ProgramData\vlc-0.9.6-win32.exe
[28/03/2009|14:12] C:\ProgramData\WEBREG
[20/10/2008|02:15] C:\ProgramData\WindowsSearch
[16/12/2008|17:54] C:\ProgramData\WLInstaller
[11/08/2009|01:43] C:\ProgramData\Xfire
[21/12/2007|23:20] C:\ProgramData\Yahoo! Companion
[26/02/2009|21:56] C:\ProgramData\ZATNGAH.txt

--------------------\\ Listing des dossiers dans C:\Program Files

[27/08/2007|16:49] C:\Program Files\ABBYY FineReader 5.0 Sprint
[27/08/2007|16:48] C:\Program Files\ABBYY FineReader 6.0
[25/06/2009|19:46] C:\Program Files\Activision
[13/04/2009|13:13] C:\Program Files\Adobe
[01/11/2008|20:25] C:\Program Files\AlienGUIse
[17/10/2007|19:11] C:\Program Files\Alwil Software
[11/01/2009|16:54] C:\Program Files\Atlence
[18/04/2008|11:48] C:\Program Files\Audacity
[03/03/2009|19:25] C:\Program Files\AutoIt3
[06/01/2009|20:45] C:\Program Files\AVIConverter
[01/06/2009|12:52] C:\Program Files\Avira
[11/12/2008|18:14] C:\Program Files\AviSynth 2.5
[12/07/2009|12:02] C:\Program Files\AVS4YOU
[03/06/2008|21:06] C:\Program Files\AVSMedia
[15/02/2009|23:29] C:\Program Files\BitTorrent
[16/11/2007|21:09] C:\Program Files\BitTorrent_DNA
[01/02/2009|13:48] C:\Program Files\Bonjour
[12/01/2009|21:51] C:\Program Files\CA VMN Anti-Spyware
[07/11/2008|12:03] C:\Program Files\Cartoonist
[28/10/2008|19:10] C:\Program Files\CCleaner
[22/12/2007|16:28] C:\Program Files\CDex_170b2
[18/01/2010|20:44] C:\Program Files\Circle Developement
[08/03/2009|02:35] C:\Program Files\Cl‚ Internet de prˆt
[26/02/2008|23:11] C:\Program Files\Club-Internet
[06/12/2009|01:01] C:\Program Files\Common Files
[15/11/2008|01:47] C:\Program Files\Conduit
[09/11/2007|16:49] C:\Program Files\Controle Parental
[25/12/2007|01:39] C:\Program Files\Creative
[25/06/2009|19:13] C:\Program Files\DAEMON Tools Lite
[25/06/2009|19:13] C:\Program Files\DAEMON Tools Toolbar
[29/10/2009|12:47] C:\Program Files\DivX
[31/01/2010|13:47] C:\Program Files\DNA
[28/11/2009|20:05] C:\Program Files\DVDVideoSoft
[22/10/2008|10:04] C:\Program Files\eMule
[08/07/2009|00:30] C:\Program Files\eMule2
[11/12/2008|18:14] C:\Program Files\eRightSoft
[27/08/2007|16:48] C:\Program Files\FaxTools
[23/08/2007|19:27] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[16/02/2009|18:31] C:\Program Files\FileZilla FTP Client
[06/03/2008|22:42] C:\Program Files\Free Audio Pack
[14/05/2008|19:34] C:\Program Files\Free Easy Burner
[28/11/2009|20:02] C:\Program Files\Free FLV Converter
[01/02/2009|10:41] C:\Program Files\GIMP-2.0
[21/12/2009|09:58] C:\Program Files\Google
[14/10/2008|20:57] C:\Program Files\Google Hacks
[16/09/2008|19:29] C:\Program Files\Gravity
[17/10/2007|08:23] C:\Program Files\Grisoft
[30/09/2009|18:49] C:\Program Files\groups.im
[21/10/2008|18:32] C:\Program Files\Hewlett-Packard
[21/10/2008|18:35] C:\Program Files\HP
[19/01/2010|13:56] C:\Program Files\IDoser v4
[22/12/2007|16:14] C:\Program Files\Illustrate
[13/12/2008|15:03] C:\Program Files\Image-Line
[18/10/2007|18:46] C:\Program Files\IncrediMail
[10/10/2009|13:14] C:\Program Files\InstallShield Installation Information
[31/01/2010|03:09] C:\Program Files\Internet Explorer
[01/11/2008|20:26] C:\Program Files\Invisible Secrets 4
[01/02/2009|13:54] C:\Program Files\iPod
[01/02/2009|13:54] C:\Program Files\iTunes
[25/12/2007|02:46] C:\Program Files\IVT Corporation
[30/11/2008|16:20] C:\Program Files\Jasc Software Inc
[01/05/2009|11:37] C:\Program Files\Java
[26/04/2009|10:53] C:\Program Files\Kellogg's Asie
[01/10/2008|19:30] C:\Program Files\Lavasoft
[01/06/2008|21:12] C:\Program Files\Lexmark X1100 Series
[22/08/2009|11:05] C:\Program Files\LG Electronics
[10/10/2009|13:21] C:\Program Files\LG PC Suite II
[11/11/2007|20:11] C:\Program Files\LimeWire
[15/11/2008|02:45] C:\Program Files\Lphant
[15/11/2008|01:47] C:\Program Files\LphantBar
[31/01/2010|03:00] C:\Program Files\Malwarebytes' Anti-Malware
[21/01/2010|15:28] C:\Program Files\Messenger Plus! Live
[10/03/2009|19:42] C:\Program Files\MessengerGroup
[07/10/2007|17:55] C:\Program Files\Microprose
[07/11/2009|18:24] C:\Program Files\Microsoft
[02/11/2007|03:00] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|13:37] C:\Program Files\Microsoft Games
[23/01/2010|03:19] C:\Program Files\Microsoft Silverlight
[11/06/2008|18:49] C:\Program Files\Microsoft SQL Server Compact Edition
[27/08/2009|12:27] C:\Program Files\Microsoft WSE
[18/10/2008|11:12] C:\Program Files\Movie Maker
[31/01/2010|16:07] C:\Program Files\Mozilla Firefox
[02/11/2006|13:37] C:\Program Files\MSBuild
[10/10/2007|17:54] C:\Program Files\MSN Apps
[10/03/2009|19:42] C:\Program Files\MSN Messenger
[10/10/2007|17:54] C:\Program Files\MSN Toolbar
