Se connecter / S'enregistrer
Votre question

Virus Lancé.Que Faire ?

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
16 Janvier 2010 16:33:13

Bonjour je viens d'ouvrir un .exe que je n'aurai pas du ouvrir ^^ Je suis donc infecté je le sais car j'ai directement fais CTRL+ALT+SUPPR Et le Gestionnaire des taches est verouillé,J'essaye de modifer le registre et la "Registre verouillé par l'administrateur"
Je dois agir vite avant que le hijacker fasse quelque chose
Voulez vous un rapport Hjack this ? Je suis en scan de Spybot la..
Aidez moi vite please merci =)

Autres pages sur : virus lance

16 Janvier 2010 17:28:23

Salut! Déjà oublie spybot, c'est dépassé! :clin: 

Ensuite fais ça:

Télécharge sur le bureau « RSIT »
* Double-clic dessus
(Avec VISTA > clic-droit et > Exécuter en tant qu'administrateur)
* Laisser « 1 month »
* Cliquer sur « Continue »
* À la fin du scan 2 rapports sont créés: « log.txt » et « info.txt »
* Copier/coller les deux rapports dans la réponse
** Note: les rapports se situent aussi dans « C:\rsit\log.txt » et « C:\rsit\info.txt »
16 Janvier 2010 19:56:13

Alors voila le LOG :

