Posez votre question Format imprimable Liste des forums Aidez-les Statistiques Rechercher Charte Forum Virus-Sécurité

Systeme32 vcrt80:exe

Dernière réponse le 20 avr 2009 à 17:22:38 bouchamal, le 20 avr 2009 à 01:11:47

Signaler ce message aux modérateurs

Bonjour,
systeme32 vcrt80:exe.est ce un virus? si oui comment le suprimer?

Configuration: Windows XP
Firefox 3.0.8

Meilleures réponses pour « systeme32 vcrt80:exe » dans :

Pb avec windows systeme 32 Voir

J ai un probleme avec mon systeme 32 Voir

Systéme 32 effacé sous vista Voir

[Windows] Erreur de chargement RunDLL (rundll32.exe) Voir

32 ou 64 bits - Comment savoir ? VoirVous voulez savoir si votre Windows est en 32 ou 64 bits ? Méthode 1 Méthode 2 Méthode 3 (Vista et 7) Méthode 1 Démarrer Exécuter Saisir winver puis OK. Regarder dans le bandeau en haut de la fenêtre. S’il n’est pas mentionné...

Probleme demarage systeme 32/Hal.dll Voir

Cherche a télécharger System32.exe Voir

Windows systeme 32 scopedell.exe Voir

Posez votre question Répondre

V-X, le 20 avr 2009 à 01:13:22

Salut,

On peut vérifier sa si tu le désire:

▶ Télécharge random's system information tool (RSIT) et enregistre le sur ton bureau.

▶ Double clique sur RSIT.exe pour lancer l'outil.

▶ Clique sur ' continue ' à l'écran Disclaimer.

▶ Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.

▶ Une fois le scan fini , 2 rapports vont apparaitre. Poste le contenu des 2 rapports séparément.
( log.txt & info.txt )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.

l'alcool tue lentement ,on s'en fout on est pas presser......

Répondre à V-X

bouchamal, le 20 avr 2009 à 02:26:25

Salut,
j'ai suivis tes conseils. mais sans resultats.que dois je faire?
merci.

Répondre à bouchamal

V-X, le 20 avr 2009 à 02:41:15

Re,

Poste moi les deux rapports

merci l'alcool tue lentement ,on s'en fout on est pas presser......

Répondre à V-X

bouchamal, le 20 avr 2009 à 02:58:32

Info.txt logfile of random's system information tool 1.06 2009-04-19 23:18:48

======Uninstall list======

-->C:\PROGRA~1\Yahoo!\Common\unyt.exe
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Advanced SystemCare 3-->"C:\Program Files\IObit\Advanced SystemCare 3\unins000.exe"
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
ASUS WiFi-AP Solo-->C:\Program Files\InstallShield Installation Information\{295941F1-484E-4C23-B43C-7EFDC3E6DF43}\Setup.exe -runfromtemp -l0x0009 -removeonly
Attansic L1 Gigabit Ethernet Driver-->rundll32.exe C:\WINDOWS\system32\Attansic\L1\atcInst.dll,AtcUninst C:\WINDOWS\system32\Attansic\L1 x86 1969 1048 L1
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Barre d'outils MSN-->C:\Program Files\MSN Toolbar\01.01.2607.0\fr\mtbs.exe c
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Correctif pour Windows XP (KB935448)-->"C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
enhanced keyboard driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79C25975-740E-436E-9327-C164831ADCE7}\setup.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
General Module-->MsiExec.exe /X{F80DDFFD-D030-4CCC-AF03-BD8EEE5E20ED}
GOM Player-->"C:\Documents and Settings\abd\Bureau\GomPlayer\Uninstall.exe"
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
Internet Download Manager-->C:\Program Files\Internet Download Manager\Uninstall.exe
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
MediaBar 2.0-->C:\Program Files\Shareaza Applications\Shareaza MediaBar\Uninstall.exe
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Excel Viewer 2003-->MsiExec.exe /I{9084040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mobile Connect-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EAAC5FD-E209-4856-8C49-D4EA40F85032}\setup.exe" -l0x9 -removeonly
Modem LG LDU-1900D-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{43DB077F-C85F-42CC-8302-17CBEE4A6BC6}\setup.exe" -l0x40c -removeonly
Mozilla Firefox (3.0.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Multimedia Keyboard Driver-->C:\PROGRA~1\MULTIK~1\UNWISE.EXE C:\PROGRA~1\MULTIK~1\INSTALL.LOG
OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Pack Vista Inspirat 2 1.0-->C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe
PDFCreator Toolbar-->"C:\WINDOWS\PDFCreator_Toolbar_Uninstaller_7468.exe" _?=C:\Program Files\PDFCreator Toolbar
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
VideoLAN VLC media player 0.8.6c-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Visual Task Tips 2.3-->C:\Program Files\VisualTaskTips\uninst.exe
Winamp (remove only)-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

======Security center information======

AV: avast! antivirus 4.8.1229 [VPS 090419-0]

======System event log======

Computer Name: UNICORNI-6442BC
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service de découvertes SSDP.

Record Number: 15459
Source Name: Service Control Manager
Time Written: 20090405234041.000000+000
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: UNICORNI-6442BC
Event Code: 7036
Message: Le service Explorateur d'ordinateur est entré dans l'état : arrêté.

Record Number: 15458
Source Name: Service Control Manager
Time Written: 20090405234036.000000+000
Event Type: Informations
User:

Computer Name: UNICORNI-6442BC
Event Code: 7036
Message: Le service Gestionnaire de connexions d'accès distant est entré dans l'état : en cours d'exécution.

Record Number: 15457
Source Name: Service Control Manager
Time Written: 20090405234036.000000+000
Event Type: Informations
User:

Computer Name: UNICORNI-6442BC
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Gestionnaire de connexions d'accès distant.

Record Number: 15456
Source Name: Service Control Manager
Time Written: 20090405234036.000000+000
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: UNICORNI-6442BC
Event Code: 7036
Message: Le service Téléphonie est entré dans l'état : en cours d'exécution.

Record Number: 15455
Source Name: Service Control Manager
Time Written: 20090405234036.000000+000
Event Type: Informations
User:

=====Application event log=====

Computer Name: UNICORNI-6442BC
Event Code: 101
Message: wuauclt (2660) Le moteur de base de données est arrêté.

Record Number: 264
Source Name: ESENT
Time Written: 20080821121818.000000+000
Event Type: Informations
User:

Computer Name: UNICORNI-6442BC
Event Code: 103
Message: wuaueng.dll (2660) SUS20ClientDataStore: Le moteur de base de données a arrêté une instance (0).

Record Number: 263
Source Name: ESENT
Time Written: 20080821121818.000000+000
Event Type: Informations
User:

Computer Name: UNICORNI-6442BC
Event Code: 102
Message: wuaueng.dll (2660) SUS20ClientDataStore: Le moteur de base de données a démarré une nouvelle instance (0).

Record Number: 262
Source Name: ESENT
Time Written: 20080821121317.000000+000
Event Type: Informations
User:

Computer Name: UNICORNI-6442BC
Event Code: 100
Message: wuauclt (2660) Le moteur de base de données 5.01.2600.2180 est démarré.

Record Number: 261
Source Name: ESENT
Time Written: 20080821121317.000000+000
Event Type: Informations
User:

Computer Name: UNICORNI-6442BC
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.