[16/05/2008|02:03] C:\Program Files\MSXML 4.0
[25/12/2007|01:35] C:\Program Files\muvee Technologies
[08/01/2009|14:18] C:\Program Files\Native Instruments
[29/01/2007|06:07] C:\Program Files\Nero
[24/10/2008|20:30] C:\Program Files\Notepad++
[12/02/2008|19:36] C:\Program Files\NRJ
[27/05/2008|14:15] C:\Program Files\OpenOffice.org 2.4
[28/01/2009|21:00] C:\Program Files\Opera
[11/01/2010|13:50] C:\Program Files\PhotoFiltre
[27/11/2008|21:24] C:\Program Files\PowerISO
[01/02/2009|13:47] C:\Program Files\QuickTime
[16/10/2008|19:30] C:\Program Files\RAR Password Cracker
[24/10/2007|17:49] C:\Program Files\Real
[10/07/2008|19:18] C:\Program Files\Red Storm Entertainment
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[11/05/2008|18:29] C:\Program Files\Registry Mechanic
[08/11/2007|18:51] C:\Program Files\rnamfler
[09/09/2007|18:37] C:\Program Files\Rockstar Games
[16/12/2007|18:30] C:\Program Files\SAGEM
[21/02/2008|13:58] C:\Program Files\Samsung
[19/09/2008|18:42] C:\Program Files\SC
[01/02/2009|01:38] C:\Program Files\SecondLife
[25/12/2007|01:33] C:\Program Files\SightSpeed
[06/12/2009|01:01] C:\Program Files\Skype
[03/10/2008|17:10] C:\Program Files\Spybot - Search & Destroy
[15/05/2008|20:12] C:\Program Files\Steam
[31/01/2010|13:48] C:\Program Files\Steam2
[11/02/2009|15:33] C:\Program Files\TeamViewer
[25/04/2009|10:54] C:\Program Files\The Cleaner Free
[20/12/2008|20:55] C:\Program Files\TmNationsForever
[31/01/2010|20:39] C:\Program Files\trend micro
[02/11/2006|14:01] C:\Program Files\Uninstall Information
[27/10/2008|13:19] C:\Program Files\uplink
[17/09/2008|17:23] C:\Program Files\VideoLAN
[20/02/2009|19:36] C:\Program Files\VirtualDJ
[12/01/2009|21:50] C:\Program Files\Visicom Media
[13/12/2008|15:10] C:\Program Files\VstPlugins
[23/11/2009|17:27] C:\Program Files\Vuze
[07/11/2007|18:36] C:\Program Files\Wanadoo
[18/10/2008|11:12] C:\Program Files\Windows Calendar
[18/10/2008|11:12] C:\Program Files\Windows Collaboration
[18/10/2008|11:12] C:\Program Files\Windows Defender
[18/10/2008|11:12] C:\Program Files\Windows Journal
[07/11/2009|18:27] C:\Program Files\Windows Live
[14/01/2010|03:03] C:\Program Files\Windows Mail
[12/02/2008|19:38] C:\Program Files\Windows Media Components
[28/10/2009|03:17] C:\Program Files\Windows Media Player
[23/08/2007|19:27] C:\Program Files\Windows NT
[18/10/2008|11:12] C:\Program Files\Windows Photo Gallery
[18/10/2008|11:12] C:\Program Files\Windows Sidebar
[04/02/2009|13:21] C:\Program Files\WinHTTrack
[21/12/2008|11:47] C:\Program Files\WinRAR
[10/12/2009|17:46] C:\Program Files\Wolfenstein - Enemy Territory
[11/08/2009|01:43] C:\Program Files\Xfire
[14/10/2007|09:37] C:\Program Files\Xvid
[21/12/2007|23:16] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[04/11/2009|12:20] C:\Program Files\Common Files\Adobe
[18/03/2009|12:30] C:\Program Files\Common Files\Ahead
[01/02/2009|13:54] C:\Program Files\Common Files\Apple
[11/01/2009|16:54] C:\Program Files\Common Files\Atlence
[21/01/2008|20:26] C:\Program Files\Common Files\AVSMedia
[29/10/2009|12:46] C:\Program Files\Common Files\DivX Shared
[28/11/2009|20:05] C:\Program Files\Common Files\DVDVideoSoft
[21/10/2008|18:32] C:\Program Files\Common Files\Hewlett-Packard
[21/10/2008|18:33] C:\Program Files\Common Files\HP
[11/05/2008|23:42] C:\Program Files\Common Files\InstallShield
[11/11/2007|18:46] C:\Program Files\Common Files\Java
[13/04/2009|13:07] C:\Program Files\Common Files\Macrovision Shared
[09/03/2009|03:00] C:\Program Files\Common Files\microsoft shared
[07/11/2007|18:37] C:\Program Files\Common Files\Motive
[25/12/2007|01:35] C:\Program Files\Common Files\muvee Technologies
[08/01/2009|14:16] C:\Program Files\Common Files\Native Instruments
[14/10/2007|09:42] C:\Program Files\Common Files\PX Storage Engine
[24/10/2007|17:50] C:\Program Files\Common Files\Real
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[06/12/2009|01:01] C:\Program Files\Common Files\Skype
[03/06/2008|20:48] C:\Program Files\Common Files\Softwin
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[05/09/2008|23:18] C:\Program Files\Common Files\Stardock
[31/12/2009|16:15] C:\Program Files\Common Files\Steam
[10/07/2008|19:23] C:\Program Files\Common Files\SWF Studio
[25/04/2008|06:18] C:\Program Files\Common Files\Symantec Shared
[18/10/2008|11:12] C:\Program Files\Common Files\System
[16/12/2008|15:03] C:\Program Files\Common Files\Windows Live
[11/06/2008|18:49] C:\Program Files\Common Files\WindowsLiveInstaller
[01/10/2008|19:29] C:\Program Files\Common Files\Wise Installation Wizard
[24/10/2007|17:50] C:\Program Files\Common Files\xing shared