Logfile of random's system information tool 1.06 (written by random/random)
Run by AUDREY at 2010-01-16 19:53:36
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 41 MB (0%) free of 10 GB
Total RAM: 2047 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:53:48, on 16/01/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
F:\Avira\AntiVir Desktop\sched.exe
F:\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\AUDREY\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
F:\JEUX\iTunesHelper.exe
F:\Avira\AntiVir Desktop\avgnt.exe
F:\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\EoRezo\eorezo.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
F:\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\WINDOWS\system32\ctfmon.exe
F:\steam\steam.exe
C:\Program Files\USB TV\EM28XX\BDARemote.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
F:\No-IP\DUC20.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
F:\Spybot - Search & Destroy\SpybotSD.exe
F:\Mumble\mumble.exe
F:\Mumble\dbus-daemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\AUDREY\Bureau\RSIT.exe
C:\Program Files\trend micro\AUDREY.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par IE 8 FOURNI PAR 01NET.COM
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\apocalyps32.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: EOBHO - {C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} - C:\Program Files\EoRezo\EoRezoBHO.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll
O3 - Toolbar: Lphant MediaBar - {7FED05BE-14FB-4A41-B0D9-79ABBC36FEE4} - C:\Program Files\Lphant Applications\Lphant MediaBar\LphantMediaBar.dll (file missing)
O4 - HKLM\..\Run: [helpr] C:\Program Files\SETI\helper.exe -loader -nolog
O4 - HKLM\..\Run: [Auto EPSON Stylus DX4200 Series sur PC] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /P38 "Auto EPSON Stylus DX4200 Series sur PC" /O15 "\\PC\Imprimante" /M "Stylus DX4200"
O4 - HKLM\..\Run: [SoftwareHelper] C:\Documents and Settings\AUDREY\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
O4 - HKLM\..\Run: [MP10_EnsureFileVer] C:\WINDOWS\inf\unregmp2.exe /EnsureFileVersions
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [poisont] C:\WINDOWS\system32\miro.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWA-110] F:\pictures\AirGCFG.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "F:\JEUX\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "F:\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Security center] C:\WINDOWS\crss.exe
O4 - HKLM\..\Run: [apocalyps32] C:\WINDOWS\apocalyps32.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [eorezo] "C:\Program Files\EoRezo\eorezo.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Steam] "f:\steam\steam.exe" -silent
O4 - HKCU\..\Run: [ewyescy] c:\documents and settings\audrey\local settings\application data\ewyescy.exe ewyescy
O4 - HKCU\..\Run: [aywcsgk] c:\documents and settings\audrey\local settings\application data\aywcsgk.exe aywcsgk
O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [HKCU] C:\WINDOWS\system32\install\server.exe
O4 - HKLM\..\Policies\Explorer\Run: [Policies] C:\WINDOWS\system32\install\server.exe
O4 - HKCU\..\Policies\Explorer\Run: [Policies] C:\WINDOWS\system32\install\server.exe
O4 - HKUS\S-1-5-21-796845957-789336058-1801674531-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Administrateur')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: LimeWire On Startup.lnk = F:\LimeWire\LimeWire.exe
O4 - Startup: No-IP DUC.lnk = F:\No-IP\DUC20.exe
O4 - Global Startup: BDARemote.lnk = C:\Program Files\USB TV\EM28XX\BDARemote.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - F:\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - F:\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - F:\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - F:\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Service Google Update (gupdate1ca22a68e98e702) (gupdate1ca22a68e98e702) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 12784 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2007-11-06 322880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7009fcd4-05be-44f4-9583-93fe419ab7b0}]
Multi Media France Toolbar - C:\Program Files\Multi_Media_France\tbMul0.dll [2009-11-03 2166296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-06-20 669168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}]
EOBHO Class - C:\Program Files\EoRezo\EoRezoBHO.dll [2009-11-11 221184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7009fcd4-05be-44f4-9583-93fe419ab7b0} - Multi Media France Toolbar - C:\Program Files\Multi_Media_France\tbMul0.dll [2009-11-03 2166296]
{7FED05BE-14FB-4A41-B0D9-79ABBC36FEE4} - Lphant MediaBar - C:\Program Files\Lphant Applications\Lphant MediaBar\LphantMediaBar.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"helpr"=C:\Program Files\SETI\helper.exe -loader -nolog []
"Auto EPSON Stylus DX4200 Series sur PC"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /P38 Auto EPSON Stylus DX4200 Series sur PC /O15 \\PC\Imprimante /M Stylus DX4200 []
"EoEngine"= []
"SoftwareHelper"=C:\Documents and Settings\AUDREY\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe [2008-12-09 368224]
"MP10_EnsureFileVer"=C:\WINDOWS\inf\unregmp2.exe [2004-08-05 208896]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
"poisont"=C:\WINDOWS\system32\miro.exe []
"ANIWZCS2Service"=C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [2007-01-19 49152]
"D-Link D-Link Wireless G DWA-110"=F:\pictures\AirGCFG.exe []
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
"iTunesHelper"=F:\JEUX\iTunesHelper.exe [2009-07-13 292128]
"avgnt"=F:\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"Security center"=C:\WINDOWS\crss [2010-01-13 181154]
"apocalyps32"=C:\WINDOWS\apocalyps32.exe []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-02-25 61440]
"eorezo"=C:\Program Files\EoRezo\eorezo.exe [2009-11-12 622592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Policies"=C:\WINDOWS\system32\install\server.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-10-01 68856]
"Steam"=f:\steam\steam.exe [2009-12-06 1217808]
"ewyescy"=c:\documents and settings\audrey\local settings\application data\ewyescy.exe ewyescy []
"aywcsgk"=c:\documents and settings\audrey\local settings\application data\aywcsgk.exe aywcsgk []
"SpybotSD TeaTimer"=F:\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
"HKCU"=C:\WINDOWS\system32\install\server.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Policies"=C:\WINDOWS\system32\install\server.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative Detector U]
F:\zencreativ\CTDetctu.exe /R []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSyncU.exe]
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EasyPHP]
E:\EasyPHP1-8\EasyPHP.exe [2003-10-07 151552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4200 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /P26 EPSON Stylus DX4200 Series /O6 USB001 /M Stylus DX4200 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\geyyfrz]
c:\documents and settings\audrey\local settings\application data\geyyfrz.exe geyyfrz []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
F:\Itunes\iTunesHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
C:\Program Files\Logitech\Video\ManifestEngine.exe boot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
C:\Program Files\Logitech\Video\ISStart.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
C:\Program Files\Logitech\Video\LogiTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
C:\WINDOWS\system32\LVCOMSX.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MagicHoldem]
E:\SuMagic.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MtdAcqu]
F:\zencreativ\MtdAcqu.exe /s []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nTrayFw]
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe [2005-01-13 266240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OoPDFSettingsv6.exe]
C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]
C:\Program Files\Winamp Remote\bin\OrbTray.exe /background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
F:\nokia6670\Nokia PC Suite 6\LaunchApplication.exe -startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealSchedule]
C:\DOCUME~1\AUDREY\LOCALS~1\realsched.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2007-07-05 16380416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2007-06-15 1826816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSTray]
F:\p260\SMSTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-10-01 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS11 Preload]
F:\GUILD WARS\uvPL.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
F:\Msn Amp\Winamp\winampa.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^OFFICE One Clock v6.5.lnk]
C:\PROGRA~1\OFFICE~1.5\OF65D1~1\OONECL~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^OFFICE One Notes v6.5.lnk]
C:\PROGRA~1\OFFICE~1.5\OF3E06~1\OONOTE~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk]
C:\PROGRA~1\Google\GOOGLE~1\GOOGLE~1.EXE [2009-03-23 161776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WG111v2 Smart Wizard Wireless Setting.lnk]
C:\PROGRA~1\NETGEAR\WG111V~1\RtlWake.exe [2005-04-15 745472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^AUDREY^Menu Démarrer^Programmes^Démarrage^Magic Holdem.lnk]
E:\MagicHoldem.exe startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^AUDREY^Menu Démarrer^Programmes^Démarrage^Xfire.lnk]
F:\Xfire\xfire.exe []