Record Number: 260
Source Name: SecurityCenter
Time Written: 20080821121231.000000+000
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 6 Stepping 5, GenuineIntel
"PROCESSOR_REVISION"=0605
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by b.ounsy@hotmail.com at 2009-04-19 23:18:23
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 68 GB (86%) free of 80 GB
Total RAM: 503 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:18:44, on 19/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS WiFi-AP Solo\AWWFSPU.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Winamp\Winampa.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\LG Electronics\LG EV-DO Rev.A USB Modem\Modem Software\REVAService.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\IObit\Advanced SystemCare 3\Sup_softinfo.exe
C:\Program Files\EnhanceKeyboard\kb_2k.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\LG Electronics\LG EV-DO Rev.A USB Modem\Modem Software\IEUM.exe
C:\Documents and Settings\b.ounsy@hotmail.com\Mes documents\Downloads\Programs\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\b.ounsy@hotmail.com.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://fr.rd.yahoo.com/customize/ycomp/defaults/sb/*http://fr.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*http://fr.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wana.ma
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: UrlHelper Class - {CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: Shareaza MediaBar - {196C3A46-4758-433D-A600-802C804AF39C} - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AWWFSPU] "C:\Program Files\ASUS WiFi-AP Solo\AWWFSPU.exe" -nogui
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [vcrt80.dll] C:\WINDOWS\system32:vcrt80.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [REVAService] C:\Program Files\LG Electronics\LG EV-DO Rev.A USB Modem\Modem Software\REVAService.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [Software Informer] C:\Program Files\IObit\Advanced SystemCare 3\Sup_softinfo.exe -autorun
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: enhanced keyboard driver.lnk = ?
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O17 - HKLM\System\CCS\Services\Tcpip\..\{401E5AC0-9102-4FCC-8440-CB3533D3B9AD}: NameServer = 192.168.50.55 196.12.209.5
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
End of file - 10198 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Antivirus.job
C:\WINDOWS\tasks\Clavier visuel.job
C:\WINDOWS\tasks\Dame de Pique.job
C:\WINDOWS\tasks\Mozilla Firefox.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2009-04-02 169392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-11-18 1082880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-03-12 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-04-19 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}]
PDFCreator Toolbar Helper - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-12-27 806912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-03-12 522224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CFC4F59B-A2DA-4e12-B337-52A4F871E10C}]
UrlHelper Class - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaIEHelper.dll [2008-09-02 398784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll [2005-02-07 203464]
{196C3A46-4758-433D-A600-802C804AF39C} - Shareaza MediaBar - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll [2008-09-02 529856]
{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - PDFCreator Toolbar - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-12-27 806912]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-03-12 251504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-15 2879488]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-12-17 16062464]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-02 69632]
"AWWFSPU"=C:\Program Files\ASUS WiFi-AP Solo\AWWFSPU.exe [2006-12-18 712781]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2006-08-15 98304]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2006-08-15 114688]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2006-08-15 94208]
"WinampAgent"=C:\Program Files\Winamp\Winampa.exe [2001-10-01 10752]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"vcrt80.dll"=C:\WINDOWS\system32:vcrt80.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-03 15360]
"REVAService"=C:\Program Files\LG Electronics\LG EV-DO Rev.A USB Modem\Modem Software\REVAService.exe [2008-12-02 23040]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-03-12 39408]
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2009-04-03 2794928]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-03 1667584]
"Advanced SystemCare 3"=C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2008-12-21 2250256]
"Software Informer"=C:\Program Files\IObit\Advanced SystemCare 3\Sup_softinfo.exe [2008-11-21 1359941]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
enhanced keyboard driver.lnk - C:\Program Files\EnhanceKeyboard\kb_2k.exe

C:\Documents and Settings\b.ounsy@hotmail.com\Menu Démarrer\Programmes\Démarrage
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-08-15 155648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{44636cac-0f46-11de-8149-0015af19af11}]
shell\AutoRun\command - E:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\Perfume.exe
shell\open\command - E:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\Perfume.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7a2198ce-2066-11de-8167-0015af19af11}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7a2198cf-2066-11de-8167-0015af19af11}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9d0ac216-0b35-11de-8143-0015af19af11}]
shell\AutoRun\command - E:\SWLauncher.exe

======List of files/folders created in the last 1 months======

2009-04-19 23:18:24 ----D---- C:\Program Files\trend micro
2009-04-19 23:18:23 ----D---- C:\rsit
2009-04-19 22:34:36 ----RSHD---- C:\BIN
2009-04-19 21:04:49 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-04-19 21:04:43 ----D---- C:\Program Files\Fichiers communs\PC Tools
2009-04-19 21:04:37 ----D---- C:\Program Files\Spyware Doctor
2009-04-19 20:51:03 ----A---- C:\WINDOWS\wininit.ini
2009-04-19 19:26:23 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\IObit
2009-04-17 00:07:50 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Software Informer
2009-04-16 12:28:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-04-16 12:28:18 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-04-15 23:52:54 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-04-15 00:12:33 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-04-10 15:38:12 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-04-10 15:38:04 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-04-10 15:37:51 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-04-08 19:38:14 ----RSHD---- C:\Driver
2009-04-07 22:20:33 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-04-07 22:19:23 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-04-07 22:19:14 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-04-06 20:41:13 ----D---- C:\WINDOWS\system32\NtmsData
2009-04-05 23:22:51 ----RSHD---- C:\SYSTEM
2009-04-03 19:08:27 ----A---- C:\WINDOWS\system32\mspmsnsv.dll
2009-04-03 19:08:26 ----A---- C:\WINDOWS\system32\wmdmps.dll
2009-04-03 19:08:26 ----A---- C:\WINDOWS\system32\wmdmlog.dll
2009-04-03 19:08:26 ----A---- C:\WINDOWS\system32\mswmdm.dll
2009-04-03 19:08:26 ----A---- C:\WINDOWS\system32\CEWMDM.dll
2009-04-03 19:04:20 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-04-03 19:04:11 ----D---- C:\WINDOWS\RegisteredPackages
2009-04-03 15:47:33 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #4.txt
2009-04-03 14:29:57 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\WinRAR
2009-04-03 14:29:37 ----D---- C:\Program Files\WinRAR
2009-04-03 13:24:14 ----A---- C:\WINDOWS\system32\idmmbc.dll
2009-04-03 12:18:47 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\OpenOffice.org
2009-04-03 12:16:44 ----D---- C:\Program Files\JRE
2009-04-03 12:16:35 ----D---- C:\Program Files\OpenOffice.org 3
2009-04-03 12:16:20 ----A---- C:\WINDOWS\system32\javaws.exe
2009-04-03 12:16:20 ----A---- C:\WINDOWS\system32\javaw.exe
2009-04-03 12:16:19 ----A---- C:\WINDOWS\system32\java.exe
2009-04-03 12:15:43 ----D---- C:\Program Files\Java
2009-04-03 12:15:38 ----D---- C:\Program Files\Fichiers communs\Java
2009-04-03 12:15:23 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Sun
2009-04-02 23:33:28 ----A---- C:\WINDOWS\system32\wshirda.dll
2009-04-02 23:33:28 ----A---- C:\WINDOWS\system32\irmon.dll
2009-04-02 23:33:28 ----A---- C:\WINDOWS\system32\irftp.exe
2009-04-02 01:13:48 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\skypePM
2009-04-01 11:41:06 ----RA---- C:\WINDOWS\system32\Memorybar.exe
2009-04-01 11:18:14 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Macromedia
2009-03-30 23:29:36 ----A---- C:\WINDOWS\winamp.ini
2009-03-30 23:29:29 ----D---- C:\Program Files\Winamp
2009-03-23 21:07:57 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\IDM
2009-03-23 21:07:57 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\DMCache
2009-03-23 21:07:10 ----D---- C:\Program Files\Internet Download Manager
2009-03-22 22:38:28 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Skype
2009-03-22 20:26:49 ----HD---- C:\WINDOWS\PIF
2009-03-22 15:51:19 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\dvdcss
2009-03-20 19:32:49 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Yahoo!
2009-03-20 19:32:46 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Google
2009-03-20 19:21:49 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Adobe

======List of files/folders modified in the last 1 months======

2009-04-19 23:18:24 ----RD---- C:\Program Files
2009-04-19 23:18:20 ----D---- C:\WINDOWS\Prefetch
2009-04-19 23:17:11 ----A---- C:\WINDOWS\ModemLog_LGE EVDOM USB Modem.txt
2009-04-19 22:38:11 ----D---- C:\Program Files\Mozilla Firefox
2009-04-19 22:37:07 ----D---- C:\WINDOWS\Temp
2009-04-19 22:37:02 ----D---- C:\WINDOWS\system32\drivers
2009-04-19 22:25:25 ----D---- C:\WINDOWS
2009-04-19 21:04:43 ----D---- C:\Program Files\Fichiers communs
2009-04-19 20:04:45 ----HD---- C:\WINDOWS\inf
2009-04-19 19:56:01 ----D---- C:\WINDOWS\system32\CatRoot2
2009-04-19 19:32:35 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-04-19 19:26:30 ----AD---- C:\WINDOWS\system32
2009-04-19 19:26:23 ----D---- C:\WINDOWS\system32\wbem
2009-04-19 19:26:23 ----D---- C:\Config.Msi
2009-04-19 19:26:07 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-04-17 00:14:41 ----A---- C:\WINDOWS\imsins.BAK
2009-04-17 00:09:11 ----D---- C:\WINDOWS\system32\CatRoot
2009-04-16 23:39:58 ----D---- C:\WINDOWS\system32\config
2009-04-16 23:39:42 ----D---- C:\WINDOWS\Registration
2009-04-16 12:28:10 ----HD---- C:\WINDOWS\$hf_mig$
2009-04-16 10:35:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-04-15 23:53:35 ----SHD---- C:\WINDOWS\Installer
2009-04-15 11:16:58 ----SD---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Microsoft
2009-04-15 10:08:12 ----D---- C:\WINDOWS\AppPatch
2009-04-08 16:51:49 ----D---- C:\Program Files\Microsoft Silverlight
2009-04-07 22:18:31 ----D---- C:\Program Files\Internet Explorer
2009-04-07 22:17:57 ----D---- C:\WINDOWS\ie7updates
2009-04-07 20:37:51 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-04-06 20:41:13 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-04-04 19:25:53 ----SD---- C:\WINDOWS\Tasks
2009-04-04 00:49:14 ----D---- C:\WINDOWS\security
2009-04-03 19:08:31 ----D---- C:\Program Files\Windows Media Player
2009-04-03 12:18:07 ----RSD---- C:\WINDOWS\assembly
2009-04-03 12:16:58 ----RSD---- C:\WINDOWS\Fonts
2009-04-02 01:16:18 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-03-25 19:58:35 ----D---- C:\WINDOWS\system32\appmgmt
2009-03-22 20:59:27 ----D---- C:\WINDOWS\Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-19 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-07-19 42912]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-03 40320]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-07-19 94416]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
R3 AR2425;AzureWave AR5006 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\aw5006.sys [2006-12-18 556832]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-07-19 23152]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2006-10-31 35840]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2006-08-15 1109568]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-12-20 4405248]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 UsbEvdomAtc;LGE EVDOM USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgevdomatc.sys [2008-08-26 19840]
R3 usbevdombus;LGE EVDOM Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgevdombus.sys [2008-08-26 13696]
R3 UsbEvdomDiag;LGE EVDOM USB Serial DM Port; C:\WINDOWS\system32\DRIVERS\lgevdomdiag.sys [2008-08-26 19840]
R3 USBEVDOmModem;LGE EVDOM USB Modem; C:\WINDOWS\system32\DRIVERS\lgevdommodem.sys [2008-08-26 21632]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R4 PCTCore;PCTools KDS; C:\WINDOWS\system32\drivers\PCTCore.sys []
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-03 17024]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 GUCI_AVS;USB2.0 VGA Video Device; C:\WINDOWS\system32\DRIVERS\GUCI_AVS.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2007-05-14 100992]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 QCMerced;Logitech QuickCam Communicate; C:\WINDOWS\system32\DRIVERS\LVCM.sys []
S3 qcusbser;Mobile Connector USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\cmusbser.sys [2007-10-16 97408]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-03 59648]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-12 137200]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------