--------------------\\ Process

( 76 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

C:\ProgramData\bits download body.4citl
C:\ProgramData\LongDashDash.uy5jk
C:\ProgramData\LongDashDash.bqsdus

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\Program Files\Circle Developement

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"program defy"="\"C:\\ProgramData\\LongDashDash.bqsdus\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-02 19:57:03
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1

--------------------\\ Recherche d'autres infections

--------------------\\ ROGUES ..

C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Spyware-Secure

--------------------\\ Cracks & Keygens ..

C:\Users\PARENTS\AppData\Local\Opera\Opera\profile\images\http%3A%2F%2Fwww.downloadcrackserialkeygen.com%2Ffavicon.ico
C:\Users\PARENTS\AppData\Local\Opera\Opera\profile\images\www.downloadcrackserialkeygen.com.idx
C:\Users\PARENTS\AppData\Roaming\BitTorrent\FARCRY 2 + CRACK.torrent
C:\Users\PARENTS\AppData\Roaming\Microsoft\Windows\Recent\Crack_unofficial.drg.lnk
C:\Users\PARENTS\Desktop\ACCESSOIRES\Rapidshare Database Searcher\Rapidshare Database Searcher\keygen.exe
C:\Users\PARENTS\Desktop\Hacking\dossier de hack\crack me
C:\Users\PARENTS\Desktop\Hacking\dossier de hack\crack me\crack me (tuto2)
C:\Users\PARENTS\Desktop\Hacking\dossier de hack\crack me\crack me daube(tuto1)
C:\Users\PARENTS\Desktop\Hacking\dossier de hack\crack me\crack me daube(tuto1)\readme.txt
C:\Users\PARENTS\Desktop\Hacking\dossier de hack\ollydbg 1.10\CrackGenMe v2.udd
C:\Users\PARENTS\Desktop\Hacking\dossier de hack\ollydbg 1.10\CrackGenMe#2_keyGen_by_rAsM.udd
C:\Users\PARENTS\Desktop\truc a joan\Winrar pro\keygen.exe
C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Dose Files\Crack.drg
C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Dose Files\Unofficial\Crack_unofficial.drg
C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Downloads\crakeur de mdp pour .rar-zip\crackeur nø=2
C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Downloads\crakeur de mdp pour .rar-zip\crackeur nø=2\ARCHPR.EXE
C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Downloads\crakeur de mdp pour .rar-zip\crackeur nø=2\archpr.log
C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Downloads\crakeur de mdp pour .rar-zip\crackeur nø=2\Fui descargado desde
C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Downloads\crakeur de mdp pour .rar-zip\crackeur nø=2\readme.txt
C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Downloads\crakeur de mdp pour .rar-zip\crackeur nø=2\setup.exe
C:\Users\PARENTS\Favorites\..CRACKWEB...url
C:\Users\PARENTS\Favorites\video Hack MSN Script By Seboss ! By Nicos11 - habbo, hacking, cracking - videos wideo.url

[F:543][D:41]-> C:\Users\PARENTS\AppData\Local\Temp
[F:55][D:1]-> C:\Users\PARENTS\AppData\Roaming\MICROS~1\Windows\Cookies
[F:560][D:4]-> C:\Users\PARENTS\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:396][D:17]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 02/02/2010|20:00 - Option : [1]

--------------------\\ Fin du rapport a 20:00:49
[ UAC => 1 ]

| Alerter

Répondre à Coks

Destrio5

2 Février 2010 20:30:54

Relance Lop S&D.
(Sous Vista, il faut cliquer droit sur Lop S&D et choisir Exécuter en tant qu'administrateur)

Choisis cette fois-ci l'option 2 (Suppression).