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
BDARemote.lnk - C:\Program Files\USB TV\EM28XX\BDARemote.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Documents and Settings\AUDREY\Menu Démarrer\Programmes\Démarrage
LimeWire On Startup.lnk - F:\LimeWire\LimeWire.exe
No-IP DUC.lnk - F:\No-IP\DUC20.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-05-12 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=1
"DisableTaskMgr"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe"="C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server"
"F:\Chess Master\game.exe"="F:\Chess Master\game.exe:*:Enabled:Chessmaster 10ème Edition"
"F:\nero\Nero 7\Nero Home\NeroHome.exe"="F:\nero\Nero 7\Nero Home\NeroHome.exe:*:D isabled:Nero Home"
"F:\Rise Of Nations\rise.exe"="F:\Rise Of Nations\rise.exe:*:D isabled:Rise of Nations"
"F:\WoW-2.0.0-frFR-Installer-downloader.exe"="F:\WoW-2.0.0-frFR-Installer-downloader.exe:*:Enabled:Blizzard Downloader"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"E:\eMule\emule.exe"="E:\eMule\emule.exe:*:Enabled:eMule"
"F:\msn creative\msnmsgr.exe"="F:\msn creative\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"F:\incoming2\jeux\[PC Game] Counter Strike - Condition Zero\cz\hltv.exe"="F:\incoming2\jeux\[PC Game] Counter Strike - Condition Zero\cz\hltv.exe:*:Enabled:HLTV Launcher"
"F:\CS\hl.exe"="F:\CS\hl.exe:*:Enabled:Half-Life Launcher"
"F:\Xfire\xfire.exe"="F:\Xfire\xfire.exe:*:Enabled:Xfire"
"F:\Steam\SteamApps\619_max\counter-strike\hl.exe"="F:\Steam\SteamApps\619_max\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"F:\Steam\SteamApps\619_max\ricochet\hl.exe"="F:\Steam\SteamApps\619_max\ricochet\hl.exe:*:Enabled:Half-Life Launcher"
"F:\Steam\SteamApps\619_max\condition zero deleted scenes\hl.exe"="F:\Steam\SteamApps\619_max\condition zero deleted scenes\hl.exe:*:Enabled:Half-Life Launcher"
"F:\Steam\SteamApps\619_max\deathmatch classic\hl.exe"="F:\Steam\SteamApps\619_max\deathmatch classic\hl.exe:*:Enabled:Half-Life Launcher"
"F:\WinMX\WinMX.exe"="F:\WinMX\WinMX.exe:*:Enabled:WinMX"
"F:\Steam\SteamApps\619_max\day of defeat\hl.exe"="F:\Steam\SteamApps\619_max\day of defeat\hl.exe:*:Enabled:Half-Life Launcher"
"F:\CS Bot\hl.exe"="F:\CS Bot\hl.exe:*:Enabled:Half-Life Launcher"
"F:\CS Bot\hltv.exe"="F:\CS Bot\hltv.exe:*:Enabled:HLTV Launcher"
"F:\Wolfenstein - Enemy Territory\ET.exe"="F:\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET"
"F:\Serveur Cs\hlds.exe"="F:\Serveur Cs\hlds.exe:*:Enabled:HLDS Launcher"
"F:\Serveur Cs\hltv.exe"="F:\Serveur Cs\hltv.exe:*:Enabled:HLTV Launcher"
"F:\POD BOT\hl.exe"="F:\POD BOT\hl.exe:*:Enabled:Half-Life Launcher"
"F:\No Steam\Valve\CStrike_1.6\hl.exe"="F:\No Steam\Valve\CStrike_1.6\hl.exe:*:Enabled:Half-Life Launcher"
"F:\S2SaTstrat\stratplanner.exe"="F:\S2SaTstrat\stratplanner.exe:*:Enabled:stratplanner"
"F:\No steam\Valve\CStrike_1.6\hlds.exe"="F:\No steam\Valve\CStrike_1.6\hlds.exe:*:Enabled:HLDS Launcher"
"F:\Steam\steam.exe"="F:\Steam\steam.exe:*:Enabled:Steam"
"F:\Incoming\Counter-Strike 1.6 (CS) 300 Maps New models Nice Bot 2.0(by ind1go=)\Counter-Strike 1.6 models by Ind1go (Maps300)\CS\hl.exe"="F:\Incoming\Counter-Strike 1.6 (CS) 300 Maps New models Nice Bot 2.0(by ind1go=)\Counter-Strike 1.6 models by Ind1go (Maps300)\CS\hl.exe:*:Enabled:Half-Life Launcher"
"F:\Incoming\Counter-Strike 1.6 (CS) 300 Maps New models Nice Bot 2.0(by ind1go=)\Counter-Strike 1.6 models by Ind1go (Maps300)\CS\hlds.exe"="F:\Incoming\Counter-Strike 1.6 (CS) 300 Maps New models Nice Bot 2.0(by ind1go=)\Counter-Strike 1.6 models by Ind1go (Maps300)\CS\hlds.exe:*:Enabled:HLDS Launcher"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Motorola\Software Update\msu.exe"="C:\Program Files\Motorola\Software Update\msu.exe:*:Enabled:msu"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:o rb"
"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:o rbTray"
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:o rb Stream Client"
"F:\Psp\emule.exe"="F:\Psp\emule.exe:*:Enabled:eMule"
"F:\LW\LimeWire.exe"="F:\LW\LimeWire.exe:*:Enabled:LimeWire"
"F:\Incoming\Counter-Strike 1.6 (CS) 300 Maps New models Nice Bot 2.0(by ind1go=)\Counter-Strike 1.6 models by Ind1go (Maps300)\CS\hltv.exe"="F:\Incoming\Counter-Strike 1.6 (CS) 300 Maps New models Nice Bot 2.0(by ind1go=)\Counter-Strike 1.6 models by Ind1go (Maps300)\CS\hltv.exe:*:Enabled:HLTV Launcher"