Répondre à bouchamal

bouchamal, le 20 avr 2009 à 02:59:16

23:34 19/04/2009Logfile of random's system information tool 1.06 (written by random/random)
Run by b.ounsy@hotmail.com at 2009-04-19 23:18:23
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 68 GB (86%) free of 80 GB
Total RAM: 503 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:18:44, on 19/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS WiFi-AP Solo\AWWFSPU.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Winamp\Winampa.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\LG Electronics\LG EV-DO Rev.A USB Modem\Modem Software\REVAService.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\IObit\Advanced SystemCare 3\Sup_softinfo.exe
C:\Program Files\EnhanceKeyboard\kb_2k.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\LG Electronics\LG EV-DO Rev.A USB Modem\Modem Software\IEUM.exe
C:\Documents and Settings\b.ounsy@hotmail.com\Mes documents\Downloads\Programs\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\b.ounsy@hotmail.com.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://fr.rd.yahoo.com/customize/ycomp/defaults/sb/*http://fr.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*http://fr.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wana.ma
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: UrlHelper Class - {CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: Shareaza MediaBar - {196C3A46-4758-433D-A600-802C804AF39C} - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AWWFSPU] "C:\Program Files\ASUS WiFi-AP Solo\AWWFSPU.exe" -nogui
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [vcrt80.dll] C:\WINDOWS\system32:vcrt80.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [REVAService] C:\Program Files\LG Electronics\LG EV-DO Rev.A USB Modem\Modem Software\REVAService.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [Software Informer] C:\Program Files\IObit\Advanced SystemCare 3\Sup_softinfo.exe -autorun
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: enhanced keyboard driver.lnk = ?
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O17 - HKLM\System\CCS\Services\Tcpip\..\{401E5AC0-9102-4FCC-8440-CB3533D3B9AD}: NameServer = 192.168.50.55 196.12.209.5
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
End of file - 10198 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Antivirus.job
C:\WINDOWS\tasks\Clavier visuel.job
C:\WINDOWS\tasks\Dame de Pique.job
C:\WINDOWS\tasks\Mozilla Firefox.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2009-04-02 169392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-11-18 1082880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-03-12 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-04-19 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}]
PDFCreator Toolbar Helper - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-12-27 806912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-03-12 522224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CFC4F59B-A2DA-4e12-B337-52A4F871E10C}]
UrlHelper Class - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaIEHelper.dll [2008-09-02 398784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll [2005-02-07 203464]
{196C3A46-4758-433D-A600-802C804AF39C} - Shareaza MediaBar - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll [2008-09-02 529856]
{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - PDFCreator Toolbar - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-12-27 806912]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-03-12 251504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-15 2879488]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-12-17 16062464]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-02 69632]
"AWWFSPU"=C:\Program Files\ASUS WiFi-AP Solo\AWWFSPU.exe [2006-12-18 712781]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2006-08-15 98304]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2006-08-15 114688]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2006-08-15 94208]
"WinampAgent"=C:\Program Files\Winamp\Winampa.exe [2001-10-01 10752]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"vcrt80.dll"=C:\WINDOWS\system32:vcrt80.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-03 15360]
"REVAService"=C:\Program Files\LG Electronics\LG EV-DO Rev.A USB Modem\Modem Software\REVAService.exe [2008-12-02 23040]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-03-12 39408]
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2009-04-03 2794928]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-03 1667584]
"Advanced SystemCare 3"=C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2008-12-21 2250256]
"Software Informer"=C:\Program Files\IObit\Advanced SystemCare 3\Sup_softinfo.exe [2008-11-21 1359941]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
enhanced keyboard driver.lnk - C:\Program Files\EnhanceKeyboard\kb_2k.exe

C:\Documents and Settings\b.ounsy@hotmail.com\Menu Démarrer\Programmes\Démarrage
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-08-15 155648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{44636cac-0f46-11de-8149-0015af19af11}]
shell\AutoRun\command - E:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\Perfume.exe
shell\open\command - E:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\Perfume.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7a2198ce-2066-11de-8167-0015af19af11}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7a2198cf-2066-11de-8167-0015af19af11}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9d0ac216-0b35-11de-8143-0015af19af11}]
shell\AutoRun\command - E:\SWLauncher.exe

======List of files/folders created in the last 1 months======

2009-04-19 23:18:24 ----D---- C:\Program Files\trend micro
2009-04-19 23:18:23 ----D---- C:\rsit
2009-04-19 22:34:36 ----RSHD---- C:\BIN
2009-04-19 21:04:49 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-04-19 21:04:43 ----D---- C:\Program Files\Fichiers communs\PC Tools
2009-04-19 21:04:37 ----D---- C:\Program Files\Spyware Doctor
2009-04-19 20:51:03 ----A---- C:\WINDOWS\wininit.ini
2009-04-19 19:26:23 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\IObit
2009-04-17 00:07:50 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Software Informer
2009-04-16 12:28:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-04-16 12:28:18 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-04-15 23:52:54 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-04-15 00:12:33 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-04-10 15:38:12 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-04-10 15:38:04 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-04-10 15:37:51 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-04-08 19:38:14 ----RSHD---- C:\Driver
2009-04-07 22:20:33 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-04-07 22:19:23 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-04-07 22:19:14 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-04-06 20:41:13 ----D---- C:\WINDOWS\system32\NtmsData
2009-04-05 23:22:51 ----RSHD---- C:\SYSTEM
2009-04-03 19:08:27 ----A---- C:\WINDOWS\system32\mspmsnsv.dll
2009-04-03 19:08:26 ----A---- C:\WINDOWS\system32\wmdmps.dll
2009-04-03 19:08:26 ----A---- C:\WINDOWS\system32\wmdmlog.dll
2009-04-03 19:08:26 ----A---- C:\WINDOWS\system32\mswmdm.dll
2009-04-03 19:08:26 ----A---- C:\WINDOWS\system32\CEWMDM.dll
2009-04-03 19:04:20 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-04-03 19:04:11 ----D---- C:\WINDOWS\RegisteredPackages
2009-04-03 15:47:33 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #4.txt
2009-04-03 14:29:57 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\WinRAR
2009-04-03 14:29:37 ----D---- C:\Program Files\WinRAR
2009-04-03 13:24:14 ----A---- C:\WINDOWS\system32\idmmbc.dll
2009-04-03 12:18:47 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\OpenOffice.org
2009-04-03 12:16:44 ----D---- C:\Program Files\JRE
2009-04-03 12:16:35 ----D---- C:\Program Files\OpenOffice.org 3
2009-04-03 12:16:20 ----A---- C:\WINDOWS\system32\javaws.exe
2009-04-03 12:16:20 ----A---- C:\WINDOWS\system32\javaw.exe
2009-04-03 12:16:19 ----A---- C:\WINDOWS\system32\java.exe
2009-04-03 12:15:43 ----D---- C:\Program Files\Java
2009-04-03 12:15:38 ----D---- C:\Program Files\Fichiers communs\Java
2009-04-03 12:15:23 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Sun
2009-04-02 23:33:28 ----A---- C:\WINDOWS\system32\wshirda.dll
2009-04-02 23:33:28 ----A---- C:\WINDOWS\system32\irmon.dll
2009-04-02 23:33:28 ----A---- C:\WINDOWS\system32\irftp.exe
2009-04-02 01:13:48 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\skypePM
2009-04-01 11:41:06 ----RA---- C:\WINDOWS\system32\Memorybar.exe
2009-04-01 11:18:14 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Macromedia
2009-03-30 23:29:36 ----A---- C:\WINDOWS\winamp.ini
2009-03-30 23:29:29 ----D---- C:\Program Files\Winamp
2009-03-23 21:07:57 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\IDM
2009-03-23 21:07:57 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\DMCache
2009-03-23 21:07:10 ----D---- C:\Program Files\Internet Download Manager
2009-03-22 22:38:28 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Skype
2009-03-22 20:26:49 ----HD---- C:\WINDOWS\PIF
2009-03-22 15:51:19 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\dvdcss
2009-03-20 19:32:49 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Yahoo!
2009-03-20 19:32:46 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Google
2009-03-20 19:21:49 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Adobe