Ne ferme pas la fenêtre lors de la suppression !

Poste le rapport généré (C:\lopR.txt).

(Si le Bureau ne réapparaît pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

| Alerter

Répondre à Destrio5

Coks

2 Février 2010 20:43:42

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : PARENTS ( Not Administrator ! )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:227 Go (Free:59 Go)
D:\ (CD or DVD)
E:\ (Local Disk) - NTFS - Total:59 Go (Free:10 Go)
F:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)
K:\ (USB)
L:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 02/02/2010|21:39 )

[ UAC => 1 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\ProgramData\bits download body.4citl
Supprime! - C:\ProgramData\LongDashDash.uy5jk
Supprime! - C:\ProgramData\LongDashDash.bqsdus
Supprime! - C:\Program Files\Circle Developement
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans Local

[04/11/2009|12:21] C:\Users\PARENTS\AppData\Local\Adobe
[27/09/2007|18:42] C:\Users\PARENTS\AppData\Local\Ahead
[09/03/2008|12:26] C:\Users\PARENTS\AppData\Local\Apple Computer
[23/08/2007|19:38] C:\Users\PARENTS\AppData\Local\Application Data
[15/09/2008|18:48] C:\Users\PARENTS\AppData\Local\Apps
[03/02/2009|21:10] C:\Users\PARENTS\AppData\Local\Clavier+
[31/12/2009|21:45] C:\Users\PARENTS\AppData\Local\d3d9caps.dat
[24/01/2009|16:43] C:\Users\PARENTS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[15/09/2008|20:36] C:\Users\PARENTS\AppData\Local\Deployment
[15/10/2008|19:35] C:\Users\PARENTS\AppData\Local\DNA
[08/07/2009|00:34] C:\Users\PARENTS\AppData\Local\eMule
[15/09/2008|18:49] C:\Users\PARENTS\AppData\Local\EPS-FileDownloader
[14/04/2009|18:43] C:\Users\PARENTS\AppData\Local\GDIPFONTCACHEV1.DAT
[23/01/2010|21:47] C:\Users\PARENTS\AppData\Local\Google
[30/09/2009|20:19] C:\Users\PARENTS\AppData\Local\groups.im
[23/08/2007|19:38] C:\Users\PARENTS\AppData\Local\Historique
[21/10/2008|21:59] C:\Users\PARENTS\AppData\Local\HP
[31/01/2010|13:37] C:\Users\PARENTS\AppData\Local\IconCache.db
[17/10/2007|20:50] C:\Users\PARENTS\AppData\Local\IM
[06/12/2008|00:34] C:\Users\PARENTS\AppData\Local\Mango_Enterprise_-_http__
[10/03/2009|19:43] C:\Users\PARENTS\AppData\Local\MessengerGroup
[11/01/2010|09:44] C:\Users\PARENTS\AppData\Local\Microsoft
[26/08/2007|10:24] C:\Users\PARENTS\AppData\Local\Microsoft Games
[14/10/2007|18:51] C:\Users\PARENTS\AppData\Local\Mozilla
[28/01/2009|21:01] C:\Users\PARENTS\AppData\Local\Opera
[11/10/2007|18:51] C:\Users\PARENTS\AppData\Local\oxyidtndxh.dat
[10/12/2009|17:52] C:\Users\PARENTS\AppData\Local\PunkBuster
[31/01/2008|21:31] C:\Users\PARENTS\AppData\Local\Steam
[02/02/2010|21:39] C:\Users\PARENTS\AppData\Local\Temp
[23/08/2007|19:38] C:\Users\PARENTS\AppData\Local\Temporary Internet Files
[14/10/2007|12:18] C:\Users\PARENTS\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[02/02/2010 21:21][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[02/02/2010 21:18][--a------] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[02/02/2010 05:12][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{A31F4002-238A-45B7-A55A-161B716BEBE1}.job
[31/01/2010 13:39][--ah-----] C:\Windows\tasks\SA.DAT
[31/01/2010 13:37][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[08/01/2009|14:18] C:\ProgramData\{0D1E323F-9D1D-410B-9F3E-FBF24ECC2B05}
[01/02/2009|13:54] C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[08/01/2009|14:16] C:\ProgramData\{442B6EC3-77A0-4817-825F-67F47D7A2E54}
[08/01/2009|14:16] C:\ProgramData\{D6072FCA-C57E-4A39-92CE-3ABE6C6D694B}
[04/11/2009|12:22] C:\ProgramData\Adobe
[18/03/2009|12:31] C:\ProgramData\Ahead
[13/04/2009|13:13] C:\ProgramData\ALM
[26/02/2009|22:19] C:\ProgramData\ANGYHDL.txt
[11/11/2007|19:08] C:\ProgramData\Apple
[02/03/2008|08:36] C:\ProgramData\Apple Computer
[02/11/2006|14:02] C:\ProgramData\Application Data
[04/09/2008|19:36] C:\ProgramData\Avg8
[01/06/2009|12:52] C:\ProgramData\Avira
[21/01/2008|20:26] C:\ProgramData\AVS4YOU
[19/06/2009|19:26] C:\ProgramData\Azureus
[25/12/2007|02:51] C:\ProgramData\Bluetooth
[20/04/2008|14:24] C:\ProgramData\BM4ffc8a4f.txt
[25/04/2008|05:57] C:\ProgramData\BM4ffc8a4f.xml
[23/08/2007|19:27] C:\ProgramData\Bureau
[27/08/2007|16:48] C:\ProgramData\BVRP Software
[20/03/2008|16:32] C:\ProgramData\Creative
[25/06/2009|19:29] C:\ProgramData\DAEMON Tools Lite
[02/11/2006|14:02] C:\ProgramData\Desktop
[02/11/2006|14:02] C:\ProgramData\Documents
[13/01/2009|17:32] C:\ProgramData\EmailNotifier
[11/11/2007|19:00] C:\ProgramData\eMule
[11/03/2009|06:14] C:\ProgramData\ezsidmv.dat
[23/08/2007|19:27] C:\ProgramData\Favoris
[02/11/2006|14:02] C:\ProgramData\Favorites
[16/04/2009|10:45] C:\ProgramData\FLEXnet
[12/02/2009|19:01] C:\ProgramData\Google
[23/03/2009|18:33] C:\ProgramData\Google Updater
[21/10/2008|18:37] C:\ProgramData\Hewlett-Packard
[31/07/2009|23:24] C:\ProgramData\HP
[21/10/2008|18:33] C:\ProgramData\HP Product Assistant
[21/10/2008|18:35] C:\ProgramData\HPSSUPPLY
[23/09/2009|07:06] C:\ProgramData\hpzinstall.log
[14/05/2008|19:18] C:\ProgramData\Kaspersky Lab
[01/10/2008|19:33] C:\ProgramData\Lavasoft
[31/01/2010|02:59] C:\ProgramData\Malwarebytes
[23/08/2007|19:27] C:\ProgramData\Menu D‚marrer
[22/01/2010|23:47] C:\ProgramData\Messenger Plus!
[23/05/2009|13:27] C:\ProgramData\MGS
[23/05/2009|13:21] C:\ProgramData\Microgaming
[06/11/2009|20:34] C:\ProgramData\Microsoft
[23/08/2007|19:27] C:\ProgramData\ModŠles
[07/11/2007|19:04] C:\ProgramData\Motive
[14/10/2007|09:42] C:\ProgramData\Mozilla
[25/12/2007|01:34] C:\ProgramData\muvee Technologies
[08/01/2009|14:18] C:\ProgramData\Native Instruments
[18/03/2009|12:28] C:\ProgramData\Nero
[05/05/2009|09:45] C:\ProgramData\ntuser.pol
[12/12/2008|20:47] C:\ProgramData\NVIDIA
[27/02/2008|00:32] C:\ProgramData\pixelStorm
[19/11/2009|19:34] C:\ProgramData\Propellerhead Software
[25/04/2008|06:43] C:\ProgramData\pskt.ini
[24/01/2010|17:34] C:\ProgramData\Sizeencreal
[06/12/2009|01:01] C:\ProgramData\Skype
[01/06/2009|12:55] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|14:02] C:\ProgramData\Start Menu
[09/11/2008|18:03] C:\ProgramData\Symantec
[27/10/2008|18:57] C:\ProgramData\TEMP
[02/11/2006|14:02] C:\ProgramData\Templates
[28/08/2009|10:01] C:\ProgramData\TrackMania
[19/11/2008|23:05] C:\ProgramData\vlc-0.9.6-win32.exe
[28/03/2009|14:12] C:\ProgramData\WEBREG
[20/10/2008|02:15] C:\ProgramData\WindowsSearch
[16/12/2008|17:54] C:\ProgramData\WLInstaller
[11/08/2009|01:43] C:\ProgramData\Xfire
[21/12/2007|23:20] C:\ProgramData\Yahoo! Companion
[26/02/2009|21:56] C:\ProgramData\ZATNGAH.txt