"E:\POD\hl.exe"="E:\POD\hl.exe:*:Enabled:Half-Life Launcher"
"E:\POD\hltv.exe"="E:\POD\hltv.exe:*:Enabled:HLTV Launcher"
"E:\POD\hlds.exe"="E:\POD\hlds.exe:*:Enabled:HLDS Launcher"
"F:\Lphant\eLePhantClient.exe"="F:\Lphant\eLePhantClient.exe:*:Enabled:Lphant"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"F:\LimeWire\LimeWire.exe"="F:\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"F:\HLDS\hlds.exe"="F:\HLDS\hlds.exe:*:Enabled:HLDS Launcher"
"F:\HLDS\hltv.exe"="F:\HLDS\hltv.exe:*:Enabled:HLTV Launcher"
"F:\wamp\bin\apache\Apache2.2.11\bin\httpd.exe"="F:\wamp\bin\apache\Apache2.2.11\bin\httpd.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"F:\eMule\emule.exe"="F:\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Lphant Applications\Lphant\Lphant.exe"="C:\Program Files\Lphant Applications\Lphant\Lphant.exe:*:Enabled:Lphant"
"F:\Steam\SteamApps\619_max\condition zero\hl.exe"="F:\Steam\SteamApps\619_max\condition zero\hl.exe:*:Enabled:Half-Life Launcher"
"F:\cs2\LimeWire.exe"="F:\cs2\LimeWire.exe:*:Enabled:LimeWire.exe"
"F:\Cs2\LimeWire\LimeWire.exe"="F:\Cs2\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"F:\Steam\SteamApps\619_max\counter-strike source\hl2.exe"="F:\Steam\SteamApps\619_max\counter-strike source\hl2.exe:*:Enabled:hl2"
"F:\Steam\SteamApps\619_max\day of defeat source\hl2.exe"="F:\Steam\SteamApps\619_max\day of defeat source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"F:\Steam\SteamApps\619_max\half-life 2 deathmatch\hl2.exe"="F:\Steam\SteamApps\619_max\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2"
"C:\Documents and Settings\AUDREY\Local Settings\Temp\~AceTemp\Py[1]\Poison Ivy 2.3.2.exe"="C:\Documents and Settings\AUDREY\Local Settings\Temp\~AceTemp\Py[1]\Poison Ivy 2.3.2.exe:*:Enabled:p oison Ivy 2.3.2"
"F:\PoisonI\Poison Ivy 2.3.2.exe"="F:\PoisonI\Poison Ivy 2.3.2.exe:*:Enabled:p oison Ivy 2.3.2"
"C:\Documents and Settings\AUDREY\temp\TeamViewer\Version4\TeamViewer.exe"="C:\Documents and Settings\AUDREY\temp\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"C:\Documents and Settings\AUDREY\Local Settings\Temp\~AceTemp\Cerberus[1]\Cerberus.exe"="C:\Documents and Settings\AUDREY\Local Settings\Temp\~AceTemp\Cerberus[1]\Cerberus.exe:*:Enabled:Cerberus"
"C:\Documents and Settings\AUDREY\Local Settings\Temp\~AceTemp\Bifrost 1.2.1d[1]\Bifrost 1.2d.exe"="C:\Documents and Settings\AUDREY\Local Settings\Temp\~AceTemp\Bifrost 1.2.1d[1]\Bifrost 1.2d.exe:*:Enabled:Bifrost 1.2.1"
"F:\mIRC\mirc.exe"="F:\mIRC\mirc.exe:*:Enabled:mIRC"
"E:\EasyPHP1-8\mysql\bin\mysqld.exe"="E:\EasyPHP1-8\mysql\bin\mysqld.exe:*:Enabled:mysqld"
"F:\Steam\SteamApps\stuart13\counter-strike source\hl2.exe"="F:\Steam\SteamApps\stuart13\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Documents and Settings\AUDREY\Local Settings\Temp\~AceTemp\Lost%20Door%20V4.2%20light[1]\Lost Door V4.2 Light\Lost Door V4.2.exe"="C:\Documents and Settings\AUDREY\Local Settings\Temp\~AceTemp\Lost%20Door%20V4.2%20light[1]\Lost Door V4.2 Light\Lost Door V4.2.exe:*:Enabled:By OussamiO"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"F:\Bifrost\Bifrost 1.2d.exe"="F:\Bifrost\Bifrost 1.2d.exe:*:Enabled:Bifrost 1.2.1"
"F:\Apokalypse-Rat\Nouveau dossier\Client.exe"="F:\Apokalypse-Rat\Nouveau dossier\Client.exe:*:Enabled:Client"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"F:\JEUX\iTunes.exe"="F:\JEUX\iTunes.exe:*:Enabled:iTunes"
"C:\Documents and Settings\AUDREY\temp\TeamViewer\Version5\TeamViewer.exe"="C:\Documents and Settings\AUDREY\temp\TeamViewer\Version5\TeamViewer.exe:*:Enabled:TeamViewer"
"F:\Skype\Phone\Skype.exe"="F:\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{49970a86-b126-11dc-8d0e-000fb5d23f27}]
shell\AutoRun\command - G:\.\Recycler\S-1-5-21-3318671052-061502871-8581524341-500\~WRL0258.tmp
shell\explore\command - G:\.\Recycler\S-1-5-21-3318671052-061502871-8581524341-500\~WRL0258.tmp
shell\Open\command - G:\.\Recycler\S-1-5-21-3318671052-061502871-8581524341-500\~WRL0258.tmp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ad14355d-744d-11da-9700-806d6172696f}]
shell\AutoRun\command - D:\Autorun.exe


