fenêtre au démarrage

bonjour, depuis peu j'ai une fenêtre qui se met au démarrage (une fenêtre noire avec des lignes écrites dedans) et au-dessus j'ai pu apercevoir que dedans il y avait marqué win32. Je serais pas étonné d'avoir un trojan. Y-aurait-il une bonne âme pour m'aider, comme chaque fois sur ce forum? merci

Salut à toi et bienvenue,

Afin de nous éclairer sur la nature précise de tes soucis "infectieux", ( ou pas ? )
dans un premier temps fais cette procédure et poste le rapport généré par Random's system information tool (RSIT) par
random/random
Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

- Double-clique sur RSIT.exe afin de lancer RSIT.
- Clique Continue à l'écran Disclaimer.
- Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.

- Poste le contenu de log.txt (<<qui sera affiché)
ainsi que info.txt (<<qui sera réduit dans la Barre des Tâches).

// ! Important !
=======================

Ps:
======
Conseil d'ordre général
---->> Aller sur le Net avec Windows Internet Explorer, n'est pas souhaitable.
Pour vous en convaincre, un petit test de votre navigateur

Comparez-donc Windows Internet Explorer avec Mozilla-Firefox (ce dernier devrait atteindre les 92 )
Quand à Windows Internet Explorer, j'en laisse la surprise...

Toutefois, ce qui ne veut pas dire que Windows Internet Explorer, ne doit pas être à jour ! (vérifier que vous avez la dernière version ! )

Télécharger Mozilla-Firefox 3.0. X. (le X représente évidemment la dernière version ) et le mettre à l'install comme Navigateur par défaut.

lien ici

-->source ici de conseils
Eviter à tous prix de poster dans plusieurs Forum à la fois...pas de multi-postage donc !



Poster les 2 rapports demandés (log.txt et info.txt)
En cas de fichier trop gros, suffit de le diviser sur deux réponses, ou plus.....




PS:
si tu ne peux pas télécharger en direct avec la machine infectée, il est évident qu'il faut faire usage, d'une carte SD ou clé usb via un autre PC.