--------------------\\ Listing des dossiers dans C:\Program Files

[27/08/2007|16:49] C:\Program Files\ABBYY FineReader 5.0 Sprint
[27/08/2007|16:48] C:\Program Files\ABBYY FineReader 6.0
[25/06/2009|19:46] C:\Program Files\Activision
[13/04/2009|13:13] C:\Program Files\Adobe
[01/11/2008|20:25] C:\Program Files\AlienGUIse
[17/10/2007|19:11] C:\Program Files\Alwil Software
[11/01/2009|16:54] C:\Program Files\Atlence
[18/04/2008|11:48] C:\Program Files\Audacity
[03/03/2009|19:25] C:\Program Files\AutoIt3
[06/01/2009|20:45] C:\Program Files\AVIConverter
[01/06/2009|12:52] C:\Program Files\Avira
[11/12/2008|18:14] C:\Program Files\AviSynth 2.5
[12/07/2009|12:02] C:\Program Files\AVS4YOU
[03/06/2008|21:06] C:\Program Files\AVSMedia
[15/02/2009|23:29] C:\Program Files\BitTorrent
[16/11/2007|21:09] C:\Program Files\BitTorrent_DNA
[01/02/2009|13:48] C:\Program Files\Bonjour
[12/01/2009|21:51] C:\Program Files\CA VMN Anti-Spyware
[07/11/2008|12:03] C:\Program Files\Cartoonist
[28/10/2008|19:10] C:\Program Files\CCleaner
[22/12/2007|16:28] C:\Program Files\CDex_170b2
[08/03/2009|02:35] C:\Program Files\Cl‚ Internet de prˆt
[26/02/2008|23:11] C:\Program Files\Club-Internet
[06/12/2009|01:01] C:\Program Files\Common Files
[15/11/2008|01:47] C:\Program Files\Conduit
[09/11/2007|16:49] C:\Program Files\Controle Parental
[25/12/2007|01:39] C:\Program Files\Creative
[25/06/2009|19:13] C:\Program Files\DAEMON Tools Lite
[25/06/2009|19:13] C:\Program Files\DAEMON Tools Toolbar
[29/10/2009|12:47] C:\Program Files\DivX
[31/01/2010|13:47] C:\Program Files\DNA
[28/11/2009|20:05] C:\Program Files\DVDVideoSoft
[22/10/2008|10:04] C:\Program Files\eMule
[08/07/2009|00:30] C:\Program Files\eMule2
[11/12/2008|18:14] C:\Program Files\eRightSoft
[27/08/2007|16:48] C:\Program Files\FaxTools
[23/08/2007|19:27] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[16/02/2009|18:31] C:\Program Files\FileZilla FTP Client
[06/03/2008|22:42] C:\Program Files\Free Audio Pack
[14/05/2008|19:34] C:\Program Files\Free Easy Burner
[28/11/2009|20:02] C:\Program Files\Free FLV Converter
[01/02/2009|10:41] C:\Program Files\GIMP-2.0
[02/02/2010|21:21] C:\Program Files\Google
[14/10/2008|20:57] C:\Program Files\Google Hacks
[16/09/2008|19:29] C:\Program Files\Gravity
[17/10/2007|08:23] C:\Program Files\Grisoft
[30/09/2009|18:49] C:\Program Files\groups.im
[21/10/2008|18:32] C:\Program Files\Hewlett-Packard
[21/10/2008|18:35] C:\Program Files\HP
[19/01/2010|13:56] C:\Program Files\IDoser v4
[22/12/2007|16:14] C:\Program Files\Illustrate
[13/12/2008|15:03] C:\Program Files\Image-Line
[18/10/2007|18:46] C:\Program Files\IncrediMail
[10/10/2009|13:14] C:\Program Files\InstallShield Installation Information
[31/01/2010|03:09] C:\Program Files\Internet Explorer
[01/11/2008|20:26] C:\Program Files\Invisible Secrets 4
[01/02/2009|13:54] C:\Program Files\iPod
[01/02/2009|13:54] C:\Program Files\iTunes
[25/12/2007|02:46] C:\Program Files\IVT Corporation
[30/11/2008|16:20] C:\Program Files\Jasc Software Inc
[01/05/2009|11:37] C:\Program Files\Java
[26/04/2009|10:53] C:\Program Files\Kellogg's Asie
[01/10/2008|19:30] C:\Program Files\Lavasoft
[01/06/2008|21:12] C:\Program Files\Lexmark X1100 Series
[22/08/2009|11:05] C:\Program Files\LG Electronics
[10/10/2009|13:21] C:\Program Files\LG PC Suite II
[11/11/2007|20:11] C:\Program Files\LimeWire
[15/11/2008|02:45] C:\Program Files\Lphant
[15/11/2008|01:47] C:\Program Files\LphantBar
[31/01/2010|03:00] C:\Program Files\Malwarebytes' Anti-Malware
[21/01/2010|15:28] C:\Program Files\Messenger Plus! Live
[10/03/2009|19:42] C:\Program Files\MessengerGroup
[07/10/2007|17:55] C:\Program Files\Microprose
[07/11/2009|18:24] C:\Program Files\Microsoft
[02/11/2007|03:00] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[02/11/2006|13:37] C:\Program Files\Microsoft Games
[23/01/2010|03:19] C:\Program Files\Microsoft Silverlight
[11/06/2008|18:49] C:\Program Files\Microsoft SQL Server Compact Edition
[27/08/2009|12:27] C:\Program Files\Microsoft WSE
[18/10/2008|11:12] C:\Program Files\Movie Maker
[31/01/2010|16:07] C:\Program Files\Mozilla Firefox
[02/11/2006|13:37] C:\Program Files\MSBuild
[10/10/2007|17:54] C:\Program Files\MSN Apps
[10/03/2009|19:42] C:\Program Files\MSN Messenger
[10/10/2007|17:54] C:\Program Files\MSN Toolbar
[16/05/2008|02:03] C:\Program Files\MSXML 4.0
[25/12/2007|01:35] C:\Program Files\muvee Technologies
[08/01/2009|14:18] C:\Program Files\Native Instruments
[29/01/2007|06:07] C:\Program Files\Nero
[24/10/2008|20:30] C:\Program Files\Notepad++
[12/02/2008|19:36] C:\Program Files\NRJ
[27/05/2008|14:15] C:\Program Files\OpenOffice.org 2.4
[28/01/2009|21:00] C:\Program Files\Opera
[11/01/2010|13:50] C:\Program Files\PhotoFiltre
[27/11/2008|21:24] C:\Program Files\PowerISO
[01/02/2009|13:47] C:\Program Files\QuickTime
[16/10/2008|19:30] C:\Program Files\RAR Password Cracker
[24/10/2007|17:49] C:\Program Files\Real
[10/07/2008|19:18] C:\Program Files\Red Storm Entertainment
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[11/05/2008|18:29] C:\Program Files\Registry Mechanic
[08/11/2007|18:51] C:\Program Files\rnamfler
[09/09/2007|18:37] C:\Program Files\Rockstar Games
[16/12/2007|18:30] C:\Program Files\SAGEM
[21/02/2008|13:58] C:\Program Files\Samsung
[19/09/2008|18:42] C:\Program Files\SC
[01/02/2009|01:38] C:\Program Files\SecondLife
[25/12/2007|01:33] C:\Program Files\SightSpeed
[06/12/2009|01:01] C:\Program Files\Skype
[03/10/2008|17:10] C:\Program Files\Spybot - Search & Destroy
[15/05/2008|20:12] C:\Program Files\Steam
[31/01/2010|13:48] C:\Program Files\Steam2
[11/02/2009|15:33] C:\Program Files\TeamViewer
[25/04/2009|10:54] C:\Program Files\The Cleaner Free
[20/12/2008|20:55] C:\Program Files\TmNationsForever
[31/01/2010|20:39] C:\Program Files\trend micro
[02/11/2006|14:01] C:\Program Files\Uninstall Information
[27/10/2008|13:19] C:\Program Files\uplink
[17/09/2008|17:23] C:\Program Files\VideoLAN
[20/02/2009|19:36] C:\Program Files\VirtualDJ
[12/01/2009|21:50] C:\Program Files\Visicom Media
[13/12/2008|15:10] C:\Program Files\VstPlugins
[23/11/2009|17:27] C:\Program Files\Vuze
[07/11/2007|18:36] C:\Program Files\Wanadoo
[18/10/2008|11:12] C:\Program Files\Windows Calendar
[18/10/2008|11:12] C:\Program Files\Windows Collaboration
[18/10/2008|11:12] C:\Program Files\Windows Defender
[18/10/2008|11:12] C:\Program Files\Windows Journal
[07/11/2009|18:27] C:\Program Files\Windows Live
[14/01/2010|03:03] C:\Program Files\Windows Mail
[12/02/2008|19:38] C:\Program Files\Windows Media Components
[28/10/2009|03:17] C:\Program Files\Windows Media Player
[23/08/2007|19:27] C:\Program Files\Windows NT
[18/10/2008|11:12] C:\Program Files\Windows Photo Gallery
[18/10/2008|11:12] C:\Program Files\Windows Sidebar
[04/02/2009|13:21] C:\Program Files\WinHTTrack
[21/12/2008|11:47] C:\Program Files\WinRAR
[10/12/2009|17:46] C:\Program Files\Wolfenstein - Enemy Territory
[11/08/2009|01:43] C:\Program Files\Xfire
[14/10/2007|09:37] C:\Program Files\Xvid
[21/12/2007|23:16] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[04/11/2009|12:20] C:\Program Files\Common Files\Adobe
[18/03/2009|12:30] C:\Program Files\Common Files\Ahead
[01/02/2009|13:54] C:\Program Files\Common Files\Apple
[11/01/2009|16:54] C:\Program Files\Common Files\Atlence
[21/01/2008|20:26] C:\Program Files\Common Files\AVSMedia
[29/10/2009|12:46] C:\Program Files\Common Files\DivX Shared
[28/11/2009|20:05] C:\Program Files\Common Files\DVDVideoSoft
[21/10/2008|18:32] C:\Program Files\Common Files\Hewlett-Packard
[21/10/2008|18:33] C:\Program Files\Common Files\HP
[11/05/2008|23:42] C:\Program Files\Common Files\InstallShield
[11/11/2007|18:46] C:\Program Files\Common Files\Java
[13/04/2009|13:07] C:\Program Files\Common Files\Macrovision Shared
[09/03/2009|03:00] C:\Program Files\Common Files\microsoft shared
[07/11/2007|18:37] C:\Program Files\Common Files\Motive
[25/12/2007|01:35] C:\Program Files\Common Files\muvee Technologies
[08/01/2009|14:16] C:\Program Files\Common Files\Native Instruments
[14/10/2007|09:42] C:\Program Files\Common Files\PX Storage Engine
[24/10/2007|17:50] C:\Program Files\Common Files\Real
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[06/12/2009|01:01] C:\Program Files\Common Files\Skype
[03/06/2008|20:48] C:\Program Files\Common Files\Softwin
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[05/09/2008|23:18] C:\Program Files\Common Files\Stardock
[31/12/2009|16:15] C:\Program Files\Common Files\Steam
[10/07/2008|19:23] C:\Program Files\Common Files\SWF Studio
[25/04/2008|06:18] C:\Program Files\Common Files\Symantec Shared
[18/10/2008|11:12] C:\Program Files\Common Files\System
[16/12/2008|15:03] C:\Program Files\Common Files\Windows Live
[11/06/2008|18:49] C:\Program Files\Common Files\WindowsLiveInstaller
[01/10/2008|19:29] C:\Program Files\Common Files\Wise Installation Wizard
[24/10/2007|17:50] C:\Program Files\Common Files\xing shared

--------------------\\ Process

( 75 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-02 21:39:54
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1

--------------------\\ Recherche d'autres infections

--------------------\\ ROGUES ..

C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Spyware-Secure

--------------------\\ Cracks & Keygens ..