======List of files/folders modified in the last 1 months======

2009-04-19 23:18:24 ----RD---- C:\Program Files
2009-04-19 23:18:20 ----D---- C:\WINDOWS\Prefetch
2009-04-19 23:17:11 ----A---- C:\WINDOWS\ModemLog_LGE EVDOM USB Modem.txt
2009-04-19 22:38:11 ----D---- C:\Program Files\Mozilla Firefox
2009-04-19 22:37:07 ----D---- C:\WINDOWS\Temp
2009-04-19 22:37:02 ----D---- C:\WINDOWS\system32\drivers
2009-04-19 22:25:25 ----D---- C:\WINDOWS
2009-04-19 21:04:43 ----D---- C:\Program Files\Fichiers communs
2009-04-19 20:04:45 ----HD---- C:\WINDOWS\inf
2009-04-19 19:56:01 ----D---- C:\WINDOWS\system32\CatRoot2
2009-04-19 19:32:35 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-04-19 19:26:30 ----AD---- C:\WINDOWS\system32
2009-04-19 19:26:23 ----D---- C:\WINDOWS\system32\wbem
2009-04-19 19:26:23 ----D---- C:\Config.Msi
2009-04-19 19:26:07 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-04-17 00:14:41 ----A---- C:\WINDOWS\imsins.BAK
2009-04-17 00:09:11 ----D---- C:\WINDOWS\system32\CatRoot
2009-04-16 23:39:58 ----D---- C:\WINDOWS\system32\config
2009-04-16 23:39:42 ----D---- C:\WINDOWS\Registration
2009-04-16 12:28:10 ----HD---- C:\WINDOWS\$hf_mig$
2009-04-16 10:35:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-04-15 23:53:35 ----SHD---- C:\WINDOWS\Installer
2009-04-15 11:16:58 ----SD---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Microsoft
2009-04-15 10:08:12 ----D---- C:\WINDOWS\AppPatch
2009-04-08 16:51:49 ----D---- C:\Program Files\Microsoft Silverlight
2009-04-07 22:18:31 ----D---- C:\Program Files\Internet Explorer
2009-04-07 22:17:57 ----D---- C:\WINDOWS\ie7updates
2009-04-07 20:37:51 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-04-06 20:41:13 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-04-04 19:25:53 ----SD---- C:\WINDOWS\Tasks
2009-04-04 00:49:14 ----D---- C:\WINDOWS\security
2009-04-03 19:08:31 ----D---- C:\Program Files\Windows Media Player
2009-04-03 12:18:07 ----RSD---- C:\WINDOWS\assembly
2009-04-03 12:16:58 ----RSD---- C:\WINDOWS\Fonts
2009-04-02 01:16:18 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-03-25 19:58:35 ----D---- C:\WINDOWS\system32\appmgmt
2009-03-22 20:59:27 ----D---- C:\WINDOWS\Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-19 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-07-19 42912]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-03 40320]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-07-19 94416]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
R3 AR2425;AzureWave AR5006 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\aw5006.sys [2006-12-18 556832]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-07-19 23152]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2006-10-31 35840]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2006-08-15 1109568]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-12-20 4405248]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 UsbEvdomAtc;LGE EVDOM USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgevdomatc.sys [2008-08-26 19840]
R3 usbevdombus;LGE EVDOM Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgevdombus.sys [2008-08-26 13696]
R3 UsbEvdomDiag;LGE EVDOM USB Serial DM Port; C:\WINDOWS\system32\DRIVERS\lgevdomdiag.sys [2008-08-26 19840]
R3 USBEVDOmModem;LGE EVDOM USB Modem; C:\WINDOWS\system32\DRIVERS\lgevdommodem.sys [2008-08-26 21632]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R4 PCTCore;PCTools KDS; C:\WINDOWS\system32\drivers\PCTCore.sys []
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-03 17024]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 GUCI_AVS;USB2.0 VGA Video Device; C:\WINDOWS\system32\DRIVERS\GUCI_AVS.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2007-05-14 100992]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 QCMerced;Logitech QuickCam Communicate; C:\WINDOWS\system32\DRIVERS\LVCM.sys []
S3 qcusbser;Mobile Connector USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\cmusbser.sys [2007-10-16 97408]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-03 59648]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-12 137200]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by b.ounsy@hotmail.com at 2009-04-19 23:18:23
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 68 GB (86%) free of 80 GB
Total RAM: 503 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:18:44, on 19/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS WiFi-AP Solo\AWWFSPU.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Winamp\Winampa.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\LG Electronics\LG EV-DO Rev.A USB Modem\Modem Software\REVAService.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\IObit\Advanced SystemCare 3\Sup_softinfo.exe
C:\Program Files\EnhanceKeyboard\kb_2k.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\LG Electronics\LG EV-DO Rev.A USB Modem\Modem Software\IEUM.exe
C:\Documents and Settings\b.ounsy@hotmail.com\Mes documents\Downloads\Programs\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\b.ounsy@hotmail.com.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = *
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = *
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: UrlHelper Class - {CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: Shareaza MediaBar - {196C3A46-4758-433D-A600-802C804AF39C} - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AWWFSPU] "C:\Program Files\ASUS WiFi-AP Solo\AWWFSPU.exe" -nogui
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [vcrt80.dll] C:\WINDOWS\system32:vcrt80.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [REVAService] C:\Program Files\LG Electronics\LG EV-DO Rev.A USB Modem\Modem Software\REVAService.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [Software Informer] C:\Program Files\IObit\Advanced SystemCare 3\Sup_softinfo.exe -autorun
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: enhanced keyboard driver.lnk = ?
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=
O17 - HKLM\System\CCS\Services\Tcpip\..\{401E5AC0-9102-4FCC-8440-CB3533D3B9AD}: NameServer = 192.168.50.55 196.12.209.5
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

--
End of file - 10198 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Antivirus.job
C:\WINDOWS\tasks\Clavier visuel.job
C:\WINDOWS\tasks\Dame de Pique.job
C:\WINDOWS\tasks\Mozilla Firefox.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2009-04-02 169392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-11-18 1082880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-03-12 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-04-19 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}]
PDFCreator Toolbar Helper - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-12-27 806912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-03-12 522224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CFC4F59B-A2DA-4e12-B337-52A4F871E10C}]
UrlHelper Class - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaIEHelper.dll [2008-09-02 398784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll [2005-02-07 203464]
{196C3A46-4758-433D-A600-802C804AF39C} - Shareaza MediaBar - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll [2008-09-02 529856]
{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - PDFCreator Toolbar - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-12-27 806912]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-03-12 251504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-15 2879488]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-12-17 16062464]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-02 69632]
"AWWFSPU"=C:\Program Files\ASUS WiFi-AP Solo\AWWFSPU.exe [2006-12-18 712781]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2006-08-15 98304]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2006-08-15 114688]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2006-08-15 94208]
"WinampAgent"=C:\Program Files\Winamp\Winampa.exe [2001-10-01 10752]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"vcrt80.dll"=C:\WINDOWS\system32:vcrt80.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-03 15360]
"REVAService"=C:\Program Files\LG Electronics\LG EV-DO Rev.A USB Modem\Modem Software\REVAService.exe [2008-12-02 23040]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-03-12 39408]
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2009-04-03 2794928]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-03 1667584]
"Advanced SystemCare 3"=C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2008-12-21 2250256]
"Software Informer"=C:\Program Files\IObit\Advanced SystemCare 3\Sup_softinfo.exe [2008-11-21 1359941]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
enhanced keyboard driver.lnk - C:\Program Files\EnhanceKeyboard\kb_2k.exe

C:\Documents and Settings\b.ounsy@hotmail.com\Menu Démarrer\Programmes\Démarrage
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-08-15 155648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{44636cac-0f46-11de-8149-0015af19af11}]
shell\AutoRun\command - E:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\Perfume.exe
shell\open\command - E:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\Perfume.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7a2198ce-2066-11de-8167-0015af19af11}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7a2198cf-2066-11de-8167-0015af19af11}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9d0ac216-0b35-11de-8143-0015af19af11}]
shell\AutoRun\command - E:\SWLauncher.exe