voilà déjà le log.txt

Logfile of random's system information tool 1.08 (written by random/random)
Run by jf at 2011-06-30 09:16:15
Microsoft Windows 7 Édition Familiale Premium Service Pack 1
System drive C: has 76 GB (27%) free of 281 GB
Total RAM: 3894 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:16:29, on 30/06/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
C:\Program Files (x86)\Lexmark 1200 Series\LXCZbmgr.exe
C:\Program Files (x86)\Lexmark 1200 Series\lxczbmon.exe
C:\Program Files\My Lockbox\mylbx.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpressServer.exe
c:\PROGRA~2\CYBERL~1\SHARED~1\RICHVI~1.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\jf\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\jf.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Messenger Plus Live Belgium Toolbar - {d1a1c8f1-e3d9-48df-802f-20201061ef61} - C:\Program Files (x86)\Messenger_Plus_Live_Belgium\tbMes1.dll
R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: HP SimplePass Identity Protection Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\dpotspluginie8.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Messenger Plus Live Belgium Toolbar - {d1a1c8f1-e3d9-48df-802f-20201061ef61} - C:\Program Files (x86)\Messenger_Plus_Live_Belgium\tbMes1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Messenger Plus Live Belgium Toolbar - {d1a1c8f1-e3d9-48df-802f-20201061ef61} - C:\Program Files (x86)\Messenger_Plus_Live_Belgium\tbMes1.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Java] C:\Windows\system32\temp\windows.exe
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [windows] C:\Windows\system32\temp\windows.exe
O4 - HKLM\..\Policies\Explorer\Run: [Policies] C:\Windows\system32\temp\windows.exe
O4 - HKCU\..\Policies\Explorer\Run: [Policies] C:\Windows\system32\temp\windows.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Envoyer à Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Envoyer au périphérique &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: FSPro Filter Service (fsproflt) - FSPro Labs - C:\Windows\SysWOW64\fsproflt.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Unknown owner - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: lxcz_device - - C:\Windows\system32\lxczcoms.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\x64\maconfservice.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 28202 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HPCeeScheduleForcathy.job
C:\Windows\tasks\HPCeeScheduleForJF-PC$.job
C:\Windows\tasks\HPCeeScheduleForjf.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-23 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
HP SimplePass Identity Protection Extension - C:\Program Files (x86)\DigitalPersona\Bin\dpotspluginie8.dll [2009-12-30 1262856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d1a1c8f1-e3d9-48df-802f-20201061ef61}]
Messenger Plus Live Belgium Toolbar - C:\Program Files (x86)\Messenger_Plus_Live_Belgium\tbMes1.dll [2010-09-09 2735200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{d1a1c8f1-e3d9-48df-802f-20201061ef61} - Messenger Plus Live Belgium Toolbar - C:\Program Files (x86)\Messenger_Plus_Live_Belgium\tbMes1.dll [2010-09-09 2735200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
"Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2010-01-25 61112]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-09-08 421888]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"beid"=C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe [2011-02-03 2068480]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-03 284696]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-09-30 98304]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"Java"=C:\Windows\system32\temp\windows.exe [2010-11-05 1169224]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Policies"=C:\Windows\system32\temp\windows.exe [2010-11-05 1169224]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2010-11-10 4240760]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2010-01-22 2363392]
"HPAdvisorDock"=C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [2010-01-27 1712184]
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2010-11-17 1242448]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"windows"=C:\Windows\system32\temp\windows.exe [2010-11-05 1169224]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Policies"=C:\Windows\system32\temp\windows.exe [2010-11-05 1169224]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayL oad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHoo ks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2010-03-03 52920]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableTaskMgr"=0
"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"EnableShellExecuteHooks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewall policy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewall policy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-06-29 08:46:58 ----A---- C:\Windows\SysWOW64\drvinst.exe
2011-06-29 08:46:58 ----A---- C:\Windows\SysWOW64\devrtl.dll
2011-06-29 08:46:58 ----A---- C:\Windows\SysWOW64\devobj.dll
2011-06-29 08:46:58 ----A---- C:\Windows\SysWOW64\cfgmgr32.dll
2011-06-29 08:46:55 ----A---- C:\Windows\SysWOW64\mssrch.dll
2011-06-29 08:46:54 ----A---- C:\Windows\SysWOW64\tquery.dll
2011-06-29 08:46:53 ----A---- C:\Windows\SysWOW64\SearchProtocolHost.exe
2011-06-29 08:46:53 ----A---- C:\Windows\SysWOW64\SearchIndexer.exe
2011-06-29 08:46:53 ----A---- C:\Windows\SysWOW64\mssph.dll
2011-06-29 08:46:52 ----A---- C:\Windows\SysWOW64\SearchFilterHost.exe
2011-06-29 08:46:52 ----A---- C:\Windows\SysWOW64\mssvp.dll
2011-06-29 08:46:52 ----A---- C:\Windows\SysWOW64\mssphtb.dll
2011-06-29 08:46:51 ----A---- C:\Windows\SysWOW64\msscntrs.dll
2011-06-28 11:24:58 ----A---- C:\Ad-Report-CLEAN[7].txt
2011-06-28 11:23:52 ----A---- C:\Ad-Report-SCAN[7].txt
2011-06-23 09:51:35 ----D---- C:\Program Files (x86)\AMD
2011-06-23 09:44:25 ----D---- C:\Program Files (x86)\Duke Nukem Forever
2011-06-23 09:05:59 ----RSHD---- C:\Windows\SysWOW64\temp
2011-06-22 22:50:14 ----D---- C:\Program Files (x86)\JDownloader
2011-06-22 22:38:34 ----A---- C:\Windows\libem.INI
2011-06-22 22:38:25 ----D---- C:\Users\jf\AppData\Roaming\FlashGet
2011-06-22 22:38:25 ----D---- C:\Users\jf\AppData\Roaming\BITS
2011-06-22 22:38:22 ----D---- C:\Users\jf\AppData\Roaming\FlashGetBHO
2011-06-22 22:38:19 ----D---- C:\Program Files (x86)\FlashGet Network
2011-06-21 09:35:30 ----D---- C:\Acer
2011-06-15 10:38:36 ----A---- C:\Windows\SysWOW64\iertutil.dll
2011-06-15 10:38:29 ----A---- C:\Windows\SysWOW64\mshtml.dll
2011-06-15 10:38:28 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2011-06-15 10:38:27 ----A---- C:\Windows\SysWOW64\ieframe.dll
2011-06-15 10:38:23 ----A---- C:\Windows\SysWOW64\urlmon.dll
2011-06-15 10:38:22 ----A---- C:\Windows\SysWOW64\wininet.dll
2011-06-15 10:38:21 ----A---- C:\Windows\SysWOW64\ieui.dll
2011-06-15 10:38:20 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2011-06-15 10:37:56 ----A---- C:\Windows\SysWOW64\oleaut32.dll
2011-06-15 10:37:52 ----A---- C:\Windows\SysWOW64\inetcomm.dll
2011-06-15 02:56:15 ----RA---- C:\Windows\SysWOW64\tmpC93.tmp
2011-06-15 00:56:41 ----SHD---- C:\Windows\SysWOW64\drivers\Winfog
2011-06-15 00:56:35 ----D---- C:\Program Files (x86)\Winfog
2011-06-14 15:32:00 ----SHD---- C:\ProgramData\DSS
2011-06-14 15:32:00 ----D---- C:\ProgramData\Codemasters
2011-06-14 15:15:43 ----D---- C:\Windows\SysWOW64\xlive
2011-06-14 15:14:46 ----A---- C:\Windows\SysWOW64\mkl_blueripple.dll
2011-06-14 15:14:45 ----A---- C:\Windows\SysWOW64\rapture3d_oal.dll
2011-06-14 15:14:43 ----D---- C:\Program Files (x86)\BRS
2011-06-14 15:14:42 ----RA---- C:\Windows\SysWOW64\tmpC53A.tmp
2011-06-14 15:14:42 ----D---- C:\Program Files (x86)\OpenAL
2011-06-14 15:14:42 ----A---- C:\Windows\SysWOW64\wrap_oal.dll
2011-06-14 15:14:42 ----A---- C:\Windows\SysWOW64\OpenAL32.dll
2011-06-14 15:14:25 ----A---- C:\Windows\SysWOW64\XAudio2_7.dll
2011-06-14 15:14:25 ----A---- C:\Windows\SysWOW64\XAPOFX1_5.dll
2011-06-14 15:14:24 ----A---- C:\Windows\SysWOW64\xactengine3_7.dll
2011-06-14 15:14:24 ----A---- C:\Windows\SysWOW64\d3dcsx_43.dll
2011-06-14 15:14:24 ----A---- C:\Windows\SysWOW64\D3DCompiler_43.dll
2011-06-14 15:14:23 ----A---- C:\Windows\SysWOW64\D3DX9_43.dll
2011-06-14 15:14:23 ----A---- C:\Windows\SysWOW64\d3dx11_43.dll
2011-06-14 15:14:23 ----A---- C:\Windows\SysWOW64\d3dx10_43.dll
2011-06-14 15:04:12 ----D---- C:\Program Files (x86)\Codemasters
2011-06-14 11:46:19 ----D---- C:\Program Files (x86)\Tomb Raider - Legend
2011-06-07 09:56:32 ----A---- C:\Windows\SysWOW64\dfshim.dll