======List of files/folders created in the last 1 months======

2010-01-16 19:53:37 ----D---- C:\Program Files\trend micro
2010-01-16 19:53:36 ----DC---- C:\rsit
2010-01-16 16:16:15 ----D---- C:\WINDOWS\system32\install
2010-01-13 12:30:22 ----D---- C:\Documents and Settings\AUDREY\Application Data\PhotoFiltre
2010-01-10 20:28:00 ----D---- C:\Documents and Settings\AUDREY\Application Data\LimeWire
2010-01-09 16:25:00 ----A---- C:\WINDOWS\ATICIM.INI
2010-01-06 14:39:59 ----D---- C:\Program Files\Fichiers communs\ATI Technologies
2010-01-06 14:39:48 ----D---- C:\Program Files\DIFX
2010-01-06 14:39:45 ----D---- C:\Program Files\USB TV
2009-12-31 14:43:10 ----A---- C:\WINDOWS\zip.exe
2009-12-31 14:43:10 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-12-31 14:43:10 ----A---- C:\WINDOWS\SWSC.exe
2009-12-31 14:43:10 ----A---- C:\WINDOWS\SWREG.exe
2009-12-31 14:43:10 ----A---- C:\WINDOWS\sed.exe
2009-12-31 14:43:10 ----A---- C:\WINDOWS\PEV.exe
2009-12-31 14:43:10 ----A---- C:\WINDOWS\NIRCMD.exe
2009-12-31 14:43:10 ----A---- C:\WINDOWS\MBR.exe
2009-12-31 14:43:10 ----A---- C:\WINDOWS\grep.exe
2009-12-31 14:43:03 ----D---- C:\WINDOWS\ERDNT
2009-12-31 14:33:40 ----DC---- C:\Qoobox
2009-12-31 13:32:21 ----D---- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
2009-12-31 13:24:52 ----DC---- C:\Advanced Wheel Mouse
2009-12-31 13:15:40 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-12-30 22:00:21 ----D---- C:\WINDOWS\SoftwareDistribution
2009-12-30 21:56:51 ----HD---- C:\Program Files\WindowsUpdate
2009-12-30 21:10:55 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-12-30 20:51:34 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
2009-12-19 18:27:38 ----D---- C:\Documents and Settings\AUDREY\Application Data\KC Softwares
2009-12-19 18:27:13 ----A---- C:\WINDOWS\system32\macdll.dll
2009-12-18 18:48:44 ----D---- C:\Program Files\EoRezo
2009-12-18 15:03:46 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2009-12-18 14:53:38 ----D---- C:\Program Files\ATI
2009-12-18 12:38:16 ----A---- C:\WINDOWS\IDM.dll
2009-12-18 12:38:06 ----A---- C:\WINDOWS\Messenger.dll
2009-12-18 12:25:50 ----D---- C:\WINDOWS\Logs