C:\Users\PARENTS\AppData\Local\Opera\Opera\profile\images\http%3A%2F%2Fwww.downloadcrackserialkeygen.com%2Ffavicon.ico
C:\Users\PARENTS\AppData\Local\Opera\Opera\profile\images\www.downloadcrackserialkeygen.com.idx
C:\Users\PARENTS\AppData\Roaming\BitTorrent\FARCRY 2 + CRACK.torrent
C:\Users\PARENTS\AppData\Roaming\Microsoft\Windows\Recent\Crack_unofficial.drg.lnk
C:\Users\PARENTS\Desktop\ACCESSOIRES\Rapidshare Database Searcher\Rapidshare Database Searcher\keygen.exe
C:\Users\PARENTS\Desktop\Hacking\dossier de hack\crack me
C:\Users\PARENTS\Desktop\Hacking\dossier de hack\crack me\crack me (tuto2)
C:\Users\PARENTS\Desktop\Hacking\dossier de hack\crack me\crack me daube(tuto1)
C:\Users\PARENTS\Desktop\Hacking\dossier de hack\crack me\crack me daube(tuto1)\readme.txt
C:\Users\PARENTS\Desktop\Hacking\dossier de hack\ollydbg 1.10\CrackGenMe v2.udd
C:\Users\PARENTS\Desktop\Hacking\dossier de hack\ollydbg 1.10\CrackGenMe#2_keyGen_by_rAsM.udd
C:\Users\PARENTS\Desktop\truc a joan\Winrar pro\keygen.exe
C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Dose Files\Crack.drg
C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Dose Files\Unofficial\Crack_unofficial.drg
C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Downloads\crakeur de mdp pour .rar-zip\crackeur nø=2
C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Downloads\crakeur de mdp pour .rar-zip\crackeur nø=2\ARCHPR.EXE
C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Downloads\crakeur de mdp pour .rar-zip\crackeur nø=2\archpr.log
C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Downloads\crakeur de mdp pour .rar-zip\crackeur nø=2\Fui descargado desde
C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Downloads\crakeur de mdp pour .rar-zip\crackeur nø=2\readme.txt
C:\Users\PARENTS\Downloads\eMule\Incoming\ma musique\Documents\Downloads\crakeur de mdp pour .rar-zip\crackeur nø=2\setup.exe
C:\Users\PARENTS\Favorites\..CRACKWEB...url
C:\Users\PARENTS\Favorites\video Hack MSN Script By Seboss ! By Nicos11 - habbo, hacking, cracking - videos wideo.url

[F:545][D:41]-> C:\Users\PARENTS\AppData\Local\Temp
[F:55][D:1]-> C:\Users\PARENTS\AppData\Roaming\MICROS~1\Windows\Cookies
[F:561][D:4]-> C:\Users\PARENTS\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:398][D:17]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 02/02/2010|20:00 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 02/02/2010|21:43 - Option : [2]

--------------------\\ Fin du rapport a 21:43:18
[ UAC => 1 ]

| Alerter

Répondre à Coks

Destrio5

2 Février 2010 21:08:14

Télécharge SystemLook sur ton Bureau.

Clique droit sur SystemLook.exe et choisis Exécuter en tant qu'administrateur.

Copie-colle le contenu du cadre ci-dessous dans la zone texte de SystemLook :

:dir
C:\ProgramData\Sizeencreal

Clique sur le bouton Look pour démarrer l'examen.

A la fin, le Bloc-notes s'ouvre avec le résultat de l'analyse. Copie-colle le rapport dans ta prochaine réponse.
Note : Le rapport peut aussi être trouvé sur ton Bureau sous le nom SystemLook.txt

| Alerter

Répondre à Destrio5

Coks

3 Février 2010 12:53:29

analyse SystemLook:

SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 13:52 on 03/02/2010 by PARENTS (Administrator - Elevation successful)

========== dir ==========

C:\ProgramData\Sizeencreal - Parameters: "(none)"

---Files---
Hope error anti.exe --a--- 442368 bytes [11:07 03/12/2009] [11:07 03/12/2009]

---Folders---
None found.

-=End Of File=-

| Alerter

Répondre à Coks

Destrio5

3 Février 2010 13:51:24

C'est bien un dossier Lop/Swizzor.

Refais un scan RSIT et poste le rapport log.

| Alerter

Répondre à Destrio5

Coks

3 Février 2010 14:29:13

contenu de log.txt:

Logfile of random's system information tool 1.06 (written by random/random)
Run by PARENTS at 2010-02-03 15:27:11
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 60 GB (26%) free of 233 GB
Total RAM: 2046 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:27:30, on 03/02/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\conime.exe
C:\Windows\V0420Mon.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DNA\btdna.exe
C:\Users\PARENTS\AppData\Local\Clavier+\Clavier.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe
C:\Program Files\Opera\opera.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\PARENTS\Desktop\RSIT.exe
C:\Program Files\trend micro\PARENTS.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: LphantBar Toolbar - {6b284373-1765-4464-a587-80fbc2b2eefa} - C:\Program Files\LphantBar\tbLpha.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: LphantBar Toolbar - {6b284373-1765-4464-a587-80fbc2b2eefa} - C:\Program Files\LphantBar\tbLpha.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: LphantBar Toolbar - {6b284373-1765-4464-a587-80fbc2b2eefa} - C:\Program Files\LphantBar\tbLpha.dll
O3 - Toolbar: (no name) - {A057A204-BACC-4D26-8287-79A187E26987} - (no file)
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [V0420Mon.exe] C:\Windows\V0420Mon.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam2\Steam.exe" -silent
O4 - HKCU\..\Run: [Clavier+] C:\Users\PARENTS\AppData\Local\Clavier+\Clavier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Program Files\Opera\Program\Plugins\NPSWF32_FlashUtil.exe -p
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpld...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/Gam...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://11lolori11.spaces.live.com/PhotoUpload/VistaMsnP...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\System32\LEXBCES.EXE
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe

--
End of file - 12652 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{A31F4002-238A-45B7-A55A-161B716BEBE1}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6b284373-1765-4464-a587-80fbc2b2eefa}]
LphantBar Toolbar - C:\Program Files\LphantBar\tbLpha.dll [2008-09-15 1784856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-02-12 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-02-12 657904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-02-12 522224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll [2005-02-07 203464]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]
{6b284373-1765-4464-a587-80fbc2b2eefa} - LphantBar Toolbar - C:\Program Files\LphantBar\tbLpha.dll [2008-09-15 1784856]
{A057A204-BACC-4D26-8287-79A187E26987}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-02-12 251504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"V0420Mon.exe"=C:\Windows\V0420Mon.exe [2007-04-30 32768]
"RegistryMechanic"= []
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-29 4317184]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2008-11-02 167936]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-09-17 13580832]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-09-17 92704]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-01-06 290088]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2008-05-28 570664]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"WPCUMI"=C:\Windows\system32\WpcUmi.exe [2006-11-02 176128]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
""= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-10-24 68856]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856]
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2010-01-31 323392]
"Speech Recognition"=C:\Windows\Speech\Common\sapisvr.exe [2008-01-19 49664]
"Steam"=C:\Program Files\Steam2\Steam.exe [2009-10-28 1217808]
"Clavier+"=C:\Users\PARENTS\AppData\Local\Clavier+\Clavier.exe [2007-10-21 88576]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2008-01-22 152872]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2009-10-09 25623336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Program Files\Opera\Program\Plugins\NPSWF32_FlashUtil.exe [2009-07-18 257440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnumanLive]
C:\Users\PARENTS\AppData\Roaming\Anuman Interactive\AnumanLive\AnumanLive.exe [2007-10-30 347136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative Live! Cam Manager]
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe [2007-06-07 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
C:\Windows\ehome\ehTray.exe [2008-01-19 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\MsnMsgr.Exe /background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwhypbpydz]
c:\users\parents\appdata\local\mwhypbpydz.exe mwhypbpydz []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
C:\Program Files\Spyware Doctor\SDTrayApp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shareaza]
C:\Program Files\Shareaza\Shareaza.exe -tray []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\Steam.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-10-24 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
C:\PROGRA~1\Adobe\READER~1.0\Reader\ADOBEC~1.EXE [2009-02-27 542096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Reader.lnk]
C:\PROGRA~1\Adobe\READER~1.0\Reader\READER~1.EXE [2009-10-03 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Outil de mise à jour Google.lnk]
C:\PROGRA~1\Google\GOOGLE~2\GOOGLE~1.EXE [2008-10-10 161264]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\PARENTS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Club Internet.lnk - C:\Program Files\Club-Internet\Lanceur\lanceur.exe
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="wbsys.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
C:\Program Files\AlienGUIse\fastload.dll [2001-12-20 24576]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"RunStartupScriptSync"=1
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"FilterAdministratorToken"=1
"RunStartupScriptSync"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2c27af1b-ac0b-11dc-a2d0-001a922cce5e}]
shell\AutoRun\command - L:\usb\run.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f4b2f128-51a5-11dc-bd95-806e6f6e6963}]
shell\AutoRun\command - F:\autorun.bat