2011-06-07 09:56:22 ----A---- C:\Windows\SysWOW64\mstscax.dll
2011-06-07 09:56:17 ----A---- C:\Windows\SysWOW64\d3d10warp.dll
2011-06-07 09:56:16 ----A---- C:\Windows\SysWOW64\mfc40u.dll
2011-06-07 09:56:16 ----A---- C:\Windows\SysWOW64\mfc40.dll
2011-06-07 09:56:06 ----A---- C:\Windows\SysWOW64\secproc_isv.dll
2011-06-07 09:56:05 ----A---- C:\Windows\SysWOW64\shell32.dll
2011-06-07 09:56:04 ----A---- C:\Windows\SysWOW64\secproc.dll
2011-06-07 09:56:04 ----A---- C:\Windows\SysWOW64\RMActivate_isv.exe
2011-06-07 09:56:02 ----A---- C:\Windows\SysWOW64\RMActivate.exe
2011-06-07 09:55:59 ----A---- C:\Windows\SysWOW64\mscoree.dll
2011-06-07 09:55:56 ----A---- C:\Windows\SysWOW64\mf.dll
2011-06-07 09:55:54 ----A---- C:\Windows\SysWOW64\CertEnroll.dll
2011-06-07 09:55:51 ----A---- C:\Windows\SysWOW64\wmp.dll
2011-06-07 09:55:48 ----A---- C:\Windows\SysWOW64\PresentationHostProxy.dll
2011-06-07 09:55:48 ----A---- C:\Windows\SysWOW64\PresentationHost.exe
2011-06-07 09:55:42 ----A---- C:\Windows\SysWOW64\RacEngn.dll
2011-06-07 09:55:40 ----A---- C:\Windows\SysWOW64\AuthFWSnapin.dll
2011-06-07 09:55:34 ----A---- C:\Windows\SysWOW64\ExplorerFrame.dll
2011-06-07 09:55:33 ----A---- C:\Windows\SysWOW64\ole32.dll
2011-06-07 09:55:28 ----A---- C:\Windows\SysWOW64\vssapi.dll
2011-06-07 09:55:28 ----A---- C:\Windows\SysWOW64\SearchFolder.dll
2011-06-07 09:55:27 ----A---- C:\Windows\SysWOW64\d3d9.dll
2011-06-07 09:55:26 ----A---- C:\Windows\SysWOW64\taskschd.dll
2011-06-07 09:55:24 ----A---- C:\Windows\SysWOW64\crypt32.dll
2011-06-07 09:55:23 ----A---- C:\Windows\SysWOW64\mstsc.exe
2011-06-07 09:55:21 ----A---- C:\Windows\SysWOW64\wer.dll
2011-06-07 09:55:21 ----A---- C:\Windows\SysWOW64\ntdll.dll
2011-06-07 09:55:20 ----A---- C:\Windows\SysWOW64\certcli.dll
2011-06-07 09:55:19 ----A---- C:\Windows\SysWOW64\msxml6.dll
2011-06-07 09:55:18 ----A---- C:\Windows\SysWOW64\odbc32.dll
2011-06-07 09:55:18 ----A---- C:\Windows\SysWOW64\dwmcore.dll
2011-06-07 09:55:17 ----A---- C:\Windows\SysWOW64\tcpmonui.dll
2011-06-07 09:55:16 ----A---- C:\Windows\SysWOW64\mstime.dll
2011-06-07 09:55:15 ----A---- C:\Windows\SysWOW64\TSWorkspace.dll
2011-06-07 09:55:15 ----A---- C:\Windows\SysWOW64\quartz.dll
2011-06-07 09:55:14 ----A---- C:\Windows\SysWOW64\tsmf.dll
2011-06-07 09:55:14 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2011-06-07 09:55:14 ----A---- C:\Windows\SysWOW64\dot3api.dll
2011-06-07 09:55:13 ----A---- C:\Windows\SysWOW64\winhttp.dll
2011-06-07 09:55:12 ----A---- C:\Windows\SysWOW64\setupapi.dll
2011-06-07 09:55:12 ----A---- C:\Windows\SysWOW64\MSVidCtl.dll
2011-06-07 09:55:12 ----A---- C:\Windows\SysWOW64\apphelp.dll
2011-06-07 09:55:11 ----A---- C:\Windows\SysWOW64\dbgeng.dll
2011-06-07 09:55:10 ----A---- C:\Windows\SysWOW64\netlogon.dll
2011-06-07 09:55:10 ----A---- C:\Windows\SysWOW64\d3d11.dll
2011-06-07 09:55:09 ----A---- C:\Windows\SysWOW64\WindowsCodecs.dll
2011-06-07 09:55:09 ----A---- C:\Windows\SysWOW64\netcfgx.dll
2011-06-07 09:55:08 ----A---- C:\Windows\SysWOW64\WMVDECOD.DLL
2011-06-07 09:55:08 ----A---- C:\Windows\SysWOW64\webio.dll
2011-06-07 09:55:07 ----A---- C:\Windows\SysWOW64\Query.dll
2011-06-07 09:55:06 ----A---- C:\Windows\SysWOW64\WsmSvc.dll
2011-06-07 09:55:06 ----A---- C:\Windows\SysWOW64\upnp.dll
2011-06-07 09:55:06 ----A---- C:\Windows\SysWOW64\advapi32.dll
2011-06-07 09:55:05 ----A---- C:\Windows\SysWOW64\schannel.dll
2011-06-07 09:55:05 ----A---- C:\Windows\SysWOW64\DShowRdpFilter.dll
2011-06-07 09:55:04 ----A---- C:\Windows\SysWOW64\netfxperf.dll
2011-06-07 09:55:04 ----A---- C:\Windows\SysWOW64\msv1_0.dll
2011-06-07 09:55:04 ----A---- C:\Windows\SysWOW64\mmcndmgr.dll
2011-06-07 09:55:03 ----A---- C:\Windows\SysWOW64\msdrm.dll
2011-06-07 09:55:03 ----A---- C:\Windows\SysWOW64\imapi2fs.dll
2011-06-07 09:55:02 ----A---- C:\Windows\SysWOW64\SessEnv.dll
2011-06-07 09:55:02 ----A---- C:\Windows\SysWOW64\authui.dll
2011-06-07 09:55:01 ----A---- C:\Windows\SysWOW64\shlwapi.dll
2011-06-07 09:55:01 ----A---- C:\Windows\SysWOW64\PortableDeviceApi.dll
2011-06-07 09:55:00 ----A---- C:\Windows\SysWOW64\usp10.dll
2011-06-07 09:55:00 ----A---- C:\Windows\SysWOW64\mcbuilder.exe
2011-06-07 09:54:58 ----A---- C:\Windows\SysWOW64\userenv.dll
2011-06-07 09:54:58 ----A---- C:\Windows\SysWOW64\kernel32.dll
2011-06-07 09:54:58 ----A---- C:\Windows\SysWOW64\certmgr.dll
2011-06-07 09:54:57 ----A---- C:\Windows\SysWOW64\xpsservices.dll
2011-06-07 09:54:57 ----A---- C:\Windows\SysWOW64\WebClnt.dll
2011-06-07 09:54:56 ----A---- C:\Windows\SysWOW64\comdlg32.dll
2011-06-07 09:54:54 ----A---- C:\Windows\SysWOW64\cmd.exe
2011-06-07 09:54:52 ----A---- C:\Windows\SysWOW64\win32spl.dll
2011-06-07 09:54:52 ----A---- C:\Windows\SysWOW64\framedynos.dll
2011-06-07 09:54:51 ----A---- C:\Windows\SysWOW64\Wldap32.dll
2011-06-07 09:54:51 ----A---- C:\Windows\SysWOW64\propsys.dll
2011-06-07 09:54:51 ----A---- C:\Windows\SysWOW64\mfds.dll
2011-06-07 09:54:50 ----A---- C:\Windows\SysWOW64\user32.dll
2011-06-07 09:54:49 ----A---- C:\Windows\SysWOW64\ncsi.dll
2011-06-07 09:54:49 ----A---- C:\Windows\SysWOW64\azroles.dll
2011-06-07 09:54:45 ----A---- C:\Windows\SysWOW64\themeui.dll
2011-06-07 09:54:44 ----A---- C:\Windows\SysWOW64\taskeng.exe
2011-06-07 09:54:44 ----A---- C:\Windows\SysWOW64\spp.dll
2011-06-07 09:54:44 ----A---- C:\Windows\SysWOW64\credui.dll
2011-06-07 09:54:44 ----A---- C:\Windows\splwow64.exe
2011-06-07 09:54:43 ----A---- C:\Windows\SysWOW64\mswsock.dll
2011-06-07 09:54:43 ----A---- C:\Windows\SysWOW64\dhcpcore.dll
2011-06-07 09:54:42 ----A---- C:\Windows\SysWOW64\wintrust.dll
2011-06-07 09:54:42 ----A---- C:\Windows\SysWOW64\mfreadwrite.dll
2011-06-07 09:54:42 ----A---- C:\Windows\SysWOW64\basecsp.dll
2011-06-07 09:54:41 ----A---- C:\Windows\SysWOW64\msxml3.dll
2011-06-07 09:54:41 ----A---- C:\Windows\SysWOW64\dxgi.dll
2011-06-07 09:54:40 ----A---- C:\Windows\SysWOW64\NaturalLanguage6.dll
2011-06-07 09:54:40 ----A---- C:\Windows\SysWOW64\dbghelp.dll
2011-06-07 09:54:39 ----A---- C:\Windows\SysWOW64\taskcomp.dll
2011-06-07 09:54:39 ----A---- C:\Windows\SysWOW64\evr.dll
2011-06-07 09:54:38 ----A---- C:\Windows\SysWOW64\WinSATAPI.dll
2011-06-07 09:54:38 ----A---- C:\Windows\SysWOW64\calc.exe
2011-06-07 09:54:36 ----A---- C:\Windows\SysWOW64\sqlsrv32.dll
2011-06-07 09:54:35 ----A---- C:\Windows\SysWOW64\UIRibbon.dll
2011-06-07 09:54:34 ----A---- C:\Windows\SysWOW64\sxs.dll
2011-06-07 09:54:34 ----A---- C:\Windows\SysWOW64\netshell.dll
2011-06-07 09:54:34 ----A---- C:\Windows\SysWOW64\ie4uinit.exe
2011-06-07 09:54:34 ----A---- C:\Windows\SysWOW64\cryptsvc.dll
2011-06-07 09:54:33 ----A---- C:\Windows\SysWOW64\ws2_32.dll
2011-06-07 09:54:33 ----A---- C:\Windows\SysWOW64\stobject.dll
2011-06-07 09:54:32 ----A---- C:\Windows\SysWOW64\gdi32.dll
2011-06-07 09:54:31 ----A---- C:\Windows\SysWOW64\prncache.dll
2011-06-07 09:54:31 ----A---- C:\Windows\SysWOW64\comctl32.dll
2011-06-07 09:54:30 ----A---- C:\Windows\SysWOW64\wmpeffects.dll
2011-06-07 09:54:30 ----A---- C:\Windows\SysWOW64\printui.dll
2011-06-07 09:54:30 ----A---- C:\Windows\SysWOW64\msi.dll
2011-06-07 09:54:29 ----A---- C:\Windows\SysWOW64\WSDApi.dll
2011-06-07 09:54:29 ----A---- C:\Windows\SysWOW64\rpchttp.dll
2011-06-07 09:54:29 ----A---- C:\Windows\SysWOW64\net1.exe
2011-06-07 09:54:27 ----A---- C:\Windows\SysWOW64\scansetting.dll
2011-06-07 09:54:25 ----A---- C:\Windows\SysWOW64\MMDevAPI.dll
2011-06-07 09:54:25 ----A---- C:\Windows\SysWOW64\davclnt.dll
2011-06-07 09:54:24 ----A---- C:\Windows\SysWOW64\WMVCORE.DLL
2011-06-07 09:54:24 ----A---- C:\Windows\SysWOW64\wlangpui.dll
2011-06-07 09:54:24 ----A---- C:\Windows\SysWOW64\aaclient.dll
2011-06-07 09:54:23 ----A---- C:\Windows\SysWOW64\QSHVHOST.DLL
2011-06-07 09:54:22 ----A---- C:\Windows\SysWOW64\wpdshext.dll
2011-06-07 09:54:22 ----A---- C:\Windows\SysWOW64\webservices.dll
2011-06-07 09:54:22 ----A---- C:\Windows\SysWOW64\t2embed.dll
2011-06-07 09:54:22 ----A---- C:\Windows\SysWOW64\pnidui.dll
2011-06-07 09:54:21 ----A---- C:\Windows\SysWOW64\netdiagfx.dll
2011-06-07 09:54:21 ----A---- C:\Windows\SysWOW64\fde.dll
2011-06-07 09:54:20 ----A---- C:\Windows\SysWOW64\wuapi.dll
2011-06-07 09:54:20 ----A---- C:\Windows\SysWOW64\wscapi.dll
2011-06-07 09:54:20 ----A---- C:\Windows\SysWOW64\SyncCenter.dll
2011-06-07 09:54:18 ----A---- C:\Windows\SysWOW64\WinSCard.dll
2011-06-07 09:54:18 ----A---- C:\Windows\SysWOW64\pla.dll
2011-06-07 09:54:18 ----A---- C:\Windows\SysWOW64\msasn1.dll
2011-06-07 09:54:16 ----A---- C:\Windows\SysWOW64\winsta.dll
2011-06-07 09:54:16 ----A---- C:\Windows\SysWOW64\rdpcore.dll
2011-06-07 09:54:16 ----A---- C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2011-06-07 09:54:15 ----A---- C:\Windows\SysWOW64\iepeers.dll
2011-06-07 09:54:14 ----A---- C:\Windows\SysWOW64\imapi2.dll