======List of files/folders modified in the last 1 months======

2010-01-16 19:53:45 ----D---- C:\WINDOWS\Prefetch
2010-01-16 19:53:37 ----RD---- C:\Program Files
2010-01-16 19:51:56 ----D---- C:\Documents and Settings\AUDREY\Application Data\Mumble
2010-01-16 19:48:15 ----D---- C:\WINDOWS\Temp
2010-01-16 19:48:13 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-16 19:45:51 ----SD---- C:\WINDOWS\Tasks
2010-01-16 19:34:13 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2010-01-16 16:16:15 ----D---- C:\WINDOWS\system32
2010-01-14 14:07:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-13 16:21:18 ----A---- C:\WINDOWS\system32\SpoonUninstall.exe
2010-01-13 11:48:21 ----D---- C:\WINDOWS
2010-01-10 16:59:47 ----HD---- C:\WINDOWS\inf
2010-01-09 18:32:50 ----D---- C:\Documents and Settings\AUDREY\Application Data\codeblocks
2010-01-09 16:28:00 ----SHD---- C:\WINDOWS\Installer
2010-01-09 16:28:00 ----HD---- C:\Config.Msi
2010-01-08 21:34:59 ----D---- C:\Documents and Settings\AUDREY\Application Data\mIRC
2010-01-06 14:41:18 ----D---- C:\WINDOWS\system32\CatRoot
2010-01-06 14:39:59 ----D---- C:\Program Files\Fichiers communs
2010-01-06 14:39:48 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-01-06 14:39:45 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-06 14:28:55 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-06 14:28:48 ----D---- C:\WINDOWS\system32\drivers
2010-01-04 18:04:44 ----AC---- C:\WINDOWS\ntbtlog.txt
2010-01-02 22:41:58 ----D---- C:\WINDOWS\system
2010-01-02 11:10:40 ----D---- C:\Program Files\BitGrabber
2010-01-02 01:58:34 ----D---- C:\WINDOWS\twain_32
2010-01-02 01:48:01 ----RSD---- C:\WINDOWS\Fonts
2010-01-01 20:27:48 ----D---- C:\WINDOWS\network diagnostic
2010-01-01 03:22:07 ----A---- C:\WINDOWS\imsins.BAK
2009-12-31 13:25:05 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-12-31 13:15:18 ----D---- C:\Documents and Settings\AUDREY\Application Data\teamspeak2
2009-12-19 11:28:19 ----A---- C:\WINDOWS\win.ini
2009-12-18 14:53:03 ----D---- C:\Program Files\ATI Technologies
2009-12-18 14:53:01 ----RSD---- C:\WINDOWS\assembly
2009-12-18 14:50:28 ----D---- C:\WINDOWS\WinSxS