======List of files/folders created in the last 1 months======

2009-04-19 23:18:24 ----D---- C:\Program Files\trend micro
2009-04-19 23:18:23 ----D---- C:\rsit
2009-04-19 22:34:36 ----RSHD---- C:\BIN
2009-04-19 21:04:49 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-04-19 21:04:43 ----D---- C:\Program Files\Fichiers communs\PC Tools
2009-04-19 21:04:37 ----D---- C:\Program Files\Spyware Doctor
2009-04-19 20:51:03 ----A---- C:\WINDOWS\wininit.ini
2009-04-19 19:26:23 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\IObit
2009-04-17 00:07:50 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Software Informer
2009-04-16 12:28:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-04-16 12:28:18 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-04-15 23:52:54 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-04-15 00:12:33 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-04-10 15:38:12 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-04-10 15:38:04 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-04-10 15:37:51 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-04-08 19:38:14 ----RSHD---- C:\Driver
2009-04-07 22:20:33 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-04-07 22:19:23 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-04-07 22:19:14 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-04-06 20:41:13 ----D---- C:\WINDOWS\system32\NtmsData
2009-04-05 23:22:51 ----RSHD---- C:\SYSTEM
2009-04-03 19:08:27 ----A---- C:\WINDOWS\system32\mspmsnsv.dll
2009-04-03 19:08:26 ----A---- C:\WINDOWS\system32\wmdmps.dll
2009-04-03 19:08:26 ----A---- C:\WINDOWS\system32\wmdmlog.dll
2009-04-03 19:08:26 ----A---- C:\WINDOWS\system32\mswmdm.dll
2009-04-03 19:08:26 ----A---- C:\WINDOWS\system32\CEWMDM.dll
2009-04-03 19:04:20 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-04-03 19:04:11 ----D---- C:\WINDOWS\RegisteredPackages
2009-04-03 15:47:33 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #4.txt
2009-04-03 14:29:57 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\WinRAR
2009-04-03 14:29:37 ----D---- C:\Program Files\WinRAR
2009-04-03 13:24:14 ----A---- C:\WINDOWS\system32\idmmbc.dll
2009-04-03 12:18:47 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\OpenOffice.org
2009-04-03 12:16:44 ----D---- C:\Program Files\JRE
2009-04-03 12:16:35 ----D---- C:\Program Files\OpenOffice.org 3
2009-04-03 12:16:20 ----A---- C:\WINDOWS\system32\javaws.exe
2009-04-03 12:16:20 ----A---- C:\WINDOWS\system32\javaw.exe
2009-04-03 12:16:19 ----A---- C:\WINDOWS\system32\java.exe
2009-04-03 12:15:43 ----D---- C:\Program Files\Java
2009-04-03 12:15:38 ----D---- C:\Program Files\Fichiers communs\Java
2009-04-03 12:15:23 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Sun
2009-04-02 23:33:28 ----A---- C:\WINDOWS\system32\wshirda.dll
2009-04-02 23:33:28 ----A---- C:\WINDOWS\system32\irmon.dll
2009-04-02 23:33:28 ----A---- C:\WINDOWS\system32\irftp.exe
2009-04-02 01:13:48 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\skypePM
2009-04-01 11:41:06 ----RA---- C:\WINDOWS\system32\Memorybar.exe
2009-04-01 11:18:14 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Macromedia
2009-03-30 23:29:36 ----A---- C:\WINDOWS\winamp.ini
2009-03-30 23:29:29 ----D---- C:\Program Files\Winamp
2009-03-23 21:07:57 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\IDM
2009-03-23 21:07:57 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\DMCache
2009-03-23 21:07:10 ----D---- C:\Program Files\Internet Download Manager
2009-03-22 22:38:28 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Skype
2009-03-22 20:26:49 ----HD---- C:\WINDOWS\PIF
2009-03-22 15:51:19 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\dvdcss
2009-03-20 19:32:49 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Yahoo!
2009-03-20 19:32:46 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Google
2009-03-20 19:21:49 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Adobe

======List of files/folders modified in the last 1 months======

2009-04-19 23:18:24 ----RD---- C:\Program Files
2009-04-19 23:18:20 ----D---- C:\WINDOWS\Prefetch
2009-04-19 23:17:11 ----A---- C:\WINDOWS\ModemLog_LGE EVDOM USB Modem.txt
2009-04-19 22:38:11 ----D---- C:\Program Files\Mozilla Firefox
2009-04-19 22:37:07 ----D---- C:\WINDOWS\Temp
2009-04-19 22:37:02 ----D---- C:\WINDOWS\system32\drivers
2009-04-19 22:25:25 ----D---- C:\WINDOWS
2009-04-19 21:04:43 ----D---- C:\Program Files\Fichiers communs
2009-04-19 20:04:45 ----HD---- C:\WINDOWS\inf
2009-04-19 19:56:01 ----D---- C:\WINDOWS\system32\CatRoot2
2009-04-19 19:32:35 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-04-19 19:26:30 ----AD---- C:\WINDOWS\system32
2009-04-19 19:26:23 ----D---- C:\WINDOWS\system32\wbem
2009-04-19 19:26:23 ----D---- C:\Config.Msi
2009-04-19 19:26:07 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-04-17 00:14:41 ----A---- C:\WINDOWS\imsins.BAK
2009-04-17 00:09:11 ----D---- C:\WINDOWS\system32\CatRoot
2009-04-16 23:39:58 ----D---- C:\WINDOWS\system32\config
2009-04-16 23:39:42 ----D---- C:\WINDOWS\Re

Répondre à bouchamal

V-X, le 20 avr 2009 à 03:06:42

Re,

▶ Telecharge et install UsbFix de C_XX & Chiquitine29

▶ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir

▶ Double clic sur le raccourci UsbFix présent sur ton bureau .

▶ Choisi l option 1 ( Recherche )

▶ Laisse travailler l outil.

▶ Ensuite post le rapport UsbFix.txt qui apparaitra.

▶ Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
l'alcool tue lentement ,on s'en fout on est pas presser......

Répondre à V-X

bouchamal, le 20 avr 2009 à 03:35:58

############################## [ UsbFix V3.010 ]

# User : b.ounsy@hotmail.com (Administrateurs) # UNICORNI-6442BC
# Update on 19/04/09 by C_XX & Chiquitine29
# Start at: 01:31:01 | 20/04/2009
# Website : http://pagesperso-orange.fr/FindyKill.Ad.Remover/

# Intel(R) Pentium(R) D CPU 3.00GHz
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 7.0.5730.13
# Windows Firewall Status : Enabled
# AV : avast! antivirus 4.8.1229 [VPS 090419-0] 4.8.1229 [ Enabled | Updated ]

# A:\ # Lecteur de disquettes 3 ½ pouces
# C:\ # Disque fixe local # 78,13 Go (66,79 Go free) # NTFS
# D:\ # Disque fixe local # 70,91 Go (70,22 Go free) # NTFS
# F:\ # Disque amovible # 1,99 Go (1,99 Go free) # FAT
# I:\ # Disque CD-ROM

############################## [ Processus actifs ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS WiFi-AP Solo\AWWFSPU.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Winamp\Winampa.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\LG Electronics\LG EV-DO Rev.A USB Modem\Modem Software\REVAService.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\IObit\Advanced SystemCare 3\Sup_softinfo.exe
C:\Program Files\EnhanceKeyboard\kb_2k.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\LG Electronics\LG EV-DO Rev.A USB Modem\Modem Software\IEUM.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## [ Registre # Startup ]

HKCU_Main: "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
HKCU_Main: "Search Page"="http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*http://fr.yahoo.com"
HKCU_Main: "Start Page"="http://www.wana.ma"
HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
HKLM_logon: "DefaultUserName"="b.ounsy@hotmail.com"
HKLM_logon: "AltDefaultUserName"="b.ounsy@hotmail.com"
HKLM_logon: "LegalNoticeCaption"=""
HKLM_logon: "LegalNoticeText"=""
HKLM_Run: SkyTel=SkyTel.EXE
HKLM_Run: RTHDCPL=RTHDCPL.EXE
HKLM_Run: Alcmtr=ALCMTR.EXE
HKLM_Run: AWWFSPU="C:\Program Files\ASUS WiFi-AP Solo\AWWFSPU.exe" -nogui
HKLM_Run: avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
HKLM_Run: Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
HKLM_Run: IgfxTray=C:\WINDOWS\system32\igfxtray.exe
HKLM_Run: HotKeysCmds=C:\WINDOWS\system32\hkcmd.exe
HKLM_Run: Persistence=C:\WINDOWS\system32\igfxpers.exe
HKLM_Run: WinampAgent="C:\Program Files\Winamp\Winampa.exe"
HKLM_Run: BluetoothAuthenticationAgent=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM_Run: SunJavaUpdateSched="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
HKLM_Run: vcrt80.dll=C:\WINDOWS\system32:vcrt80.exe
HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKCU_Run: ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
HKCU_Run: REVAService=C:\Program Files\LG Electronics\LG EV-DO Rev.A USB Modem\Modem Software\REVAService.exe
HKCU_Run: swg=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
HKCU_Run: IDMan=C:\Program Files\Internet Download Manager\IDMan.exe /onboot
HKCU_Run: msnmsgr="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
HKCU_Run: MSMSGS="C:\Program Files\Messenger\msmsgs.exe" /background
HKCU_Run: Advanced SystemCare 3="C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
HKCU_Run: Software Informer=C:\Program Files\IObit\Advanced SystemCare 3\Sup_softinfo.exe -autorun

################## [ Informations ]

# Contenu de l'autorun F:\autorun.inf
[autorun]
open=BIN\RECYCLE\Bin.exe
;óÏÆÔ×ÁÒÅüíÉÃÒÏÓÏÆÔü÷ÉÎÄÏ×ÓüãÕÒÒÅÎÔöÅÒÓÉÏÎ†

;This is Mainly Used by Driver Utility Dont Remove This File.
action=Open folder to view files
shell\open=Open
shell\open\command=BIN\RECYCLE\Bin.exe
shell\open\default=1

# C:\autorun.inf ( # Not infected ) -> Folder created by Flash_Disinfector.
# D:\autorun.inf ( # Not infected ) -> Folder created by Flash_Disinfector.