2011-06-07 09:54:13 ----A---- C:\Windows\SysWOW64\ntshrui.dll
2011-06-07 09:54:13 ----A---- C:\Windows\SysWOW64\DXPTaskRingtone.dll
2011-06-07 09:54:12 ----A---- C:\Windows\SysWOW64\gameux.dll
2011-06-07 09:54:10 ----A---- C:\Windows\SysWOW64\WMPEncEn.dll
2011-06-07 09:54:10 ----A---- C:\Windows\SysWOW64\shsvcs.dll
2011-06-07 09:54:10 ----A---- C:\Windows\SysWOW64\onex.dll
2011-06-07 09:54:09 ----A---- C:\Windows\SysWOW64\winmm.dll
2011-06-07 09:54:09 ----A---- C:\Windows\SysWOW64\hbaapi.dll
2011-06-07 09:54:09 ----A---- C:\Windows\SysWOW64\autofmt.exe
2011-06-07 09:54:08 ----A---- C:\Windows\SysWOW64\netiohlp.dll
2011-06-07 09:54:08 ----A---- C:\Windows\SysWOW64\autochk.exe
2011-06-07 09:54:07 ----A---- C:\Windows\SysWOW64\samcli.dll
2011-06-07 09:54:07 ----A---- C:\Windows\SysWOW64\proquota.exe
2011-06-07 09:54:07 ----A---- C:\Windows\SysWOW64\IPHLPAPI.DLL
2011-06-07 09:54:06 ----A---- C:\Windows\SysWOW64\thumbcache.dll
2011-06-07 09:54:06 ----A---- C:\Windows\SysWOW64\msutb.dll
2011-06-07 09:54:06 ----A---- C:\Windows\SysWOW64\msinfo32.exe
2011-06-07 09:54:06 ----A---- C:\Windows\SysWOW64\autoconv.exe
2011-06-07 09:54:06 ----A---- C:\Windows\SysWOW64\AudioSes.dll
2011-06-07 09:54:05 ----A---- C:\Windows\SysWOW64\regapi.dll
2011-06-07 09:54:05 ----A---- C:\Windows\SysWOW64\mimefilt.dll
2011-06-07 09:54:05 ----A---- C:\Windows\SysWOW64\ipsmsnap.dll
2011-06-07 09:54:04 ----A---- C:\Windows\SysWOW64\tcpipcfg.dll
2011-06-07 09:54:04 ----A---- C:\Windows\SysWOW64\srchadmin.dll
2011-06-07 09:54:04 ----A---- C:\Windows\SysWOW64\schtasks.exe
2011-06-07 09:54:04 ----A---- C:\Windows\SysWOW64\powercpl.dll
2011-06-07 09:54:04 ----A---- C:\Windows\SysWOW64\eapphost.dll
2011-06-07 09:54:03 ----A---- C:\Windows\SysWOW64\wcncsvc.dll
2011-06-07 09:54:03 ----A---- C:\Windows\SysWOW64\msihnd.dll
2011-06-07 09:54:03 ----A---- C:\Windows\SysWOW64\framedyn.dll
2011-06-07 09:54:02 ----A---- C:\Windows\SysWOW64\QAGENT.DLL
2011-06-07 09:54:02 ----A---- C:\Windows\SysWOW64\mscorier.dll
2011-06-07 09:54:02 ----A---- C:\Windows\SysWOW64\AuxiliaryDisplayCpl.dll
2011-06-07 09:54:01 ----A---- C:\Windows\SysWOW64\netid.dll
2011-06-07 09:54:01 ----A---- C:\Windows\SysWOW64\actxprxy.dll
2011-06-07 09:54:00 ----A---- C:\Windows\SysWOW64\wdc.dll
2011-06-07 09:54:00 ----A---- C:\Windows\SysWOW64\StructuredQuery.dll
2011-06-07 09:54:00 ----A---- C:\Windows\SysWOW64\scesrv.dll
2011-06-07 09:53:59 ----A---- C:\Windows\SysWOW64\untfs.dll
2011-06-07 09:53:59 ----A---- C:\Windows\SysWOW64\rastls.dll
2011-06-07 09:53:58 ----A---- C:\Windows\SysWOW64\wlanpref.dll
2011-06-07 09:53:58 ----A---- C:\Windows\SysWOW64\Vault.dll
2011-06-07 09:53:58 ----A---- C:\Windows\SysWOW64\nci.dll
2011-06-07 09:53:57 ----A---- C:\Windows\SysWOW64\WMNetMgr.dll
2011-06-07 09:53:57 ----A---- C:\Windows\SysWOW64\RpcRtRemote.dll
2011-06-07 09:53:57 ----A---- C:\Windows\SysWOW64\Robocopy.exe
2011-06-07 09:53:57 ----A---- C:\Windows\SysWOW64\licmgr10.dll
2011-06-07 09:53:55 ----A---- C:\Windows\SysWOW64\DxpTaskSync.dll
2011-06-07 09:53:54 ----A---- C:\Windows\SysWOW64\taskmgr.exe
2011-06-07 09:53:54 ----A---- C:\Windows\SysWOW64\Display.dll
2011-06-07 09:53:53 ----A---- C:\Windows\SysWOW64\mtxclu.dll
2011-06-07 09:53:52 ----A---- C:\Windows\SysWOW64\XpsRasterService.dll
2011-06-07 09:53:52 ----A---- C:\Windows\SysWOW64\userinit.exe
2011-06-07 09:53:52 ----A---- C:\Windows\SysWOW64\puiobj.dll
2011-06-07 09:53:51 ----A---- C:\Windows\SysWOW64\termmgr.dll
2011-06-07 09:53:51 ----A---- C:\Windows\SysWOW64\eudcedit.exe
2011-06-07 09:53:49 ----A---- C:\Windows\SysWOW64\wiadefui.dll
2011-06-07 09:53:49 ----A---- C:\Windows\SysWOW64\sppcomapi.dll
2011-06-07 09:53:49 ----A---- C:\Windows\SysWOW64\shsetup.dll
2011-06-07 09:53:49 ----A---- C:\Windows\SysWOW64\rasppp.dll
2011-06-07 09:53:49 ----A---- C:\Windows\SysWOW64\logoncli.dll
2011-06-07 09:53:49 ----A---- C:\Windows\SysWOW64\cabview.dll
2011-06-07 09:53:48 ----A---- C:\Windows\SysWOW64\FirewallControlPanel.dll
2011-06-07 09:53:47 ----A---- C:\Windows\SysWOW64\SensorsCpl.dll
2011-06-07 09:53:46 ----A---- C:\Windows\SysWOW64\themecpl.dll
2011-06-07 09:53:46 ----A---- C:\Windows\SysWOW64\FWPUCLNT.DLL
2011-06-07 09:53:46 ----A---- C:\Windows\SysWOW64\dnscmmc.dll
2011-06-07 09:53:45 ----A---- C:\Windows\SysWOW64\hgcpl.dll
2011-06-07 09:53:43 ----A---- C:\Windows\SysWOW64\tapisrv.dll
2011-06-07 09:53:43 ----A---- C:\Windows\SysWOW64\scecli.dll
2011-06-07 09:53:43 ----A---- C:\Windows\SysWOW64\mscories.dll
2011-06-07 09:53:43 ----A---- C:\Windows\SysWOW64\fontext.dll
2011-06-07 09:53:42 ----A---- C:\Windows\SysWOW64\mscms.dll
2011-06-07 09:53:42 ----A---- C:\Windows\SysWOW64\mprddm.dll
2011-06-07 09:53:42 ----A---- C:\Windows\SysWOW64\localsec.dll
2011-06-07 09:53:41 ----A---- C:\Windows\SysWOW64\iasacct.dll
2011-06-07 09:53:40 ----A---- C:\Windows\SysWOW64\SndVolSSO.dll
2011-06-07 09:53:39 ----A---- C:\Windows\SysWOW64\wlanui.dll
2011-06-07 09:53:39 ----A---- C:\Windows\SysWOW64\VAN.dll
2011-06-07 09:53:39 ----A---- C:\Windows\SysWOW64\usercpl.dll
2011-06-07 09:53:39 ----A---- C:\Windows\SysWOW64\qedit.dll
2011-06-07 09:53:39 ----A---- C:\Windows\SysWOW64\PerfCenterCPL.dll
2011-06-07 09:53:38 ----A---- C:\Windows\SysWOW64\w32tm.exe
2011-06-07 09:53:38 ----A---- C:\Windows\SysWOW64\SndVol.exe
2011-06-07 09:53:38 ----A---- C:\Windows\SysWOW64\qdvd.dll
2011-06-07 09:53:38 ----A---- C:\Windows\SysWOW64\prntvpt.dll
2011-06-07 09:53:38 ----A---- C:\Windows\SysWOW64\netcenter.dll
2011-06-07 09:53:38 ----A---- C:\Windows\SysWOW64\batmeter.dll
2011-06-07 09:53:37 ----A---- C:\Windows\SysWOW64\spwizeng.dll
2011-06-07 09:53:37 ----A---- C:\Windows\SysWOW64\azroleui.dll
2011-06-07 09:53:36 ----A---- C:\Windows\SysWOW64\accessibilitycpl.dll
2011-06-07 09:53:35 ----A---- C:\Windows\SysWOW64\zipfldr.dll
2011-06-07 09:53:35 ----A---- C:\Windows\SysWOW64\MSAC3ENC.DLL
2011-06-07 09:53:35 ----A---- C:\Windows\SysWOW64\fdeploy.dll
2011-06-07 09:53:34 ----A---- C:\Windows\SysWOW64\netjoin.dll
2011-06-07 09:53:34 ----A---- C:\Windows\SysWOW64\cryptui.dll
2011-06-07 09:53:34 ----A---- C:\Windows\SysWOW64\adsldp.dll
2011-06-07 09:53:33 ----A---- C:\Windows\SysWOW64\networkmap.dll
2011-06-07 09:53:33 ----A---- C:\Windows\SysWOW64\Faultrep.dll
2011-06-07 09:53:32 ----A---- C:\Windows\SysWOW64\wusa.exe
2011-06-07 09:53:32 ----A---- C:\Windows\SysWOW64\prnfldr.dll
2011-06-07 09:53:32 ----A---- C:\Windows\SysWOW64\OnLineIDCpl.dll
2011-06-07 09:53:32 ----A---- C:\Windows\SysWOW64\MCEWMDRMNDBootstrap.dll
2011-06-07 09:53:32 ----A---- C:\Windows\SysWOW64\ActionCenter.dll
2011-06-07 09:53:31 ----A---- C:\Windows\SysWOW64\sud.dll
2011-06-07 09:53:31 ----A---- C:\Windows\SysWOW64\photowiz.dll
2011-06-07 09:53:31 ----A---- C:\Windows\SysWOW64\msieftp.dll
2011-06-07 09:53:31 ----A---- C:\Windows\SysWOW64\MediaMetadataHandler.dll
2011-06-07 09:53:31 ----A---- C:\Windows\SysWOW64\credssp.dll
2011-06-07 09:53:30 ----A---- C:\Windows\SysWOW64\iprtrmgr.dll
2011-06-07 09:53:30 ----A---- C:\Windows\SysWOW64\iasrad.dll
2011-06-07 09:53:30 ----A---- C:\Windows\SysWOW64\ftp.exe
2011-06-07 09:53:30 ----A---- C:\Windows\SysWOW64\dot3cfg.dll
2011-06-07 09:53:30 ----A---- C:\Windows\SysWOW64\defaultlocationcpl.dll
2011-06-07 09:53:29 ----A---- C:\Windows\SysWOW64\sisbkup.dll
2011-06-07 09:53:29 ----A---- C:\Windows\SysWOW64\shwebsvc.dll
2011-06-07 09:53:29 ----A---- C:\Windows\SysWOW64\ifsutil.dll
2011-06-07 09:53:29 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2011-06-07 09:53:28 ----A---- C:\Windows\SysWOW64\efscore.dll
2011-06-07 09:53:27 ----A---- C:\Windows\SysWOW64\odbcjt32.dll
2011-06-07 09:53:27 ----A---- C:\Windows\SysWOW64\iesysprep.dll
2011-06-07 09:53:27 ----A---- C:\Windows\SysWOW64\ActionCenterCPL.dll
2011-06-07 09:53:26 ----A---- C:\Windows\SysWOW64\syncui.dll
2011-06-07 09:53:26 ----A---- C:\Windows\SysWOW64\autoplay.dll
2011-06-07 09:53:25 ----A---- C:\Windows\SysWOW64\wmpmde.dll
2011-06-07 09:53:25 ----A---- C:\Windows\SysWOW64\ntlanman.dll
2011-06-07 09:53:25 ----A---- C:\Windows\SysWOW64\dskquoui.dll
2011-06-07 09:53:25 ----A---- C:\Windows\SysWOW64\DeviceCenter.dll
2011-06-07 09:53:24 ----A---- C:\Windows\SysWOW64\rtutils.dll
2011-06-07 09:53:24 ----A---- C:\Windows\SysWOW64\OobeFldr.dll
2011-06-07 09:53:23 ----A---- C:\Windows\SysWOW64\systemcpl.dll
2011-06-07 09:53:23 ----A---- C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2011-06-07 09:53:23 ----A---- C:\Windows\SysWOW64\ntprint.dll
2011-06-07 09:53:23 ----A---- C:\Windows\SysWOW64\nshwfp.dll
2011-06-07 09:53:22 ----A---- C:\Windows\SysWOW64\sethc.exe
2011-06-07 09:53:22 ----A---- C:\Windows\SysWOW64\riched20.dll
2011-06-07 09:53:22 ----A---- C:\Windows\SysWOW64\blackbox.dll
2011-06-07 09:53:21 ----A---- C:\Windows\SysWOW64\wmpsrcwp.dll