======List of files/folders created in the last 1 months======

2010-02-02 19:56:48 ----A---- C:\lopR.txt
2010-02-02 19:55:39 ----D---- C:\Lop SD
2010-01-31 20:39:12 ----D---- C:\Program Files\trend micro
2010-01-31 20:39:11 ----D---- C:\rsit
2010-01-31 13:36:20 ----D---- C:\Ad-Remover
2010-01-31 03:00:06 ----D---- C:\Users\PARENTS\AppData\Roaming\Malwarebytes
2010-01-31 02:59:57 ----D---- C:\ProgramData\Malwarebytes
2010-01-31 02:59:57 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-01-22 10:56:57 ----A---- C:\Windows\system32\wininet.dll
2010-01-22 10:56:57 ----A---- C:\Windows\system32\occache.dll
2010-01-22 10:56:57 ----A---- C:\Windows\system32\mshtml.dll
2010-01-22 10:56:56 ----A---- C:\Windows\system32\urlmon.dll
2010-01-22 10:56:55 ----A---- C:\Windows\system32\ieframe.dll
2010-01-22 10:56:54 ----A---- C:\Windows\system32\msfeeds.dll
2010-01-22 10:56:54 ----A---- C:\Windows\system32\iertutil.dll
2010-01-22 10:56:54 ----A---- C:\Windows\system32\iedkcs32.dll
2010-01-22 10:56:54 ----A---- C:\Windows\system32\ieapfltr.dll
2010-01-22 10:56:53 ----A---- C:\Windows\system32\mstime.dll
2010-01-22 10:56:53 ----A---- C:\Windows\system32\ieUnatt.exe
2010-01-22 10:56:53 ----A---- C:\Windows\system32\iepeers.dll
2010-01-22 10:56:53 ----A---- C:\Windows\system32\ieencode.dll
2010-01-22 10:56:53 ----A---- C:\Windows\system32\ieaksie.dll
2010-01-22 10:56:52 ----A---- C:\Windows\system32\jsproxy.dll
2010-01-19 13:56:49 ----D---- C:\Program Files\IDoser v4
2010-01-13 09:49:03 ----A---- C:\Windows\system32\t2embed.dll
2010-01-13 09:49:03 ----A---- C:\Windows\system32\fontsub.dll
2010-01-11 13:50:33 ----D---- C:\Users\PARENTS\AppData\Roaming\PhotoFiltre
2010-01-11 13:50:28 ----D---- C:\Program Files\PhotoFiltre
2010-01-11 13:48:27 ----A---- C:\Windows\Instaler Setup Log.txt
2010-01-05 16:39:25 ----D---- C:\Rummy Royal

======List of files/folders modified in the last 1 months======

2010-02-03 15:27:30 ----D---- C:\Windows\TEMP
2010-02-03 15:27:16 ----D---- C:\Windows\Prefetch
2010-02-03 15:24:35 ----D---- C:\Users\PARENTS\AppData\Roaming\DNA
2010-02-03 12:47:21 ----D---- C:\Windows\tracing
2010-02-03 01:36:33 ----SHD---- C:\System Volume Information
2010-02-02 22:25:00 ----D---- C:\Windows\System32
2010-02-02 22:25:00 ----D---- C:\Windows\inf
2010-02-02 22:25:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-02-02 21:39:44 ----RD---- C:\Program Files
2010-02-02 21:39:44 ----HD---- C:\ProgramData
2010-02-02 21:21:42 ----SHD---- C:\Windows\Installer
2010-02-02 21:21:16 ----D---- C:\Program Files\Google
2010-01-31 16:07:35 ----D---- C:\Program Files\Mozilla Firefox
2010-01-31 13:48:32 ----D---- C:\Program Files\Steam2
2010-01-31 13:48:15 ----D---- C:\Users\PARENTS\AppData\Roaming\OpenOffice.org2
2010-01-31 13:47:07 ----D---- C:\Program Files\DNA
2010-01-31 13:27:30 ----D---- C:\Windows\system32\drivers
2010-01-31 13:26:38 ----D---- C:\Windows\system32\catroot2
2010-01-31 03:09:36 ----D---- C:\Program Files\Internet Explorer
2010-01-31 02:35:13 ----D---- C:\Windows
2010-01-29 10:47:34 ----D---- C:\Windows\system32\Macromed
2010-01-24 17:34:01 ----D---- C:\ProgramData\Sizeencreal
2010-01-23 03:19:10 ----D---- C:\Program Files\Microsoft Silverlight
2010-01-23 03:02:15 ----D---- C:\Windows\winsxs
2010-01-22 23:47:41 ----D---- C:\ProgramData\Messenger Plus!
2010-01-22 10:54:21 ----D---- C:\Windows\system32\catroot
2010-01-21 15:28:59 ----D---- C:\Program Files\Messenger Plus! Live
2010-01-21 03:10:49 ----SHD---- C:\$Recycle.Bin
2010-01-20 15:44:47 ----D---- C:\Users\PARENTS\AppData\Roaming\BitTorrent
2010-01-20 08:00:15 ----D---- C:\Users\PARENTS\AppData\Roaming\skypePM
2010-01-18 23:30:17 ----D---- C:\Users\PARENTS\AppData\Roaming\Skype
2010-01-14 11:12:06 ----N---- C:\Windows\system32\MpSigStub.exe
2010-01-14 03:03:34 ----D---- C:\Program Files\Windows Mail
2010-01-05 01:17:46 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2008-10-15 371248]
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2007-12-24 111632]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-11-02 56572]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2007-11-30 43696]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-07-13 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-12-10 56816]
R3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys [2006-11-22 34576]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys [2006-11-22 27792]
R3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys [2006-11-22 18320]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-01-02 1668456]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-17 7379872]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-19 8192]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-11-24 50688]
R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-19 73088]
R3 V0420VID;Live! Cam Vista IM (VF0420); C:\Windows\system32\DRIVERS\V0420Vid.sys [2007-05-31 99648]
R3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys [2006-11-22 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys [2006-11-22 44304]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080421.002\IDSvix86.sys []
S1 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2007-11-30 279088]
S3 ad00qzf1;ad00qzf1; C:\Windows\system32\drivers\ad00qzf1.sys []
S3 BDFsDrv;BDFsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []
S3 BDRsDrv;BDRsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2006-11-22 33936]
S3 catchme;catchme; \??\C:\TRISTAN\catchme.sys []
S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2007-04-05 19712]
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [2007-04-05 18304]
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080421.003\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080421.003\NAVEX15.SYS []
S3 Nokia USB Generic;Nokia USB Generic; C:\Windows\system32\drivers\nmwcdc.sys [2005-10-13 8704]
S3 Nokia USB Modem;Nokia USB Modem; C:\Windows\system32\drivers\nmwcdcm.sys [2005-10-13 12800]
S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\Windows\system32\drivers\nmwcd.sys [2005-10-13 124928]
S3 PCAMPR4;PCAMPR4 NDIS Protocol Driver; \??\C:\Windows\system32\PCAMPR4.SYS []
S3 PCANDIS4;PCANDIS4 NDIS Protocol Driver; \??\C:\Windows\system32\PCANDIS4.SYS []
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2007-11-30 317616]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2005-08-17 8272]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2005-08-17 93872]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\Windows\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\Windows\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2007-12-25 123952]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-02-18 30464]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 vtany;vtany; \??\C:\Windows\vtany.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S3 xhunter1;xhunter1; \??\C:\Windows\xhunter1.sys [2009-08-11 50688]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2008-07-08 103936]
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2008-07-08 103936]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2008-07-08 103936]
S4 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2006-05-11 247808]
S4 nvatabus;nvatabus; C:\Windows\system32\drivers\nvatabus.sys [2006-07-14 105088]
S4 viamraid;viamraid; C:\Windows\system32\drivers\viamraid.sys [2006-03-31 100992]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-10-01 611664]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-18 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 LexBceS;LexBce Server; C:\Windows\System32\LEXBCES.EXE [2003-08-18 303104]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-17 196608]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-12-10 75064]
R2 TeamViewer4;TeamViewer 4; C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe [2009-01-28 185640]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-01-06 536872]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-26 135664]
S2 SymAppCore;Symantec AppCore Service; C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [2007-02-19 47712]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-04-13 655624]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2008-04-08 800040]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-12-30 321320]