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
R1 avgio;avgio; \??\F:\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 oreans32;oreans32; \??\C:\WINDOWS\system32\drivers\oreans32.sys []
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2003-03-05 49600]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]
R2 ANIO;ANIO Service; \??\C:\WINDOWS\system32\ANIO.SYS []
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-10 56816]
R2 EAPPkt;Realtek EAPPkt Protocol; C:\WINDOWS\system32\DRIVERS\EAPPkt.sys [2005-04-01 66048]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-05-12 3007488]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-07-10 4449280]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2007-05-21 46080]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2007-05-21 19968]
R3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\wg111v2.sys [2005-04-21 112384]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
S1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2004-08-05 41600]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-03-25 2314560]
S3 BTCFilterService;USB Networking Driver Filter Service; C:\WINDOWS\system32\DRIVERS\motfilt.sys []
S3 CamDrL;Logitech QuickCam Pro 3000(CamDrl); C:\WINDOWS\system32\DRIVERS\Camdrl.sys [2004-10-08 326656]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys [2002-11-18 377358]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 FilterService;UVC Filter Service; C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-01-17 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-01-17 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-01-17 21568]
S3 lvpopflt;Logitech POP Suppression Filter; C:\WINDOWS\system32\DRIVERS\lvpopflt.sys []
S3 LVRS;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs.sys []
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-05-27 22016]
S3 LVUVC;Logitech QuickCam Ultra Vision(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys []
S3 motccgp;Motorola USB Composite Device Driver; C:\WINDOWS\system32\DRIVERS\motccgp.sys []
S3 motccgpfl;MotCcgpFlService; C:\WINDOWS\system32\DRIVERS\motccgpfl.sys []
S3 motmodem;Motorola USB CDC ACM Driver; C:\WINDOWS\system32\DRIVERS\motmodem.sys []
S3 MotoSwitchService;MotoSwitch Service; C:\WINDOWS\system32\DRIVERS\motswch.sys []
S3 Motousbnet;Motorola USB Networking Driver Service; C:\WINDOWS\system32\DRIVERS\Motousbnet.sys []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys []
S3 PID_08A0;QuickCam IM(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS []
S3 RT73;D-Link USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\Dr71WU.sys [2006-12-21 429440]
S3 SjyPkt;SjyPkt; \??\C:\WINDOWS\System32\Drivers\SjyPkt.sys []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-07-09 39424]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S3 vhack;vhack; \??\F:\Cheat CS\vhack\vhack.sys []
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WINIO;WINIO; \??\D:\winio.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirMailService;Avira AntiVir MailGuard; F:\Avira\AntiVir Desktop\avmailc.exe [2009-05-11 194817]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; F:\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; F:\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 AntiVirWebService;Avira AntiVir WebGuard; F:\Avira\AntiVir Desktop\AVWEBGRD.EXE [2009-05-12 434945]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-05-12 540672]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe [2005-01-13 139264]
R2 ForcewareWebInterface;Forceware Web Interface; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [2004-11-30 20543]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-05 14336]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [2005-01-13 131133]
R2 nSvcLog;ForceWare user log service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [2005-01-13 57409]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-05 14336]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-11-06 66872]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
S2 ANIWZCSdService;ANIWZCSd Service; C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe [2007-01-19 49152]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-05-12 593920]
S2 gupdate1ca22a68e98e702;Service Google Update (gupdate1ca22a68e98e702); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-21 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-23 183280]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-11-18 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe [2007-11-15 68096]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2004-08-05 14336]
|||||||||||||


ET voila le info :