2011-06-07 09:53:21 ----A---- C:\Windows\SysWOW64\netplwiz.dll
2011-06-07 09:53:21 ----A---- C:\Windows\SysWOW64\NAPHLPR.DLL
2011-06-07 09:53:21 ----A---- C:\Windows\SysWOW64\migisol.dll
2011-06-07 09:53:21 ----A---- C:\Windows\SysWOW64\fms.dll
2011-06-07 09:53:21 ----A---- C:\Windows\SysWOW64\activeds.dll
2011-06-07 09:53:20 ----A---- C:\Windows\SysWOW64\nshipsec.dll
2011-06-07 09:53:20 ----A---- C:\Windows\SysWOW64\nlaapi.dll
2011-06-07 09:53:20 ----A---- C:\Windows\SysWOW64\httpapi.dll
2011-06-07 09:53:20 ----A---- C:\Windows\SysWOW64\cdosys.dll
2011-06-07 09:53:20 ----A---- C:\Windows\SysWOW64\asycfilt.dll
2011-06-07 09:53:19 ----A---- C:\Windows\SysWOW64\wuwebv.dll
2011-06-07 09:53:19 ----A---- C:\Windows\SysWOW64\wlanmsm.dll
2011-06-07 09:53:19 ----A---- C:\Windows\SysWOW64\wavemsp.dll
2011-06-07 09:53:19 ----A---- C:\Windows\SysWOW64\ReAgent.dll
2011-06-07 09:53:19 ----A---- C:\Windows\SysWOW64\msftedit.dll
2011-06-07 09:53:19 ----A---- C:\Windows\SysWOW64\isoburn.exe
2011-06-07 09:53:18 ----A---- C:\Windows\SysWOW64\tzutil.exe
2011-06-07 09:53:18 ----A---- C:\Windows\SysWOW64\provsvc.dll
2011-06-07 09:53:18 ----A---- C:\Windows\SysWOW64\dsuiext.dll
2011-06-07 09:53:18 ----A---- C:\Windows\SysWOW64\dot3ui.dll
2011-06-07 09:53:18 ----A---- C:\Windows\SysWOW64\dfrgui.exe
2011-06-07 09:53:17 ----A---- C:\Windows\SysWOW64\wvc.dll
2011-06-07 09:53:17 ----A---- C:\Windows\SysWOW64\wtsapi32.dll
2011-06-07 09:53:17 ----A---- C:\Windows\SysWOW64\wimgapi.dll
2011-06-07 09:53:17 ----A---- C:\Windows\SysWOW64\ocsetup.exe
2011-06-07 09:53:17 ----A---- C:\Windows\SysWOW64\KernelBase.dll
2011-06-07 09:53:16 ----A---- C:\Windows\SysWOW64\webcheck.dll
2011-06-07 09:53:16 ----A---- C:\Windows\SysWOW64\twext.dll
2011-06-07 09:53:16 ----A---- C:\Windows\SysWOW64\mstask.dll
2011-06-07 09:53:15 ----A---- C:\Windows\twain_32.dll
2011-06-07 09:53:15 ----A---- C:\Windows\SysWOW64\shdocvw.dll
2011-06-07 09:53:15 ----A---- C:\Windows\SysWOW64\setupugc.exe
2011-06-07 09:53:15 ----A---- C:\Windows\SysWOW64\qcap.dll
2011-06-07 09:53:15 ----A---- C:\Windows\SysWOW64\qasf.dll
2011-06-07 09:53:15 ----A---- C:\Windows\SysWOW64\occache.dll
2011-06-07 09:53:15 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll
2011-06-07 09:53:14 ----A---- C:\Windows\SysWOW64\uxlib.dll
2011-06-07 09:53:14 ----A---- C:\Windows\SysWOW64\slwga.dll
2011-06-07 09:53:14 ----A---- C:\Windows\SysWOW64\msrating.dll
2011-06-07 09:53:13 ----A---- C:\Windows\SysWOW64\msvfw32.dll
2011-06-07 09:53:13 ----A---- C:\Windows\SysWOW64\imgutil.dll
2011-06-07 09:53:12 ----A---- C:\Windows\SysWOW64\WPDShServiceObj.dll
2011-06-07 09:53:12 ----A---- C:\Windows\SysWOW64\wmdrmsdk.dll
2011-06-07 09:53:12 ----A---- C:\Windows\SysWOW64\rpcrt4.dll
2011-06-07 09:53:12 ----A---- C:\Windows\SysWOW64\nslookup.exe
2011-06-07 09:53:12 ----A---- C:\Windows\SysWOW64\mciavi32.dll
2011-06-07 09:53:12 ----A---- C:\Windows\SysWOW64\DevicePairingFolder.dll
2011-06-07 09:53:12 ----A---- C:\Windows\SysWOW64\clusapi.dll
2011-06-07 09:53:12 ----A---- C:\Windows\SysWOW64\audiodev.dll
2011-06-07 09:53:11 ----A---- C:\Windows\SysWOW64\wimserv.exe
2011-06-07 09:53:11 ----A---- C:\Windows\SysWOW64\TSpkg.dll
2011-06-07 09:53:11 ----A---- C:\Windows\SysWOW64\msscp.dll
2011-06-07 09:53:11 ----A---- C:\Windows\SysWOW64\diskraid.exe
2011-06-07 09:53:11 ----A---- C:\Windows\SysWOW64\acppage.dll
2011-06-07 09:53:10 ----A---- C:\Windows\SysWOW64\remotepg.dll
2011-06-07 09:53:10 ----A---- C:\Windows\SysWOW64\rdpencom.dll
2011-06-07 09:53:10 ----A---- C:\Windows\SysWOW64\raschap.dll
2011-06-07 09:53:10 ----A---- C:\Windows\SysWOW64\perfmon.exe
2011-06-07 09:53:10 ----A---- C:\Windows\SysWOW64\drmmgrtn.dll
2011-06-07 09:53:10 ----A---- C:\Windows\bfsvc.exe
2011-06-07 09:53:09 ----A---- C:\Windows\SysWOW64\QUTIL.DLL
2011-06-07 09:53:09 ----A---- C:\Windows\SysWOW64\odbccp32.dll
2011-06-07 09:53:09 ----A---- C:\Windows\SysWOW64\NAPCRYPT.DLL
2011-06-07 09:53:09 ----A---- C:\Windows\SysWOW64\input.dll
2011-06-07 09:53:08 ----A---- C:\Windows\SysWOW64\wmpdxm.dll
2011-06-07 09:53:08 ----A---- C:\Windows\SysWOW64\vpnikeapi.dll
2011-06-07 09:53:08 ----A---- C:\Windows\SysWOW64\UserAccountControlSettings.dll
2011-06-07 09:53:08 ----A---- C:\Windows\SysWOW64\olepro32.dll
2011-06-07 09:53:08 ----A---- C:\Windows\SysWOW64\ocsetapi.dll
2011-06-07 09:53:08 ----A---- C:\Windows\SysWOW64\networkexplorer.dll
2011-06-07 09:53:07 ----A---- C:\Windows\SysWOW64\wpdwcn.dll
2011-06-07 09:53:07 ----A---- C:\Windows\SysWOW64\vdsbas.dll
2011-06-07 09:53:07 ----A---- C:\Windows\SysWOW64\onexui.dll
2011-06-07 09:53:07 ----A---- C:\Windows\SysWOW64\iTVData.dll
2011-06-07 09:53:06 ----A---- C:\Windows\SysWOW64\runonce.exe
2011-06-07 09:53:06 ----A---- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2011-06-07 09:53:06 ----A---- C:\Windows\SysWOW64\msvidc32.dll
2011-06-07 09:53:06 ----A---- C:\Windows\SysWOW64\MFPlay.dll
2011-06-07 09:53:06 ----A---- C:\Windows\SysWOW64\logagent.exe
2011-06-07 09:53:06 ----A---- C:\Windows\SysWOW64\inseng.dll
2011-06-07 09:53:06 ----A---- C:\Windows\SysWOW64\eapp3hst.dll
2011-06-07 09:53:06 ----A---- C:\Windows\SysWOW64\dxdiagn.dll
2011-06-07 09:53:05 ----A---- C:\Windows\SysWOW64\wmdrmdev.dll
2011-06-07 09:53:05 ----A---- C:\Windows\SysWOW64\shacct.dll
2011-06-07 09:53:05 ----A---- C:\Windows\SysWOW64\msiexec.exe
2011-06-07 09:53:05 ----A---- C:\Windows\SysWOW64\d3d10level9.dll
2011-06-07 09:53:04 ----A---- C:\Windows\SysWOW64\wudriver.dll
2011-06-07 09:53:04 ----A---- C:\Windows\SysWOW64\wmpshell.dll
2011-06-07 09:53:04 ----A---- C:\Windows\SysWOW64\unimdmat.dll
2011-06-07 09:53:04 ----A---- C:\Windows\SysWOW64\lsmproxy.dll
2011-06-07 09:53:04 ----A---- C:\Windows\SysWOW64\iscsium.dll
2011-06-07 09:53:04 ----A---- C:\Windows\SysWOW64\bitsadmin.exe
2011-06-07 09:53:03 ----A---- C:\Windows\SysWOW64\sqlcese30.dll
2011-06-07 09:53:03 ----A---- C:\Windows\SysWOW64\rdpd3d.dll
2011-06-07 09:53:03 ----A---- C:\Windows\SysWOW64\pdh.dll
2011-06-07 09:53:03 ----A---- C:\Windows\SysWOW64\OpcServices.dll
2011-06-07 09:53:03 ----A---- C:\Windows\SysWOW64\mprapi.dll
2011-06-07 09:53:03 ----A---- C:\Windows\SysWOW64\cscapi.dll
2011-06-07 09:53:02 ----A---- C:\Windows\SysWOW64\WPDSp.dll
2011-06-07 09:53:02 ----A---- C:\Windows\SysWOW64\tsgqec.dll
2011-06-07 09:53:02 ----A---- C:\Windows\SysWOW64\srvcli.dll
2011-06-07 09:53:02 ----A---- C:\Windows\SysWOW64\QSVRMGMT.DLL
2011-06-07 09:53:02 ----A---- C:\Windows\SysWOW64\PortableDeviceSyncProvider.dll
2011-06-07 09:53:02 ----A---- C:\Windows\SysWOW64\PortableDeviceStatus.dll
2011-06-07 09:53:02 ----A---- C:\Windows\SysWOW64\olethk32.dll
2011-06-07 09:53:02 ----A---- C:\Windows\SysWOW64\odbctrac.dll
2011-06-07 09:53:02 ----A---- C:\Windows\SysWOW64\ncryptui.dll
2011-06-07 09:53:02 ----A---- C:\Windows\SysWOW64\logman.exe
2011-06-07 09:53:01 ----A---- C:\Windows\SysWOW64\WMPhoto.dll
2011-06-07 09:53:01 ----A---- C:\Windows\SysWOW64\mapistub.dll
2011-06-07 09:53:01 ----A---- C:\Windows\SysWOW64\mapi32.dll
2011-06-07 09:53:00 ----A---- C:\Windows\SysWOW64\utildll.dll
2011-06-07 09:53:00 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2011-06-07 09:52:59 ----A---- C:\Windows\SysWOW64\WMADMOD.DLL
2011-06-07 09:52:59 ----A---- C:\Windows\SysWOW64\fphc.dll
2011-06-07 09:52:59 ----A---- C:\Windows\SysWOW64\dot3msm.dll
2011-06-07 09:52:59 ----A---- C:\Windows\SysWOW64\avifil32.dll
2011-06-07 09:52:58 ----A---- C:\Windows\SysWOW64\WMVSDECD.DLL
2011-06-07 09:52:58 ----A---- C:\Windows\SysWOW64\wmdrmnet.dll
2011-06-07 09:52:58 ----A---- C:\Windows\SysWOW64\wiavideo.dll
2011-06-07 09:52:58 ----A---- C:\Windows\SysWOW64\takeown.exe
2011-06-07 09:52:58 ----A---- C:\Windows\SysWOW64\sqmapi.dll
2011-06-07 09:52:58 ----A---- C:\Windows\SysWOW64\iyuv_32.dll
2011-06-07 09:52:57 ----A---- C:\Windows\SysWOW64\sppinst.dll
2011-06-07 09:52:57 ----A---- C:\Windows\SysWOW64\qdv.dll
2011-06-07 09:52:57 ----A---- C:\Windows\SysWOW64\msnetobj.dll
2011-06-07 09:52:57 ----A---- C:\Windows\SysWOW64\imagehlp.dll
2011-06-07 09:52:57 ----A---- C:\Windows\SysWOW64\EhStorAPI.dll
2011-06-07 09:52:56 ----A---- C:\Windows\SysWOW64\sspicli.dll
2011-06-07 09:52:56 ----A---- C:\Windows\SysWOW64\QCLIPROV.DLL
2011-06-07 09:52:56 ----A---- C:\Windows\SysWOW64\msyuv.dll
2011-06-07 09:52:56 ----A---- C:\Windows\SysWOW64\msrle32.dll
2011-06-07 09:52:56 ----A---- C:\Windows\SysWOW64\cmstp.exe
2011-06-07 09:52:56 ----A---- C:\Windows\SysWOW64\cca.dll
2011-06-07 09:52:55 ----A---- C:\Windows\SysWOW64\wsnmp32.dll
2011-06-07 09:52:55 ----A---- C:\Windows\SysWOW64\WMSPDMOD.DLL
2011-06-07 09:52:55 ----A---- C:\Windows\SysWOW64\vfwwdm32.dll
2011-06-07 09:52:55 ----A---- C:\Windows\SysWOW64\setupcln.dll
2011-06-07 09:52:55 ----A-

re,
effectivement la machine est infectée....


Fais ceci,

* Désactive ton Antivirus pour le moment.
* Télécharge Ad-Remover (de C_XX) sur le bureau.

* /!\ Déconnecte-toi et ferme toutes les applications en cours /!\
* Double clic sur le programme pour le lancer...
* Pour Vista et Seven toujours faire un clic droit, et choisir lancer comme administrateur
* Au menu principal choisis l'option "Scanner"

* /!\ Laisse travailler l'outil /!\
* Patiente jusqu'à la fin du scan sans rien faire d'autre sur ton PC.
* Un rapport apparaitra à la fin, poste le sur le forum dans ta réponse.
Si tu ne trouve pas !
(Le rapport est aussi sauvegardé sous C:\Ad-Report-SCAN.log)


ensuite passe à ceci ( avant tu poste le premier rapport )



Passons à la suppression:
-----------------------------------------------------------
* Double clic sur le programme Ad-Remover pour le lancer...
* Pour Vista et Seven toujours faire un clic droit, et choisir lancer comme administrateur
* Au menu principal choisis l'option "Nettoyer"

* /!\ Laisse travailler l'outil /!\
* Patiente jusqu'à la fin du scan sans rien faire d'autre sur ton PC.

* Un rapport apparaitra à la fin, poste le sur le forum dans ta réponse.
Si tu ne trouve pas !
(Le rapport est aussi sauvegardé sous C:\Ad-Report-SCAN.log)

comme d'hab je trouve pas le info.txt

re, pas de souci j'ai repéré l'infection passe à l'action...

voilà le rapport ad remover. j'attends ton feu vert pour faire la suppression

======= RAPPORT D'AD-REMOVER 2.0.0.2,E | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 08/02/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [8]) -> Lancé à 09:22:40 le 30/06/2011, Mode normal

Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64)
jf@JF-PC (Hewlett-Packard HP Pavilion dv7 Notebook PC)

============== RECHERCHE ==============





============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [5.0 (fr)] ****

HKLM_MozillaPlugins\Adobe Reader (x)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
Extensions\belgiumeid@eid.belgium.be (eID België)
HKLM_Extensions|otis@digitalpersona.com - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
HKLM_Extensions|belgiumeid@eid.belgium.be - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be (x)

-- C:\Users\jf\AppData\Roaming\Mozilla\FireFox\Profiles\mimfv6up.default --
Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} (Vuze Remote Community Toolbar)
Extensions\{d1a1c8f1-e3d9-48df-802f-20201061ef61} (Messenger Plus Live Belgium Community Toolbar)
Prefs.js - browser.download.lastDir, I:\\Nouveau dossier\\lol
Prefs.js - browser.startup.homepage, hxxps://www.google.be
Prefs.js - browser.startup.homepage_override.buildID, 20110615151330
Prefs.js - browser.startup.homepage_override.mstone, rv:5.0

-- C:\Users\cathy\AppData\Roaming\Mozilla\FireFox\Profiles\fmph1iz1.default --
Prefs.js - browser.download.lastDir, C:\\Users\\cathy\\Pictures\\chat email
Prefs.js - browser.startup.homepage_override.buildID, 20110615151330
Prefs.js - browser.startup.homepage_override.mstone, rv:5.0

========================================

**** Internet Explorer Version [8.0.7601.17514] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{d1a1c8f1-e3d9-48df-802f-20201061ef61} - "Messenger Plus Live Belgium Toolbar" (C:\Program Files (x86)\Messenger_Plus_Live_Belgium\tbMes1.dll)
HKCU_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} (x)
HKLM_URLSearchHooks|{d1a1c8f1-e3d9-48df-802f-20201061ef61} - "Messenger Plus Live Belgium Toolbar" (C:\Program Files (x86)\Messenger_Plus_Live_Belgium\tbMes1.dll)
HKCU_Toolbar\WebBrowser|{D1A1C8F1-E3D9-48DF-802F-20201061EF61} (C:\Program Files (x86)\Messenger_Plus_Live_Belgium\tbMes1.dll)
HKCU_Toolbar\WebBrowser|{BA14329E-9550-4989-B3F2-9732E92D17CC} (x)
HKLM_Toolbar|{d1a1c8f1-e3d9-48df-802f-20201061ef61} (C:\Program Files (x86)\Messenger_Plus_Live_Belgium\tbMes1.dll)
HKLM_ElevationPolicy\00dcadab-5473-4e1f-850e-d2c86681ec75 - C:\Program Files (x86)\Messenger_Plus_Live_Belgium\Messenger_Plus_Live_BelgiumToolbarHelper.exe (?)
HKLM_ElevationPolicy\d85bc1fd-daaf-491e-861a-706a1126db18 - C:\Program Files (x86)\Messenger_Plus_Live_Belgium\Messenger_Plus_Live_BelgiumToolbarHelper.exe (?)
HKLM_ElevationPolicy\fe78f200-b00a-486b-89f0-0b4b6d417fd1 - C:\Program Files (x86)\Vuze_Remote\Vuze_RemoteToolbarHelper.exe (x)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
HKLM_Extensions\{0000036B-C524-4050-81A0-243669A86B9F} - "@C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600" (C:\Program Files (x86)\Windows Live\Companion\companionres.dll,200)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "Envoyer à Bluetooth" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)
BHO\{395610AE-C624-4f58-B89E-23733EA00F9A} - "HP SimplePass Identity Protection Extension" (C:\Program Files (x86)\DigitalPersona\Bin\dpotspluginie8.dll)
BHO\{53707962-6F74-2D53-2644-206D7942484F} - "Spybot-S&D IE Protection" (C:\PROGRA~2\SPYBOT~1\SDHelper.dll)
BHO\{9FDDE16B-836F-4806-AB1F-1455CBEFF289} - "Windows Live Messenger Companion Helper" (C:\Program Files (x86)\Windows Live\Companion\companioncore.dll)
BHO\{d1a1c8f1-e3d9-48df-802f-20201061ef61} - "Messenger Plus Live Belgium Toolbar" (C:\Program Files (x86)\Messenger_Plus_Live_Belgium\tbMes1.dll)

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 141 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 110 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 10/02/2011 (7591 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 27/02/2011 (5120 Octet(s))
C:\Ad-Report-CLEAN[3].txt - 11/03/2011 (5233 Octet(s))
C:\Ad-Report-CLEAN[4].txt - 11/04/2011 (5358 Octet(s))
C:\Ad-Report-CLEAN[5].txt - 27/04/2011 (5471 Octet(s))
C:\Ad-Report-CLEAN[6].txt - 17/05/2011 (11216 Octet(s))
C:\Ad-Report-CLEAN[7].txt - 28/06/2011 (6188 Octet(s))
C:\Ad-Report-SCAN[1].txt - 10/02/2011 (7897 Octet(s))
C:\Ad-Report-SCAN[2].txt - 11/03/2011 (5131 Octet(s))
C:\Ad-Report-SCAN[3].txt - 11/04/2011 (5256 Octet(s))
C:\Ad-Report-SCAN[4].txt - 27/04/2011 (5369 Octet(s))
C:\Ad-Report-SCAN[5].txt - 16/05/2011 (10990 Octet(s))
C:\Ad-Report-SCAN[6].txt - 16/05/2011 (11047 Octet(s))
C:\Ad-Report-SCAN[7].txt - 28/06/2011 (6085 Octet(s))
C:\Ad-Report-SCAN[8].txt - 30/06/2011 (6067 Octet(s))

Fin à: 09:23:34, 30/06/2011

============== E.O.F ==============

re,


Ensuite fais ceci:
Télécharge Malwarebytes' Anti-Malware (MBAM)

[*] Double clique sur le fichier téléchargé pour lancer le processus d'installation.
[*] Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
[*] Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
[*] Sélectionne "Exécuter un examen rapide"
[*] Clique sur "Rechercher"
[*] L'analyse démarre, le scan est relativement long, c'est normal.
[*] A la fin de l'analyse, un message s'affiche :


Citation

L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.


Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
[*] Ferme tes navigateurs.
[*] Si des malwares ont été détectés, clique sur Afficher les résultats.
Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
[*] MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.

ps:
--->aide visuelle sur Mbam ici

voila le rapport malware

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Version de la base de données: 6991

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

1/07/2011 11:14:41
mbam-log-2011-07-01 (11-14-30).txt

Type d'examen: Examen complet (C:\|D:\|E:\|F:\|G:\|)
Elément(s) analysé(s): 460523
Temps écoulé: 1 heure(s), 29 minute(s), 33 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 4

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{LHGU36O1-R534-22SH-GRVR-70457FS384N6} (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{LHGU36O1-R534-22SH-GRVR-70457FS384N6} (Trojan.Agent) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Java (Trojan.Agent) -> Value: Java -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Po licies (Trojan.Agent) -> Value: Policies -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows (Trojan.Agent) -> Value: windows -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Pol icies (Trojan.Agent) -> Value: Policies -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\program files (x86)\Steam\mw2-spring2011-fix.exe (Trojan.Downloader) -> No action taken.
c:\Users\jf\downloads\mw2-spring2011-fix.exe (Trojan.Downloader) -> No action taken.
c:\Windows\System32\temp\windows.exe (Trojan.Agent) -> No action taken.
c:\Windows\SysWOW64\temp\windows.exe (Trojan.Agent) -> No action taken.

re,
je vois ceci No action taken.
fais la désinfection.....

désolé j'ai posté le rapport d'avant désinfection mais je l'ai faite après

re,
ok refais un scan avec l'outil et poste moi le rapport...même s'il n'y a rien de détecté

voilà le scan

======= RAPPORT D'AD-REMOVER 2.0.0.2,E | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 08/02/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [9]) -> Lancé à 10:57:37 le 03/07/2011, Mode normal

Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64)
jf@JF-PC (Hewlett-Packard HP Pavilion dv7 Notebook PC)

============== RECHERCHE ==============


Dossier trouvé: C:\Program Files (x86)\FunWebProducts

Clé trouvée: HKLM\Software\FunWebProducts
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [5.0 (fr)] ****

HKLM_MozillaPlugins\Adobe Reader (x)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
Extensions\belgiumeid@eid.belgium.be (eID België)
HKLM_Extensions|otis@digitalpersona.com - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
HKLM_Extensions|belgiumeid@eid.belgium.be - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be (x)

-- C:\Users\jf\AppData\Roaming\Mozilla\FireFox\Profiles\mimfv6up.default --
Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} (Vuze Remote Community Toolbar)
Extensions\{d1a1c8f1-e3d9-48df-802f-20201061ef61} (Messenger Plus Live Belgium Community Toolbar)
Prefs.js - browser.download.lastDir, C:\\Users\\jf\\Desktop\\x
Prefs.js - browser.startup.homepage, hxxps://www.google.be
Prefs.js - browser.startup.homepage_override.buildID, 20110615151330
Prefs.js - browser.startup.homepage_override.mstone, rv:5.0

-- C:\Users\cathy\AppData\Roaming\Mozilla\FireFox\Profiles\fmph1iz1.default --
Prefs.js - browser.download.lastDir, C:\\Users\\cathy\\Pictures\\chat email
Prefs.js - browser.startup.homepage_override.buildID, 20110615151330
Prefs.js - browser.startup.homepage_override.mstone, rv:5.0

========================================

**** Internet Explorer Version [8.0.7601.17514] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{d1a1c8f1-e3d9-48df-802f-20201061ef61} - "Messenger Plus Live Belgium Toolbar" (C:\Program Files (x86)\Messenger_Plus_Live_Belgium\tbMes1.dll)
HKCU_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} (x)
HKLM_URLSearchHooks|{d1a1c8f1-e3d9-48df-802f-20201061ef61} - "Messenger Plus Live Belgium Toolbar" (C:\Program Files (x86)\Messenger_Plus_Live_Belgium\tbMes1.dll)
HKCU_Toolbar\WebBrowser|{D1A1C8F1-E3D9-48DF-802F-20201061EF61} (C:\Program Files (x86)\Messenger_Plus_Live_Belgium\tbMes1.dll)
HKCU_Toolbar\WebBrowser|{BA14329E-9550-4989-B3F2-9732E92D17CC} (x)
HKLM_Toolbar|{d1a1c8f1-e3d9-48df-802f-20201061ef61} (C:\Program Files (x86)\Messenger_Plus_Live_Belgium\tbMes1.dll)
HKLM_ElevationPolicy\00dcadab-5473-4e1f-850e-d2c86681ec75 - C:\Program Files (x86)\Messenger_Plus_Live_Belgium\Messenger_Plus_Live_BelgiumToolbarHelper.exe (?)
HKLM_ElevationPolicy\d85bc1fd-daaf-491e-861a-706a1126db18 - C:\Program Files (x86)\Messenger_Plus_Live_Belgium\Messenger_Plus_Live_BelgiumToolbarHelper.exe (?)
HKLM_ElevationPolicy\fe78f200-b00a-486b-89f0-0b4b6d417fd1 - C:\Program Files (x86)\Vuze_Remote\Vuze_RemoteToolbarHelper.exe (x)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
HKLM_Extensions\{0000036B-C524-4050-81A0-243669A86B9F} - "@C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600" (C:\Program Files (x86)\Windows Live\Companion\companionres.dll,200)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "Envoyer à Bluetooth" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)
BHO\{395610AE-C624-4f58-B89E-23733EA00F9A} - "HP SimplePass Identity Protection Extension" (C:\Program Files (x86)\DigitalPersona\Bin\dpotspluginie8.dll)
BHO\{53707962-6F74-2D53-2644-206D7942484F} - "Spybot-S&D IE Protection" (C:\PROGRA~2\SPYBOT~1\SDHelper.dll)
BHO\{9FDDE16B-836F-4806-AB1F-1455CBEFF289} - "Windows Live Messenger Companion Helper" (C:\Program Files (x86)\Windows Live\Companion\companioncore.dll)
BHO\{d1a1c8f1-e3d9-48df-802f-20201061ef61} - "Messenger Plus Live Belgium Toolbar" (C:\Program Files (x86)\Messenger_Plus_Live_Belgium\tbMes1.dll)