# -> ( Value | Good = 0x0 Bad = 0x1 )

# HKCU\SOFTWARE\...\Policies\System "DisableRegedit" = (0x0)
# HKCU\SOFTWARE\...\Policies\System "DisableRegistryTools" = (0x0)
# HKCU\SOFTWARE\...\Policies\System "DisableTaskMgr" = (0x0)
# HKLM\SOFTWARE\...\Policies\System "DisableRegedit" = (0x0)
# HKLM\SOFTWARE\...\Policies\System "DisableRegistryTools" = (0x0)
# HKLM\SOFTWARE\...\Policies\System "DisableTaskMgr" = (0x0)

################## [ Fichiers # Dossiers infectieux ]

Found ! C:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini
Found ! C:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\Perfume.exe
F:\autorun.inf # -> fichier appelé : "F:\BIN\RECYCLE\Bin.exe" ( présent ! )
Found ! F:\autorun.inf
Found ! F:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini
Found ! F:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\Perfume.exe

################## [ Registre # Clés Run infectieuses ]

# -> Not Found !

################## [ Registre # Mountpoints2 ]

HKCU\Software\Microsoft\....\MountPoints2\{44636cac-0f46-11de-8149-0015af19af11}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{44636cac-0f46-11de-8149-0015af19af11}\Shell\open\Command
HKCU\Software\Microsoft\....\MountPoints2\{7a2198ce-2066-11de-8167-0015af19af11}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{7a2198cf-2066-11de-8167-0015af19af11}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{c18ca92e-f216-11dd-80fb-0015af19af11}\Shell\AutoRun\command
HKCU\Software\Microsoft\....\MountPoints2\{c18ca92e-f216-11dd-80fb-0015af19af11}\Shell\open\Command

################## [ ! Fin du rapport # UsbFix V3.010 ! ]

Répondre à bouchamal

V-X, le 20 avr 2009 à 03:36:49

Re,

Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir

▶ Double clic sur le raccourci UsbFix présent sur ton bureau

▶ Choisi l option 2 ( Suppression )

▶ Ton bureau disparaitra et le pc redémarrera .

▶ Au redémarrage , UsbFix scannera ton pc , laisse travailler l outil.

▶ Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .

▶ Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
l'alcool tue lentement ,on s'en fout on est pas presser......

Répondre à V-X

bouchamal, le 20 avr 2009 à 03:51:22

############################## [ UsbFix V3.010 ]

# User : b.ounsy@hotmail.com (Administrateurs) # UNICORNI-6442BC
# Update on 19/04/09 by C_XX & Chiquitine29
# Start at: 01:44:24 | 20/04/2009
# Website : http://pagesperso-orange.fr/FindyKill.Ad.Remover/

# Intel(R) Pentium(R) D CPU 3.00GHz
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 7.0.5730.13
# Windows Firewall Status : Enabled
# AV : avast! antivirus 4.8.1229 [VPS 090419-0] 4.8.1229 [ Enabled | Updated ]

# A:\ # Lecteur de disquettes 3 ½ pouces
# C:\ # Disque fixe local # 78,13 Go (66,78 Go free) # NTFS
# D:\ # Disque fixe local # 70,91 Go (70,22 Go free) # NTFS
# F:\ # Disque amovible # 1,99 Go (1,99 Go free) # FAT
# G:\ # Disque amovible
# H:\ # Disque amovible
# I:\ # Disque CD-ROM
# J:\ # Disque amovible
# L:\ # Disque amovible

############################## [ Processus actifs ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## [ Fichiers # Dossiers infectieux ]

Deleted ! C:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini
Deleted ! C:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\Perfume.exe
F:\autorun.inf # -> fichier appelé : "F:\BIN\RECYCLE\Bin.exe" ( présent ! )
Deleted ! -> F:\BIN\RECYCLE\Bin.exe
Deleted ! F:\autorun.inf
Deleted ! F:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini
Deleted ! F:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\Perfume.exe

################## [ Registre # Clés Run infectieuses ]

# -> Not Found !

################## [ Registre # Startup ]

HKCU_Main: "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
HKCU_Main: "Search Page"="http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*http://fr.yahoo.com"
HKCU_Main: "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
HKCU_Main: "Window Title"=""
HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
HKLM_logon: "DefaultUserName"=""
HKLM_logon: "AltDefaultUserName"="b.ounsy@hotmail.com"
HKLM_logon: "LegalNoticeCaption"=""
HKLM_logon: "LegalNoticeText"=""
HKLM_Run: SkyTel=SkyTel.EXE
HKLM_Run: RTHDCPL=RTHDCPL.EXE
HKLM_Run: Alcmtr=ALCMTR.EXE
HKLM_Run: AWWFSPU="C:\Program Files\ASUS WiFi-AP Solo\AWWFSPU.exe" -nogui
HKLM_Run: avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
HKLM_Run: Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
HKLM_Run: IgfxTray=C:\WINDOWS\system32\igfxtray.exe
HKLM_Run: HotKeysCmds=C:\WINDOWS\system32\hkcmd.exe
HKLM_Run: Persistence=C:\WINDOWS\system32\igfxpers.exe
HKLM_Run: WinampAgent="C:\Program Files\Winamp\Winampa.exe"
HKLM_Run: BluetoothAuthenticationAgent=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM_Run: SunJavaUpdateSched="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
HKLM_Run: vcrt80.dll=C:\WINDOWS\system32:vcrt80.exe
HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKCU_Run: ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
HKCU_Run: REVAService=C:\Program Files\LG Electronics\LG EV-DO Rev.A USB Modem\Modem Software\REVAService.exe
HKCU_Run: swg=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
HKCU_Run: IDMan=C:\Program Files\Internet Download Manager\IDMan.exe /onboot
HKCU_Run: msnmsgr="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
HKCU_Run: MSMSGS="C:\Program Files\Messenger\msmsgs.exe" /background
HKCU_Run: Advanced SystemCare 3="C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
HKCU_Run: Software Informer=C:\Program Files\IObit\Advanced SystemCare 3\Sup_softinfo.exe -autorun

################## [ Registre # Mountpoints2 ]

Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{44636cac-0f46-11de-8149-0015af19af11}\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{44636cac-0f46-11de-8149-0015af19af11}\Shell\open\Command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{7a2198ce-2066-11de-8167-0015af19af11}\Shell\AutoRun\command
Deleted ! HKCU\Software\Microsoft\....\MountPoints2\{7a2198cf-2066-11de-8167-0015af19af11}\Shell\AutoRun\command

################## [ Listing des fichiers présent ]

C:\AUTOEXEC.BAT
C:\NTDETECT.COM
C:\boot.ini
C:\autorun.inf
D:\AdbeRdr812_fr_FR.exe
D:\AWCSetup.exe
D:\ClocXfull.exe
D:\Firefox Setup 3.0.exe
D:\IE7-WindowsXP-x86-fra.exe
D:\Install_Bank.exe
D:\install_flash_player.exe
D:\RealPlayer11GOLD_fr.exe
D:\VisualTaskTips_23.exe
D:\vlc-0.8.6c-win32.exe
D:\vlc-0.8.6e-win32.exe
D:\wincar.exe
D:\WLinstaller.exe
D:\autorun.inf

################## [ Vaccination ]

# C:\autorun.inf -> Folder created by Flash_Disinfector.
# D:\autorun.inf -> Folder created by Flash_Disinfector.
# F:\autorun.inf -> Folder created by UsbFix.

################## [ ! Fin du rapport # UsbFix V3.010 ! ]

Répondre à bouchamal

V-X, le 20 avr 2009 à 03:52:52

Re,

▶ Télécharge et installe MalwareByte's Anti-Malware
Malwarebyte

▶ Mets le à jour

▶ Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.

▶ Sélectionne Exécuter un examen RAPIDE si ce n'est pas déjà fait

▶ clique sur Rechercher

▶ Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok

▶ Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.

▶ Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection

▶ Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.

Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.

Tutoriel pour MalwareByte's
l'alcool tue lentement ,on s'en fout on est pas presser......

Répondre à V-X

bouchamal, le 20 avr 2009 à 12:54:28

Malwarebytes' Anti-Malware 1.36
Version de la base de données: 2014
Windows 5.1.2600 Service Pack 2

20/04/2009 10:16:02
mbam-log-2009-04-20 (10-16-02).txt

Type de recherche: Examen rapide
Eléments examinés: 74104
Temps écoulé: 5 minute(s), 37 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013 (Trojan.Agent) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\COINST_080603.dll (Trojan.Agent) -> Quarantined and deleted successfully.

Répondre à bouchamal

V-X, le 20 avr 2009 à 13:52:54

Re,

Refait un rapport RSIT .

merci l'alcool tue lentement ,on s'en fout on est pas presser......

Répondre à V-X

bouchamal, le 20 avr 2009 à 16:12:28

Logfile of random's system information tool 1.06 (written by random/random)
Run by b.ounsy@hotmail.com at 2009-04-20 14:10:28
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 68 GB (85%) free of 80 GB
Total RAM: 503 MB (29% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:10:35, on 20/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS WiFi-AP Solo\AWWFSPU.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Winamp\Winampa.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\LG Electronics\LG EV-DO Rev.A USB Modem\Modem Software\REVAService.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\IObit\Advanced SystemCare 3\Sup_softinfo.exe
C:\Program Files\EnhanceKeyboard\kb_2k.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\LG Electronics\LG EV-DO Rev.A USB Modem\Modem Software\IEUM.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\b.ounsy@hotmail.com\Mes documents\Downloads\Programs\RSIT.exe
C:\Program Files\trend micro\b.ounsy@hotmail.com.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://fr.rd.yahoo.com/customize/ycomp/defaults/sb/*http://fr.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: UrlHelper Class - {CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: Shareaza MediaBar - {196C3A46-4758-433D-A600-802C804AF39C} - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AWWFSPU] "C:\Program Files\ASUS WiFi-AP Solo\AWWFSPU.exe" -nogui
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [vcrt80.dll] C:\WINDOWS\system32:vcrt80.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [REVAService] C:\Program Files\LG Electronics\LG EV-DO Rev.A USB Modem\Modem Software\REVAService.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [Software Informer] C:\Program Files\IObit\Advanced SystemCare 3\Sup_softinfo.exe -autorun
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: enhanced keyboard driver.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O17 - HKLM\System\CCS\Services\Tcpip\..\{401E5AC0-9102-4FCC-8440-CB3533D3B9AD}: NameServer = 192.168.50.55 196.12.209.5
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
End of file - 10026 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Antivirus.job
C:\WINDOWS\tasks\Clavier visuel.job
C:\WINDOWS\tasks\Dame de Pique.job
C:\WINDOWS\tasks\Mozilla Firefox.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2009-04-02 169392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-11-18 1082880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-03-12 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-04-19 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}]
PDFCreator Toolbar Helper - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-12-27 806912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-03-12 522224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CFC4F59B-A2DA-4e12-B337-52A4F871E10C}]
UrlHelper Class - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaIEHelper.dll [2008-09-02 398784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-10-19 817936]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll [2005-02-07 203464]
{196C3A46-4758-433D-A600-802C804AF39C} - Shareaza MediaBar - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll [2008-09-02 529856]
{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - PDFCreator Toolbar - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-12-27 806912]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-03-12 251504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-15 2879488]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-12-17 16062464]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-02 69632]
"AWWFSPU"=C:\Program Files\ASUS WiFi-AP Solo\AWWFSPU.exe [2006-12-18 712781]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2006-08-15 98304]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2006-08-15 114688]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2006-08-15 94208]
"WinampAgent"=C:\Program Files\Winamp\Winampa.exe [2001-10-01 10752]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"vcrt80.dll"=C:\WINDOWS\system32:vcrt80.exe []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-04-06 401040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-03 15360]
"REVAService"=C:\Program Files\LG Electronics\LG EV-DO Rev.A USB Modem\Modem Software\REVAService.exe [2008-12-02 23040]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-03-12 39408]
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2009-04-03 2794928]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"Advanced SystemCare 3"=C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2008-12-21 2250256]
"Software Informer"=C:\Program Files\IObit\Advanced SystemCare 3\Sup_softinfo.exe [2008-11-21 1359941]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
enhanced keyboard driver.lnk - C:\Program Files\EnhanceKeyboard\kb_2k.exe

C:\Documents and Settings\b.ounsy@hotmail.com\Menu Démarrer\Programmes\Démarrage
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-08-15 155648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=FFFFFFFF
"NoDrives"=0
"NoViewContextMenu"=0
"NoWinKeys"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=
"HonorAutoRunSetting"=
"NoLogOff"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9d0ac216-0b35-11de-8143-0015af19af11}]
shell\AutoRun\command - E:\SWLauncher.exe

======List of files/folders created in the last 1 months======

2009-04-20 10:06:55 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Malwarebytes
2009-04-20 10:06:46 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-04-20 10:06:46 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-04-20 01:44:21 ----A---- C:\UsbFix.txt
2009-04-20 01:27:40 ----D---- C:\UsbFix
2009-04-20 00:13:59 ----RASHD---- C:\autorun.inf
2009-04-19 23:38:03 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-04-19 23:37:55 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$
2009-04-19 23:18:24 ----D---- C:\Program Files\trend micro
2009-04-19 23:18:23 ----D---- C:\rsit
2009-04-19 22:34:36 ----RSHD---- C:\BIN
2009-04-19 21:04:49 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-04-19 20:51:03 ----A---- C:\WINDOWS\wininit.ini
2009-04-19 19:26:23 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\IObit
2009-04-17 00:07:50 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Software Informer
2009-04-16 12:28:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-04-16 12:28:18 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-04-15 23:52:54 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-04-15 00:12:33 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-04-10 15:38:12 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-04-10 15:38:04 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-04-10 15:37:51 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-04-08 19:38:14 ----RSHD---- C:\Driver
2009-04-07 22:20:33 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-04-07 22:19:23 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-04-07 22:19:14 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-04-06 20:41:13 ----D---- C:\WINDOWS\system32\NtmsData
2009-04-05 23:22:51 ----RSHD---- C:\SYSTEM
2009-04-03 19:08:27 ----A---- C:\WINDOWS\system32\mspmsnsv.dll
2009-04-03 19:08:26 ----A---- C:\WINDOWS\system32\wmdmps.dll
2009-04-03 19:08:26 ----A---- C:\WINDOWS\system32\wmdmlog.dll
2009-04-03 19:08:26 ----A---- C:\WINDOWS\system32\mswmdm.dll
2009-04-03 19:08:26 ----A---- C:\WINDOWS\system32\CEWMDM.dll
2009-04-03 19:04:20 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-04-03 19:04:11 ----D---- C:\WINDOWS\RegisteredPackages
2009-04-03 15:47:33 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #4.txt
2009-04-03 14:29:57 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\WinRAR
2009-04-03 14:29:37 ----D---- C:\Program Files\WinRAR
2009-04-03 13:24:14 ----A---- C:\WINDOWS\system32\idmmbc.dll
2009-04-03 12:18:47 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\OpenOffice.org
2009-04-03 12:16:44 ----D---- C:\Program Files\JRE
2009-04-03 12:16:35 ----D---- C:\Program Files\OpenOffice.org 3
2009-04-03 12:16:20 ----A---- C:\WINDOWS\system32\javaws.exe
2009-04-03 12:16:20 ----A---- C:\WINDOWS\system32\javaw.exe
2009-04-03 12:16:19 ----A---- C:\WINDOWS\system32\java.exe
2009-04-03 12:15:43 ----D---- C:\Program Files\Java
2009-04-03 12:15:38 ----D---- C:\Program Files\Fichiers communs\Java
2009-04-03 12:15:23 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Sun
2009-04-02 23:33:28 ----A---- C:\WINDOWS\system32\wshirda.dll
2009-04-02 23:33:28 ----A---- C:\WINDOWS\system32\irmon.dll
2009-04-02 23:33:28 ----A---- C:\WINDOWS\system32\irftp.exe
2009-04-02 01:13:48 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\skypePM
2009-04-01 11:41:06 ----RA---- C:\WINDOWS\system32\Memorybar.exe
2009-04-01 11:18:14 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Macromedia
2009-03-30 23:29:36 ----A---- C:\WINDOWS\winamp.ini
2009-03-30 23:29:29 ----D---- C:\Program Files\Winamp
2009-03-23 21:07:57 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\IDM
2009-03-23 21:07:57 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\DMCache
2009-03-23 21:07:10 ----D---- C:\Program Files\Internet Download Manager
2009-03-22 22:38:28 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Skype
2009-03-22 20:26:49 ----HD---- C:\WINDOWS\PIF
2009-03-22 15:51:19 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\dvdcss

======List of files/folders modified in the last 1 months======

2009-04-20 13:47:08 ----A---- C:\WINDOWS\ModemLog_LGE EVDOM USB Modem.txt
2009-04-20 10:46:04 ----D---- C:\WINDOWS\system32\drivers
2009-04-20 10:29:37 ----D---- C:\WINDOWS\Temp
2009-04-20 10:29:06 ----D---- C:\Program Files\Mozilla Firefox
2009-04-20 10:27:25 ----AD---- C:\WINDOWS\system32
2009-04-20 10:26:51 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-04-20 10:06:46 ----RD---- C:\Program Files
2009-04-20 01:43:19 ----D---- C:\WINDOWS\system32\CatRoot2
2009-04-20 00:15:28 ----D---- C:\WINDOWS
2009-04-20 00:09:11 ----HD---- C:\WINDOWS\inf
2009-04-19 23:39:18 ----D---- C:\Program Files\Fichiers communs
2009-04-19 23:38:05 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-04-19 23:37:59 ----A---- C:\WINDOWS\imsins.BAK
2009-04-19 23:37:53 ----D---- C:\WINDOWS\Prefetch
2009-04-19 23:37:39 ----D---- C:\WINDOWS\system32\fr-fr
2009-04-19 23:37:39 ----D---- C:\Program Files\Internet Explorer
2009-04-19 23:37:27 ----D---- C:\WINDOWS\ie7updates
2009-04-19 19:26:23 ----D---- C:\WINDOWS\system32\wbem
2009-04-19 19:26:23 ----D---- C:\Config.Msi
2009-04-17 00:09:11 ----D---- C:\WINDOWS\system32\CatRoot
2009-04-16 23:39:58 ----D---- C:\WINDOWS\system32\config
2009-04-16 23:39:42 ----D---- C:\WINDOWS\Registration
2009-04-16 12:28:10 ----HD---- C:\WINDOWS\$hf_mig$
2009-04-16 10:35:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-04-15 23:53:35 ----SHD---- C:\WINDOWS\Installer
2009-04-15 11:16:58 ----SD---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Microsoft
2009-04-15 10:08:12 ----D---- C:\WINDOWS\AppPatch
2009-04-08 16:51:49 ----D---- C:\Program Files\Microsoft Silverlight
2009-04-07 20:37:51 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-04-06 20:41:13 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-04-04 19:25:53 ----SD---- C:\WINDOWS\Tasks
2009-04-04 00:49:14 ----D---- C:\WINDOWS\security
2009-04-03 19:08:31 ----D---- C:\Program Files\Windows Media Player
2009-04-03 12:18:07 ----RSD---- C:\WINDOWS\assembly
2009-04-03 12:16:58 ----RSD---- C:\WINDOWS\Fonts
2009-04-02 11:48:43 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Google
2009-04-02 01:16:18 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-03-25 20:40:38 ----D---- C:\Documents and Settings\b.ounsy@hotmail.com\Application Data\Adobe
2009-03-25 19:58:35 ----D---- C:\WINDOWS\system32\appmgmt
2009-03-22 20:59:27 ----D---- C:\WINDOWS\Help
2009-03-21 14:20:10 ----A---- C:\WINDOWS\system32\kernel32.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-19 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-07-19 42912]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-03 40320]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-07-19 94416]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
R3 AR2425;AzureWave AR5006 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\aw5006.sys [2006-12-18 556832]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-07-19 23152]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2006-10-31 35840]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2006-08-15 1109568]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-12-20 4405248]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 UsbEvdomAtc;LGE EVDOM USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgevdomatc.sys [2008-08-26 19840]
R3 usbevdombus;LGE EVDOM Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgevdombus.sys [2008-08-26 13696]
R3 UsbEvdomDiag;LGE EVDOM USB Serial DM Port; C:\WINDOWS\system32\DRIVERS\lgevdomdiag.sys [2008-08-26 19840]
R3 USBEVDOmModem;LGE EVDOM USB Modem; C:\WINDOWS\system32\DRIVERS\lgevdommodem.sys [2008-08-26 21632]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-03 17024]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 GUCI_AVS;USB2.0 VGA Video Device; C:\WINDOWS\system32\DRIVERS\GUCI_AVS.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2007-05-14 100992]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 QCMerced;Logitech QuickCam Communicate; C:\WINDOWS\system32\DRIVERS\LVCM.sys []
S3 qcusbser;Mobile Connector USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\cmusbser.sys [2007-10-16 97408]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-03 59648]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-12 137200]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------

Répondre à bouchamal

V-X, le 20 avr 2009 à 16:21:27

Re,

▶ Relance hijack et clique sur "Do a system scan only"

▶ Ensuite recherche ces lignes et coches les cases

O4 - HKLM\..\Run: [vcrt80.dll] C:\WINDOWS\system32:vcrt80.exe
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)

▶ Ensuite clique sur "Fix checked"
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
▶ Télécharge CCleaner (N'installe pas la Yahoo Toolbar) :
CCLEANER

▶ Lance-le. Va dans "Options" puis "Avancé",

▶ Tu décoches la case "Effacer uniquement les fichiers etc...".

▶ Tu vas dans "Nettoyeur", tu fais "Analyse". Une fois terminé, tu lances le nettoyage.

▶ Tu vas dans "Registre", tu fais "Chercher des erreurs".

Une fois terminé, tu répares toutes les erreurs sans sauvegarder la base de registre.

▶ Un tuto ( aide )
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Télécharge toolscleaner sur ton Bureau :

toolscleaner

* Double-clique sur ToolsCleaner2.exe et laisse le travailler

* Clique sur Recherche et laisse le scan se terminer.

* Clique sur Suppression pour finaliser.

* Tu peux, si tu le souhaites, te servir des Options facultatives.

* Clique sur Quitter, pour que le rapport puisse se créer.

* Le rapport (TCleaner.txt) se trouve à la racine de votre disque dur (C:\)...colle le dans ta réponse
l'alcool tue lentement ,on s'en fout on est pas presser......

Répondre à V-X

bouchamal, le 20 avr 2009 à 17:20:18

[ Rapport ToolsCleaner version 2.3.5 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\UsbFix.txt: trouvé !
C:\UsbFix: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\b.ounsy@hotmail.com\Bureau\UsbFix.lnk: trouvé !
C:\Documents and Settings\b.ounsy@hotmail.com\Menu Démarrer\Programmes\UsbFix: trouvé !
C:\Documents and Settings\b.ounsy@hotmail.com\Menu Démarrer\Programmes\UsbFix\UsbFix.lnk: trouvé !
C:\Documents and Settings\b.ounsy@hotmail.com\Mes documents\Downloads\Programs\UsbFix.exe: trouvé !
C:\Documents and Settings\b.ounsy@hotmail.com\Mes documents\Downloads\Programs\Rsit.exe: trouvé !
C:\Program Files\trend micro\HijackThis.exe: trouvé !
C:\Program Files\trend micro\hijackthis.log: trouvé !

---------------------------------
--> Suppression:

C:\Program Files\trend micro\HijackThis.exe: supprimé !
C:\UsbFix.txt: supprimé !
C:\Documents and Settings\b.ounsy@hotmail.com\Bureau\UsbFix.lnk: supprimé !
C:\Documents and Settings\b.ounsy@hotmail.com\Menu Démarrer\Programmes\UsbFix\UsbFix.lnk: supprimé !
C:\Documents and Settings\b.ounsy@hotmail.com\Mes documents\Downloads\Programs\UsbFix.exe: supprimé !
C:\Documents and Settings\b.ounsy@hotmail.com\Mes documents\Downloads\Programs\Rsit.exe: supprimé !
C:\Program Files\trend micro\hijackthis.log: supprimé !
C:\UsbFix: supprimé !
C:\Rsit: supprimé !
C:\Documents and Settings\b.ounsy@hotmail.com\Menu Démarrer\Programmes\UsbFix: supprimé !

Répondre à bouchamal

V-X, le 20 avr 2009 à 17:22:38

Re,

> Fais un scan en ligne avec Kaspersky : Kaspersky

N.B. : Le scan ne marche que sous Internet Explorer.

- Commence par connecter tout ton matériel de stockage à ton PC (clés USB, DD amovible...). Allume les si necessaire.

- Sous Démonstration en ligne, on t'explique la marche à suivre, et pour lancer le scan il faut sélectionner < Exécuter l'analyse en ligne >.

- On va te demander de télécharger un contrôle active x, accepte .

- Dans le menu < Choisissez la cible de l'analyse >, sélectionne < Poste de travail >. Le scan va commencer.

- Poste le rapport qui sera généré stp. (clique sur <enregistrer le rapport> puis sauvegarde-le sur ton bureau en choisissant "fichier texte (*.txt)" pour l'extension).
S'il y a un problème, assure toi que les contrôles active x sont bien configurés dans les options internet comme décrit sur ce lien : clic ici

Rappel : le scan est à faire sous Internet Explorer
Tuto ici si problème

NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.
Pour le rapport Kaspersky il faut que tu choisisses "Afficher le rapport" puis que tu l'enregistres sur ton bureau sous forme de fichier texte (type de fichier "tous les fichiers"). l'alcool tue lentement ,on s'en fout on est pas presser......

Répondre à V-X

Posez votre question Répondre