-----------------EOF-----------------

| Alerter

Répondre à Coks

Destrio5

3 Février 2010 14:43:32

Télécharge OTM (OldTimer) sur ton Bureau.

Clique droit sur OTM.exe et choisis Exécuter en tant qu'administrateur.

Copie (Ctrl+C) le texte suivant ci-dessous :

:processes
explorer.exe

:reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2c27af1b-ac0b-11dc-a2d0-001a922cce5e}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f4b2f128-51a5-11dc-bd95-806e6f6e6963}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwhypbpydz]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{A057A204-BACC-4D26-8287-79A187E26987}"=-

:files
C:\ProgramData\Sizeencreal

:commands
[emptytemp]
[reboot]

Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

Clique maintenant sur le bouton MoveIt! puis ferme OTM.

---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
---> Le nom du rapport correspond au moment de sa création : date_heure.log

| Alerter

Répondre à Destrio5

Coks

3 Février 2010 15:09:28

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2c27af1b-ac0b-11dc-a2d0-001a922cce5e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2c27af1b-ac0b-11dc-a2d0-001a922cce5e}\ not found.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f4b2f128-51a5-11dc-bd95-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f4b2f128-51a5-11dc-bd95-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwhypbpydz\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{A057A204-BACC-4D26-8287-79A187E26987} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-8287-79A187E26987}\ not found.
========== FILES ==========
C:\ProgramData\Sizeencreal folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: BENJAMIN
->Temp folder emptied: 2794843 bytes
->Temporary Internet Files folder emptied: 66456808 bytes
->Java cache emptied: 13690324 bytes
->Opera cache emptied: 10137340 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: laurie
->Temp folder emptied: 499875 bytes
->Temporary Internet Files folder emptied: 54101131 bytes

User: PARENTS
->Temp folder emptied: 49791023 bytes
->Temporary Internet Files folder emptied: 6349159 bytes
->Java cache emptied: 79060472 bytes
->FireFox cache emptied: 129738701 bytes
->Google Chrome cache emptied: 9016507 bytes
->Opera cache emptied: 436197433 bytes

User: Public

User: TOKEN
->Temp folder emptied: 46290665 bytes
->Temporary Internet Files folder emptied: 98664236 bytes
->FireFox cache emptied: 11426117 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1966559 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 1984657 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 7620214 bytes
RecycleBin emptied: 724279693 bytes

Total Files Cleaned = 1 669,00 mb

OTM by OldTimer - Version 3.1.7.1 log created on 02032010_155622

Files moved on Reboot...
File move failed. C:\Users\TOKEN\AppData\Local\Temp\hsperfdata_TOKEN\1708 scheduled to be moved on reboot.

Registry entries deleted on Reboot...

| Alerter

Répondre à Coks

Destrio5

3 Février 2010 15:26:43

Plus de souci ?

Mets à jour Java.

Mets à jour Adobe Reader.

| Alerter

Répondre à Destrio5

Coks

3 Février 2010 15:31:17

plus de soucis :bounce:

merci beaucoup simpa de ta part

| Alerter

Répondre à Coks

Destrio5

3 Février 2010 15:39:36

1/

Désinstalle HijackThis.

Télécharge ToolsCleaner2 sur ton Bureau.

Clique droit sur ToolsCleaner2.exe et choisis Exécuter en tant qu'administrateur.

Clique sur Recherche et laisse le scan agir.

Clique sur Suppression pour finaliser.

Tu peux, si tu le souhaites, te servir des Options Facultatives.

Clique sur Quitter pour obtenir le rapport.

Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

2/

Télécharge et installe CCleaner Slim.

Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....

Va dans Nettoyeur, choisis Analyser. Une fois terminé, lance le nettoyage.

3/

Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.

==Prévention==

Réactive l'UAC si ce n'est pas déjà fait.

Pour supprimer les popups d'AntiVir : Lien

Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

Par rapport au P2P : Lien

Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien

==Problème résolu ?==

--> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :

Clique, dans ton premier message, sur le bouton Editer

.

Ajoute la mention [Résolu] devant le titre.

Clique ensuite sur Valider votre message.

Sois plus vigilant(e) sur Internet

| Alerter

Répondre à Destrio5

Coks

3 Février 2010 16:18:30

raport tools cleaner2:

[ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\Combofix.txt: trouvé !
C:\lopR.txt: trouvé !
C:\Lop SD: trouvé !
C:\Qoobox: trouvé !
C:\_OTM: trouvé !
C:\Rsit: trouvé !
C:\Ad-remover: trouvé !
C:\Lop SD\catchme.exe: trouvé !
C:\Lop SD\catchme.log: trouvé !
C:\Program Files\trend micro\HijackThis.exe: trouvé !
C:\Program Files\trend micro\hijackthis.log: trouvé !
C:\QooBox\Quarantine\catchme.log: trouvé !

| Alerter

Répondre à Coks

Destrio5

3 Février 2010 16:43:23

Tu n'as pas cliqué sur Suppression apparemment.

| Alerter

Répondre à Destrio5

Coks

3 Février 2010 17:45:49

--> Suppression:

C:\Lop SD\catchme.exe: supprimé !
C:\Program Files\trend micro\HijackThis.exe: ERREUR DE SUPPRESSION !!
C:\Combofix.txt: ERREUR DE SUPPRESSION !!
C:\lopR.txt: ERREUR DE SUPPRESSION !!
C:\Lop SD\catchme.log: supprimé !
C:\Program Files\trend micro\hijackthis.log: ERREUR DE SUPPRESSION !!
C:\QooBox\Quarantine\catchme.log: supprimé !
C:\Lop SD: supprimé !
C:\Qoobox: ERREUR DE SUPPRESSION !!
C:\_OTM: supprimé !
C:\Rsit: supprimé !
C:\Ad-remover: supprimé !

| Alerter

Répondre à Coks

Destrio5

3 Février 2010 17:48:02

Tu peux supprimer ToolsCleaner.

| Alerter

Répondre à Destrio5

Tom's guide dans le monde