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 141 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 111 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 10/02/2011 (7591 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 27/02/2011 (5120 Octet(s))
C:\Ad-Report-CLEAN[3].txt - 11/03/2011 (5233 Octet(s))
C:\Ad-Report-CLEAN[4].txt - 11/04/2011 (5358 Octet(s))
C:\Ad-Report-CLEAN[5].txt - 27/04/2011 (5471 Octet(s))
C:\Ad-Report-CLEAN[6].txt - 17/05/2011 (11216 Octet(s))
C:\Ad-Report-CLEAN[7].txt - 28/06/2011 (6188 Octet(s))
C:\Ad-Report-SCAN[1].txt - 10/02/2011 (7897 Octet(s))
C:\Ad-Report-SCAN[2].txt - 11/03/2011 (5131 Octet(s))
C:\Ad-Report-SCAN[3].txt - 11/04/2011 (5256 Octet(s))
C:\Ad-Report-SCAN[4].txt - 27/04/2011 (5369 Octet(s))
C:\Ad-Report-SCAN[5].txt - 16/05/2011 (10990 Octet(s))
C:\Ad-Report-SCAN[6].txt - 16/05/2011 (11047 Octet(s))
C:\Ad-Report-SCAN[7].txt - 28/06/2011 (6085 Octet(s))
C:\Ad-Report-SCAN[8].txt - 30/06/2011 (6196 Octet(s))
C:\Ad-Report-SCAN[9].txt - 03/07/2011 (6338 Octet(s))

Fin à: 10:58:40, 03/07/2011

============== E.O.F ==============

Supression
================

* Double clic sur le programme Ad-Remover pour le lancer...
* Pour Vista et Seven toujours faire un clic droit, et choisir lancer comme administrateur
* Au menu principal choisis l'option "Nettoyer"

* /!\ Laisse travailler l'outil /!\
* Patiente jusqu'à la fin du scan sans rien faire d'autre sur ton PC.

* Un rapport apparaitra à la fin, poste le sur le forum dans ta réponse.
Si tu ne trouve pas !
(Le rapport est aussi sauvegardé sous C:\Ad-Report-SCAN.log)

voilà

======= RAPPORT D'AD-REMOVER 2.0.0.2,E | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 08/02/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [8]) -> Lancé à 18:02:34 le 03/07/2011, Mode normal

Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64)
jf@JF-PC (Hewlett-Packard HP Pavilion dv7 Notebook PC)

============== ACTION(S) ==============


Dossier supprimé: C:\Program Files (x86)\FunWebProducts

(!) -- Fichiers temporaires supprimés.


Clé supprimée: HKLM\Software\FunWebProducts
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [5.0 (fr)] ****

HKLM_MozillaPlugins\Adobe Reader (x)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
Extensions\belgiumeid@eid.belgium.be (eID België)
HKLM_Extensions|otis@digitalpersona.com - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
HKLM_Extensions|belgiumeid@eid.belgium.be - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be (x)

-- C:\Users\jf\AppData\Roaming\Mozilla\FireFox\Profiles\mimfv6up.default --
Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} (Vuze Remote Community Toolbar)
Extensions\{d1a1c8f1-e3d9-48df-802f-20201061ef61} (Messenger Plus Live Belgium Community Toolbar)
Prefs.js - browser.download.lastDir, C:\\Users\\jf\\Desktop\\x
Prefs.js - browser.startup.homepage, hxxps://www.google.be
Prefs.js - browser.startup.homepage_override.buildID, 20110615151330
Prefs.js - browser.startup.homepage_override.mstone, rv:5.0

-- C:\Users\cathy\AppData\Roaming\Mozilla\FireFox\Profiles\fmph1iz1.default --
Prefs.js - browser.download.lastDir, C:\\Users\\cathy\\Pictures\\chat email
Prefs.js - browser.startup.homepage_override.buildID, 20110615151330
Prefs.js - browser.startup.homepage_override.mstone, rv:5.0

========================================

**** Internet Explorer Version [8.0.7601.17514] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{d1a1c8f1-e3d9-48df-802f-20201061ef61} - "Messenger Plus Live Belgium Toolbar" (C:\Program Files (x86)\Messenger_Plus_Live_Belgium\tbMes1.dll)
HKCU_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} (x)
HKLM_URLSearchHooks|{d1a1c8f1-e3d9-48df-802f-20201061ef61} - "Messenger Plus Live Belgium Toolbar" (C:\Program Files (x86)\Messenger_Plus_Live_Belgium\tbMes1.dll)
HKCU_Toolbar\WebBrowser|{D1A1C8F1-E3D9-48DF-802F-20201061EF61} (C:\Program Files (x86)\Messenger_Plus_Live_Belgium\tbMes1.dll)
HKCU_Toolbar\WebBrowser|{BA14329E-9550-4989-B3F2-9732E92D17CC} (x)
HKLM_Toolbar|{d1a1c8f1-e3d9-48df-802f-20201061ef61} (C:\Program Files (x86)\Messenger_Plus_Live_Belgium\tbMes1.dll)
HKLM_ElevationPolicy\00dcadab-5473-4e1f-850e-d2c86681ec75 - C:\Program Files (x86)\Messenger_Plus_Live_Belgium\Messenger_Plus_Live_BelgiumToolbarHelper.exe (?)
HKLM_ElevationPolicy\d85bc1fd-daaf-491e-861a-706a1126db18 - C:\Program Files (x86)\Messenger_Plus_Live_Belgium\Messenger_Plus_Live_BelgiumToolbarHelper.exe (?)
HKLM_ElevationPolicy\fe78f200-b00a-486b-89f0-0b4b6d417fd1 - C:\Program Files (x86)\Vuze_Remote\Vuze_RemoteToolbarHelper.exe (x)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
HKLM_Extensions\{0000036B-C524-4050-81A0-243669A86B9F} - "@C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600" (C:\Program Files (x86)\Windows Live\Companion\companionres.dll,200)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "Envoyer à Bluetooth" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)
BHO\{395610AE-C624-4f58-B89E-23733EA00F9A} - "HP SimplePass Identity Protection Extension" (C:\Program Files (x86)\DigitalPersona\Bin\dpotspluginie8.dll)
BHO\{53707962-6F74-2D53-2644-206D7942484F} - "Spybot-S&D IE Protection" (C:\PROGRA~2\SPYBOT~1\SDHelper.dll)
BHO\{9FDDE16B-836F-4806-AB1F-1455CBEFF289} - "Windows Live Messenger Companion Helper" (C:\Program Files (x86)\Windows Live\Companion\companioncore.dll)
BHO\{d1a1c8f1-e3d9-48df-802f-20201061ef61} - "Messenger Plus Live Belgium Toolbar" (C:\Program Files (x86)\Messenger_Plus_Live_Belgium\tbMes1.dll)

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 142 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 126 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 10/02/2011 (7591 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 27/02/2011 (5120 Octet(s))
C:\Ad-Report-CLEAN[3].txt - 11/03/2011 (5233 Octet(s))
C:\Ad-Report-CLEAN[4].txt - 11/04/2011 (5358 Octet(s))
C:\Ad-Report-CLEAN[5].txt - 27/04/2011 (5471 Octet(s))
C:\Ad-Report-CLEAN[6].txt - 17/05/2011 (11216 Octet(s))
C:\Ad-Report-CLEAN[7].txt - 28/06/2011 (6188 Octet(s))
C:\Ad-Report-CLEAN[8].txt - 03/07/2011 (5939 Octet(s))
C:\Ad-Report-SCAN[1].txt - 10/02/2011 (7897 Octet(s))
C:\Ad-Report-SCAN[2].txt - 11/03/2011 (5131 Octet(s))
C:\Ad-Report-SCAN[3].txt - 11/04/2011 (5256 Octet(s))
C:\Ad-Report-SCAN[4].txt - 27/04/2011 (5369 Octet(s))
C:\Ad-Report-SCAN[5].txt - 16/05/2011 (10990 Octet(s))
C:\Ad-Report-SCAN[6].txt - 16/05/2011 (11047 Octet(s))
C:\Ad-Report-SCAN[7].txt - 28/06/2011 (6085 Octet(s))
C:\Ad-Report-SCAN[8].txt - 30/06/2011 (6196 Octet(s))
C:\Ad-Report-SCAN[9].txt - 03/07/2011 (6467 Octet(s))

Fin à: 18:03:59, 03/07/2011

============== E.O.F ==============