info.txt logfile of random's system information tool 1.06 2010-01-16 19:53:57

======Uninstall list======

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
ANIO Service-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}\Setup.exe"
ANIWZCS2 Service-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4C590030-7469-453E-8589-D15DA9D03F52}\Setup.exe"
Apple Mobile Device Support-->MsiExec.exe /I{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI AVIVO Codecs-->MsiExec.exe /I{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x444e
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:D ISPLAY -clean
Avanquest update-->C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe -runfromtemp -l0x0009 -removeonly
Avira AntiVir Premium-->F:\Avira\AntiVir Desktop\setup.exe /REMOVE
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C}
CharMap-->MsiExec.exe /I{1F040763-38E7-4CDE-8519-AA6C364F1992}
Condition Zero-->"F:\Steam\steam.exe" steam://uninstall/80
Correctif Lecteur Windows Media 10 - KB895316-->"C:\WINDOWS\$NtUninstallKB895316$\spuninst\spuninst.exe"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB914440)-->"C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB935448)-->"C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB942288-v3)-->"C:\WINDOWS\$NtUninstallKB942288-v3$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Correctif Windows XP - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
Correctif Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Correctif Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Correctif Windows XP - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Correctif Windows XP - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Correctif Windows XP - KB887742-->C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
Correctif Windows XP - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
Correctif Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Correctif Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Counter Strike 1.6 - By PirocaHP.F!N4LShare-->C:\WINDOWS\unvise32.exe e:\POD\uninstal_cs.log
Counter-Strike(TM)-->MsiExec.exe /I{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}
Counter-Strike: Source-->"F:\steam\steam.exe" steam://uninstall/240
Counter-Strike-->"F:\Steam\steam.exe" steam://uninstall/10
Creative System Information-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c /remove
Day of Defeat: Source-->"F:\steam\steam.exe" steam://uninstall/300
dBpoweramp Music Converter-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.dat
Decal Converter-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5BB207D6-0E1E-11D5-9B6A-00C04F7EC248}\Setup.exe"
DivX Web Player-->F:\DivX\DivXWebPlayerUninstall.exe /PLUGIN
D-Link Wireless G DWA-110-->C:\Program Files\InstallShield Installation Information\{5F753314-628E-4C13-B8AE-BFA7FD514CBE}\setup.exe -runfromtemp -l0x040c -removeonly
Driver Genius Professional Edition-->"F:\DriverGenius\unins000.exe"
eMule-->"F:\eMule\Uninstall.exe"
EoRezo 1.0-->"C:\Program Files\EoRezo\unins000.exe"
Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
Fraps-->"F:\Fraps\uninstall.exe"
Gestionnaire de disques amovible Creative-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x40c /remove
Google Toolbar for Firefox-->C:\Documents and Settings\All Users\Application Data\Google\Toolbar for Firefox\Firefox_Toolbar_Uninstaller.exe
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\AUDREY\Local Settings\Temporary Internet Files\Content.IE5\6RACRBW7\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
HP Customer Participation Program 10.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Document Manager 1.0-->C:\Program Files\HP\Digital Imaging\DocumentManager\hpzscr01.exe -datfile hpqbud18.dat
HP Imaging Device Functions 10.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Officejet J4500 Series-->C:\Program Files\HP\Digital Imaging\{CD0773D5-C18E-495c-B39B-21A96415EDD5}\setup\hpzscr01.exe -datfile hpwscr19.dat -forcereboot
HP Smart Web Printing-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 10.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{11B83AD3-7A46-4C2E-A568-9505981D4C6F}
Ink-->MsiExec.exe /I{9FCB2876-554D-491D-A2CD-58F8252D6C64}
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
InterVideo DeviceService-->MsiExec.exe /I{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}
iTunes-->MsiExec.exe /I{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}
J2SE Runtime Environment 5.0 Update 9-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
KC Softwares AudioGrail-->"F:\AudioGrail\unins000.exe"
Kill Process 5.0.0.5 (désinstaller seulement)-->"F:\Kill Process\uninstall.exe"
Les Sims Abracadabra-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A00D1BA-D03A-44E5-AF28-86A1F377DF61}\setup.exe" -l040c
LimeWire 5.4.6-->"F:\LimeWire\uninstall.exe"
Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG
Logitech Updater-->MsiExec.exe /I{53735ECE-E461-4FD0-B742-23A352436D3A}
Ma-Config.com-->MsiExec.exe /X{D1874C3B-A0A5-446F-B76C-5265F11D8A1A}
Macromedia Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
MediaBar 2.0-->C:\Program Files\Lphant Applications\Lphant MediaBar\Uninstall.exe
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Messenger Plus! Live-->"F:\Messenger Plus\Uninstall.exe"
Micro Application - Jeu de Tarot-->C:\WINDOWS\IsUn040c.exe -f"e:\Tarot En Force\Uninst.isu"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
mIRC-->F:\mIRC\uninstall.exe _?=F:\mIRC
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 9 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905915)-->"C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911562)-->"C
17 Janvier 2010 00:53:31

En effet infections! Et pas qu'un peu :lol: 

Télécharger sur le bureau Navilog1.exe

*double-clic dessus pour l'installer et le lancer
Quand installé
* Taper « F »
* Appuyer sur une touche jusqu'à arriver aux options
* Choisir « Recherche et désinfection automatique » ( = taper 1 )
* un rapport : fixnavi.txt dans ==> C:\
* le copier/coller dans la réponse

+

Télécharge sur le bureau « AD-Remover »
* Double clique sur le programme d'installation , et installe le dans son emplacement par défaut.
* Double clic sur le nouveau raccourci sur le bureau => « Ad-remover »
* Au menu principal choisi l'option « S »
* Poste le rapport qui apparait à la fin.
** Note: le rapport se situe aussi dans « C:\Ad-Report-SCAN.log »

---

* Relances « Ad-remover » : au menu principal choisi l'option « L »
* Postes le rapport qui apparait à la fin
** Note: le rapport se situe aussi dans « C:\Ad-Report-CLEAN.log »

+

Télécharger sur le bureau Malwarebyte's Anti-Malware

* Double-clic sur « mbam-setup » pour lancer l'installation
* Installer simplement sans rien modifier
* Quand le programme lancé ==> onglet « Mise à jour » cliquer sur ==> « Recherche de mise à jour »
Onglet « Recherche » ==> cocher « Exécuter un examen complet »
* Clic « Rechercher »
* Cocher tous les disque dur
* Clic « Lancer l'examen »
* En fin de scan , si infection trouvée
==> Clic « Afficher résultat »
* Fermer vos applications en cours
* Vérifier si tout est coché et clic « Supprimer la sélection »

* un rapport s'ouvre le copier et le coller dans la réponse
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS