Se connecter / S'enregistrer
Votre question

Urgent, je suis vraiment pas expert en infos...

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
25 Juillet 2009 04:48:58

J'ai cliqué sur un lien, sur un site web, pour télécharger une vidéo. Ne voyant pas de mise en gare de mon système "avast4.8" et le site internet ne m'a pas plus fait douter que ça... j'ai cliqué, puis j'ai mis "exécuter" et d'un coups, boum, voici ce que je vois en arrière plan ! (aucun problème, enfin pas à ce que je sache, mais cette image ne peux pas se changer, j'ai étant dans panneau de config. pour la changerc'est IMP !) Que faire ? Qu'est-ce-que c'est ?


Autres pages sur : urgent vraiment expert infos

a c 296 8 Sécurité
25 Juillet 2009 04:54:05

Bonjour,

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    25 Juillet 2009 05:00:53

    J'ai fais exécuter le logiciel que vous m'avez proposé, et quand je clik 2 fois dessus (sur RSIT qui apparaît sur mon bureau) ça me marque :

    C: /RSIT.exe n'est pas une application Win32 valide.

    -------

    J'ai un Windows XP de la marque "Unika" si ça peut être une raison :$

    -------

    J'ai réussi à le faire lancer... je vous tiens au courant d'ici peu...
    Contenus similaires
    a c 296 8 Sécurité
    25 Juillet 2009 05:12:59

    Ok.
    25 Juillet 2009 05:13:53

    Dois-je vous copier/coller les rapports ? (sachant qu'il y a "info - Bloc-notes" et "log - Bloc-notes")
    De plus j'ai remarqué qu'il y faisait apparaître des informations personnelles, du type "Nom de Famille" est-ce grave si je divulgue ceci sur ce site publique ?
    a c 296 8 Sécurité
    25 Juillet 2009 05:21:50

    Citation :
    Dois-je vous copier/coller les rapports ? (sachant qu'il y a "info - Bloc-notes" et "log - Bloc-notes" )

    --> Oui.

    Citation :
    De plus j'ai remarqué qu'il y faisait apparaître des informations personnelles, du type "Nom de Famille" est-ce grave si je divulgue ceci sur ce site publique ?

    --> Non et au pire, tu peux effacer ton message.
    25 Juillet 2009 05:44:22

    Info - Bloc-Notes:

    info.txt logfile of random's system information tool 1.06 2009-07-25 05:06:22

    ======Uninstall list======

    -->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
    -->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
    -->C:\WINDOWS\UNRecode.exe /UNINSTALL
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    325 USB PC Camera _beta-->C:\Program Files\InstallShield Installation Information\{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}\setup.exe -runfromtemp -l0x040c -removeonly
    Adibou, Je lis, Je calcule 6-7-->C:\WINDOWS\unvise32.exe C:\Program Files\Coktel\Adibou\Adibou, Je lis, Je calcule 6-7\uninstal.log
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->MsiExec.exe /X{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}
    Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
    Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
    AMD Processor Driver-->C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe -runfromtemp -l0x040c -removeonly
    Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Ares 2.1.1-->"C:\Program Files\Ares\uninstall.exe"
    Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
    avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    Big Fish Games Client-->C:\Program Files\bfgclient\Uninstall.exe
    Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
    Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
    ConsumerUpdate-->MsiExec.exe /I{7C6999B2-1A35-4F2C-8DB7-3CB46B640CC9}
    Cooking Dash(TM) Deluxe-->"C:\Program Files\Zylom Games\Cooking Dash(TM) Deluxe\GameInstlr.exe" --uninstall UnInstall.log
    Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
    Dairy Dash Deluxe-->"C:\Program Files\Zylom Games\Dairy Dash Deluxe\GameInstlr.exe" --uninstall UnInstall.log
    Digital Camera-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C1205500-2179-11D7-B0B9-0000E24D4B29}\setup.exe"
    D-Jix Media-->MsiExec.exe /X{8A236D8D-5092-4791-83EE-A3491227B150}
    Dofus 1.27.0-->C:\Program Files\Dofus\uninstall.exe
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    eoEngine 9.1-->"C:\Program Files\EoRezo\unins000.exe"
    Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
    Favorit-->"c:\documents and settings\patrick\local settings\application data\cgeckii.exe" -uninstall
    Gadwin PrintScreen-->C:\Program Files\Gadwin Systems\PrintScreen\Uninstall.exe
    Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
    GameCenter-->C:\Program Files\Cyanide\GameCenter\uninstall.exe
    Google Gears-->MsiExec.exe /I{F724042F-367A-3B58-9BE3-8EF7A6F058D6}
    Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_9DE96A29E721D90A.exe" /uninstall
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
    Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    HP Document Viewer 5.3-->C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
    HP Extended Capabilities 5.3-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
    HP Image Zone 5.3-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
    HP Image Zone Express-->MsiExec.exe /X{FE64AE29-0883-4C70-8388-DC026019C900}
    HP Imaging Device Functions 5.3-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
    HP PSC & OfficeJet 5.3.B-->"C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat
    HP Software Update-->MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
    HP Solution Center & Imaging Support Tools 5.3-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
    Icatch(IV) Camera Driver-->Rundll32 advpack.dll,LaunchINFSectionEx C:\WINDOWS\CA533A.ini, Ca533AUnInstall
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
    iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
    Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    LimeWire 5.1.2-->"C:\Program Files\LimeWire\uninstall.exe"
    Ma-Config.com-->MsiExec.exe /X{D1874C3B-A0A5-446F-B76C-5265F11D8A1A}
    Marine Park Empire-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{977CD9E4-2CE7-46AC-BBEC-FC2B9696464B} /l1036
    McDonald's Fairies-->C:\Program Files\McDonaldsFairies\uninstall.exe
    Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
    Messenger Plus! Live & Sponsor (CiD)-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
    Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
    Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
    Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
    Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
    Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
    Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
    Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
    Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
    Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
    Microsoft User-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Works 6-9 Converter-->MsiExec.exe /X{172423F9-522A-483A-AD65-03600CE4CA4F}
    Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
    Mission Equitation-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DA98964-804D-4DCF-AD6A-DE9D9EF3A825}\setup.exe" -l0x40c -removeonly
    Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    Nero 7 Ultra Edition-->MsiExec.exe /I{43FFE159-3199-4188-A1CD-629166AD1036}
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    NETGEAR GA511 Smart Wizard Utility-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{52CAD7C7-1E41-43FE-8613-AB9D79B2DBBC}
    Nokia Connectivity Cable Driver-->MsiExec.exe /X{15AC0C5D-A6FB-4CE2-8CD0-28179EEB5625}
    Nokia Music-->MsiExec.exe /I{BEC99D86-1D70-4AB8-8D15-E116392F9B7D}
    Nokia PC Suite-->C:\Documents and Settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Nokia_PC_Suite_6_84_10_3_EA.exe
    Nokia PC Suite-->MsiExec.exe /I{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}
    NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
    OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
    OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Pacific Poker-->C:\PROGRA~1\PACIFI~1\UNWISE.EXE C:\PROGRA~1\PACIFI~1\INSTALL.LOG
    Package de pilotes Windows - Nokia Modem (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_8B37DC72918CCD58A6EC20373AF6242B037A293B\pccs_bluetooth.inf
    Package de pilotes Windows - Nokia Modem (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_F12A08B6F776984A95553486F64C541356F86E38\pccs_bluetooth.inf
    Package de pilotes Windows - Nokia Modem (05/24/2007 6.84.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_5E1541AFF1E1EA3554CE566743CCAD323ED1C108\nokbtmdm.inf
    Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
    PC Connectivity Solution-->MsiExec.exe /I{D848D140-41C3-4A53-86D8-E866A100B4CD}
    PhotoFiltre Studio-->"C:\Program Files\PhotoFiltre Studio\Uninst.exe"
    Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
    Pixia 3.3b-->"C:\Program Files\Seagrand\Pixia\unins000.exe"
    QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
    Ranch Rush Deluxe-->"C:\Program Files\Zylom Games\Ranch Rush Deluxe\GameInstlr.exe" --uninstall UnInstall.log
    Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x40c -removeonly
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    Sierra Utilities-->C:\Program Files\Sierra On-Line\sutil32.exe uninstall
    Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
    SoftwareUpdate 1.0-->"C:\Documents and Settings\Patrick\Application Data\eoRezo\SoftwareUpdate\unins000.exe"
    Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
    Surligneur (Windows Live Toolbar)-->MsiExec.exe /X{81B5F83F-2291-48B0-8375-36B63A9BF5B0}
    Warzone 2100-->C:\Program Files\Warzone 2100\uninstall.exe
    WebMediaPlayer-->C:\Program Files\WebMediaPlayer\uninst.exe
    Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
    Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
    Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919}
    Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
    Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
    Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
    Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
    Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
    Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
    World of Warcraft-->C:\Program Files\Fichiers communs\Blizzard Entertainment\World of Warcraft\Uninstall.exe
    XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

    ======Security center information======

    AV: avast! antivirus 4.8.1335 [VPS 090724-0]

    ======System event log======

    Computer Name: CHOUAIB-BE00B00
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Realtek LANPkt Protocol.

    Record Number: 53720170
    Source Name: Service Control Manager
    Time Written: 20090725044645.000000+120
    Event Type: Informations
    User: CHOUAIB-BE00B00\Patrick

    Computer Name: CHOUAIB-BE00B00
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Diag69xp.

    Record Number: 53720169
    Source Name: Service Control Manager
    Time Written: 20090725044644.000000+120
    Event Type: Informations
    User: CHOUAIB-BE00B00\Patrick

    Computer Name: CHOUAIB-BE00B00
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Realtek LANPkt Protocol.

    Record Number: 53720168
    Source Name: Service Control Manager
    Time Written: 20090725044644.000000+120
    Event Type: Informations
    User: CHOUAIB-BE00B00\Patrick

    Computer Name: CHOUAIB-BE00B00
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Diag69xp.

    Record Number: 53720167
    Source Name: Service Control Manager
    Time Written: 20090725044643.000000+120
    Event Type: Informations
    User: CHOUAIB-BE00B00\Patrick

    Computer Name: CHOUAIB-BE00B00
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Realtek LANPkt Protocol.

    Record Number: 53720166
    Source Name: Service Control Manager
    Time Written: 20090725044643.000000+120
    Event Type: Informations
    User: CHOUAIB-BE00B00\Patrick

    =====Application event log=====

    Computer Name: CHOUAIB-BE00B00
    Event Code: 20
    Message:
    Record Number: 10995
    Source Name: Google Update
    Time Written: 20090625075718.000000+120
    Event Type: erreur
    User: AUTORITE NT\SYSTEM

    Computer Name: CHOUAIB-BE00B00
    Event Code: 20
    Message:
    Record Number: 10994
    Source Name: Google Update
    Time Written: 20090625065727.000000+120
    Event Type: erreur
    User: CHOUAIB-BE00B00\Patrick

    Computer Name: CHOUAIB-BE00B00
    Event Code: 20
    Message:
    Record Number: 10993
    Source Name: Google Update
    Time Written: 20090625065718.000000+120
    Event Type: erreur
    User: AUTORITE NT\SYSTEM

    Computer Name: CHOUAIB-BE00B00
    Event Code: 20
    Message:
    Record Number: 10992
    Source Name: Google Update
    Time Written: 20090625055727.000000+120
    Event Type: erreur
    User: CHOUAIB-BE00B00\Patrick

    Computer Name: CHOUAIB-BE00B00
    Event Code: 20
    Message:
    Record Number: 10991
    Source Name: Google Update
    Time Written: 20090625055718.000000+120
    Event Type: erreur
    User: AUTORITE NT\SYSTEM

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=C:\Program Files\Nokia\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 0, AuthenticAMD
    "PROCESSOR_REVISION"=2f00
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
    "QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

    -----------------EOF-----------------
    a c 296 8 Sécurité
    25 Juillet 2009 05:45:31

    Ok, je vois déjà plusieurs infections. Le rapport log va le confirmer.
    25 Juillet 2009 05:45:58

    .
    .
    Log - Bloc-Notes:

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Patrick at 2009-07-25 05:41:26
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 120 GB (67%) free of 180 GB
    Total RAM: 1022 MB (25% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 05:41:31, on 25/07/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16850)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\WINDOWS\tsnp325.exe
    C:\WINDOWS\vsnp325.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\EoRezo\EoEngine.exe
    C:\Documents and Settings\Patrick\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
    C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\Nokia\PC Connectivity Solution\Transports\NclUSBSrv.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Nokia\PC Connectivity Solution\Transports\NclRSSrv.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\documents and settings\patrick\local settings\application data\cgeckii.exe
    C:\Program Files\NETGEAR GA511 Adapter\GA511.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Documents and Settings\Patrick\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
    C:\Documents and Settings\Patrick\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Windows Live\Toolbar\wltuser.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\QUAD Utilities\QUAD Registry Cleaner\QUAD Scheduler.exe
    C:\Program Files\QUAD Utilities\QUAD Registry Cleaner\QUAD Registry Cleaner.exe
    C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Patrick\Local Settings\Temporary Internet Files\Content.IE5\880A8M3D\RSIT[1].exe
    C:\Program Files\trend micro\Patrick.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://y.lo.st
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
    O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe
    O4 - HKLM\..\Run: [snp325] C:\WINDOWS\vsnp325.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
    O4 - HKLM\..\Run: [SoftwareHelper] C:\Documents and Settings\Patrick\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer /watchfiles
    O4 - HKLM\..\Run: [Nokia FastStart] "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
    O4 - HKLM\..\Run: [winupdate.exe] C:\WINDOWS\system32\winupdate.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [MagsBin] C:\DOCUME~1\Patrick\APPLIC~1\BURNHO~1\Rdr spam 32.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
    O4 - HKCU\..\Run: [cgeckii] "c:\documents and settings\patrick\local settings\application data\cgeckii.exe" cgeckii
    O4 - HKCU\..\Run: [QUAD Windows service] C:\Program Files\QUAD Utilities\QUAD Registry Cleaner\QUAD Registry Cleaner.exe -h
    O4 - HKCU\..\Run: [QUAD Scheduler] C:\Program Files\QUAD Utilities\QUAD Registry Cleaner\QUAD Scheduler.exe
    O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~3.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; GTB6; .NET CLR 2.0.50727; InfoPath.1; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET CLR 1.1.4322)" -"http://www8.agame.com/games/shockwave/h/horse_eventing/..."
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Patrick\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
    O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: GA511 Smart Wizard Utility.lnk = ?
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll
    O9 - Extra 'Tools' menuitem: Paramètres de Google &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://gamenextfr.oberon-media.com/Gameshell/GameHost/1...
    O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://msnfr.oberon-media.com/online2/MSN_INTL_FRANCE/z...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Update Service (gupdate1c9a5c6888afccc) (gupdate1c9a5c6888afccc) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe

    --
    End of file - 16190 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-343818398-412668190-725345543-1004Core.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-343818398-412668190-725345543-1004UA.job
    C:\WINDOWS\tasks\MP Scheduled Scan.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
    Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-01-29 1088296]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-20 320920]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-14 259696]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-06-28 669168]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}]
    EoBHO Class - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll [2008-11-18 42792]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-25 470512]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-20 34816]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}]
    Google Gears Helper - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll [2009-07-17 2097152]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-20 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-14 259696]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088]
    "nwiz"=nwiz.exe /install []
    "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-03 86016]
    "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
    "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-09 153136]
    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
    "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-05-11 49152]
    "tsnp325"=C:\WINDOWS\tsnp325.exe [2006-10-10 270336]
    "snp325"=C:\WINDOWS\vsnp325.exe [2006-10-10 827392]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-20 136600]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
    "EoEngine"=C:\Program Files\EoRezo\EoEngine.exe [2009-02-23 472872]
    "SoftwareHelper"=C:\Documents and Settings\Patrick\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe [2008-12-09 368224]
    "PCSuiteTrayApplication"=C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-06-18 271360]
    "NokiaMServer"=C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer /watchfiles []
    "Nokia FastStart"=C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe [2009-02-26 2376992]
    "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
    "Google Quick Search Box"=C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2009-04-26 68592]
    "winupdate.exe"=C:\WINDOWS\system32\winupdate.exe [2009-07-25 43008]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]
    "MagsBin"=C:\DOCUME~1\Patrick\APPLIC~1\BURNHO~1\Rdr spam 32.exe []
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408]
    "Gadwin PrintScreen"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2007-08-20 495616]
    "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-01-29 23975720]
    "Google Update"=C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-04-25 133104]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-12-02 68856]
    "Steam"=C:\Program Files\Steam\Steam.exe [2009-06-12 1217784]
    "ares"=C:\Program Files\Ares\Ares.exe [2009-02-03 1004544]
    "cgeckii"=c:\documents and settings\patrick\local settings\application data\cgeckii.exe [2009-07-17 254976]
    "QUAD Windows service"=C:\Program Files\QUAD Utilities\QUAD Registry Cleaner\QUAD Registry Cleaner.exe [2009-07-10 16016136]
    "QUAD Scheduler"=C:\Program Files\QUAD Utilities\QUAD Registry Cleaner\QUAD Scheduler.exe [2009-01-21 61440]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "Shockwave Updater"=C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~3.EXE [2008-12-06 460216]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Démarrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    GA511 Smart Wizard Utility.lnk - C:\WINDOWS\Installer\{52CAD7C7-1E41-43FE-8613-AB9D79B2DBBC}\NewShortcut1.exe
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

    C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\Démarrage
    Outil de notification Live Search.lnk - C:\Documents and Settings\Patrick\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-13 240128]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "DisableTaskMgr"=1

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "ConsentPromptBehaviorAdmin"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    "NoSetActiveDesktop"=1
    "NoActiveDesktopChanges"=1

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=
    "NoSetActiveDesktop"=
    "NoActiveDesktopChanges"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Documents and Settings\Patrick\Bureau\WoW-frFR-Installer-downloader.exe"="C:\Documents and Settings\Patrick\Bureau\WoW-frFR-Installer-downloader.exe:*:Enabled:WoW-frFR-Installer-downloader"
    "C:\Program Files\Cyanide\GameCenter\GameCenter.exe"="C:\Program Files\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter"
    "C:\Program Files\Cyanide\Loki\Loki.exe"="C:\Program Files\Cyanide\Loki\Loki.exe:*:Enabled:Loki"
    "C:\Program Files\Cyanide\Loki\Autorun\AutoRun.exe"="C:\Program Files\Cyanide\Loki\Autorun\AutoRun.exe:*:Enabled:Loki - AutoRun"
    "C:\Documents and Settings\Patrick\Mes documents\Dimitri\Réseau\BGM\metin2.bin"="C:\Documents and Settings\Patrick\Mes documents\Dimitri\Réseau\BGM\metin2.bin:*:Enabled:metin2"
    "C:\Documents and Settings\Patrick\Mes documents\Dimitri\Réseau\BGM\Metin 2.exe"="C:\Documents and Settings\Patrick\Mes documents\Dimitri\Réseau\BGM\Metin 2.exe:*:Enabled:Metin 2"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "C:\Program Files\SecondLife\SLVoice.exe"="C:\Program Files\SecondLife\SLVoice.exe:*:Enabled:SLVoice"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
    "C:\Documents and Settings\Patrick\Bureau\metin2\metin2.bin"="C:\Documents and Settings\Patrick\Bureau\metin2\metin2.bin:*:Enabled:metin2"
    "C:\Documents and Settings\Patrick\Mes documents\Antony\metin2\metin2.bin"="C:\Documents and Settings\Patrick\Mes documents\Antony\metin2\metin2.bin:*:Enabled:metin2"
    "C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows"
    "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
    "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
    "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
    "C:\Documents and Settings\Patrick\Bureau\RSIT.exe"="C:\Documents and Settings\Patrick\Bureau\RSIT.exe:*:Enabled:RSIT"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0c5220a6-4704-11de-a771-00142a2e558e}]
    shell\Auto\command - I:\launcher.exe
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL launcher.exe


    ======List of files/folders created in the last 1 months======

    2009-07-25 05:27:31 ----D---- C:\Documents and Settings\Patrick\Application Data\QUAD Backups
    2009-07-25 05:05:56 ----D---- C:\Program Files\trend micro
    2009-07-25 05:05:55 ----D---- C:\rsit
    2009-07-25 03:19:41 ----A---- C:\WINDOWS\system32\winupdate.exe
    2009-07-19 00:58:46 ----D---- C:\Documents and Settings\Patrick\Application Data\PacificPoker
    2009-07-19 00:58:34 ----D---- C:\Program Files\PacificPoker
    2009-07-15 03:03:37 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
    2009-07-15 03:03:30 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
    2009-07-15 03:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$

    ======List of files/folders modified in the last 1 months======

    2009-07-25 05:41:28 ----D---- C:\WINDOWS\Temp
    2009-07-25 05:29:59 ----D---- C:\Documents and Settings\Patrick\Application Data\EoRezo
    2009-07-25 05:27:26 ----D---- C:\WINDOWS\Prefetch
    2009-07-25 05:26:58 ----D---- C:\WINDOWS
    2009-07-25 05:26:46 ----D---- C:\Program Files\QUAD Utilities
    2009-07-25 05:05:56 ----RD---- C:\Program Files
    2009-07-25 04:32:34 ----A---- C:\WINDOWS\NeroDigital.ini
    2009-07-25 04:29:03 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-07-25 03:40:54 ----D---- C:\Documents and Settings\Patrick\Application Data\Burn Hope Live
    2009-07-25 03:30:42 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-07-25 03:30:34 ----SD---- C:\WINDOWS\Tasks
    2009-07-25 03:30:25 ----D---- C:\Program Files\Steam
    2009-07-25 03:27:45 ----D---- C:\Program Files\EoRezo
    2009-07-25 03:20:55 ----D---- C:\WINDOWS\system32
    2009-07-25 03:20:03 ----D---- C:\Documents and Settings\Patrick\Application Data\LimeWire
    2009-07-24 06:07:40 ----D---- C:\Program Files\LimeWire
    2009-07-20 02:24:09 ----A---- C:\WINDOWS\win.ini
    2009-07-18 03:00:10 ----SHD---- C:\WINDOWS\Installer
    2009-07-18 03:00:09 ----HD---- C:\Config.Msi
    2009-07-18 03:00:06 ----D---- C:\Program Files\Google
    2009-07-15 03:03:39 ----HD---- C:\WINDOWS\inf
    2009-07-15 03:03:36 ----HD---- C:\WINDOWS\$hf_mig$
    2009-07-15 03:03:34 ----A---- C:\WINDOWS\imsins.BAK
    2009-07-15 03:03:33 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-07-07 17:10:56 ----A---- C:\WINDOWS\system32\MRT.exe
    2009-07-05 14:51:22 ----RD---- C:\WINDOWS\Web
    2009-07-05 14:51:20 ----D---- C:\WINDOWS\SHELLNEW
    2009-07-05 14:51:17 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
    2009-07-04 19:45:41 ----D---- C:\WINDOWS\network diagnostic
    2009-06-30 15:22:48 ----D---- C:\WINDOWS\system32\Macromed
    2009-06-30 10:12:35 ----SD---- C:\WINDOWS\Downloaded Program Files

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
    R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
    R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
    R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
    R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
    R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
    R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
    R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
    R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
    R2 usbhub;DSC Composite USB Device; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-01-24 4127488]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
    R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
    R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
    R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12288]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-03 6554496]
    R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
    R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
    R3 SNP325;USB PC Camera (SNPSTD325); C:\WINDOWS\system32\DRIVERS\snp325.sys [2007-03-07 10260864]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
    R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S2 Ca533av;Icatch(IV) Video Camera Device; C:\WINDOWS\System32\Drivers\Ca533av.sys [2002-10-21 515803]
    S2 LANPkt;Realtek LANPkt Protocol; C:\WINDOWS\system32\DRIVERS\LANPkt.sys [2006-11-28 8440]
    S3 Bridge;Pont MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
    S3 BridgeMP;Miniport de pont MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 Diag69xp;Diag69xp; C:\WINDOWS\System32\Drivers\Diag69xp.sys [2006-11-28 11237]
    S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664]
    S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016]
    S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 STIrUsb;Dongle SigmaTel USB-IrDA; C:\WINDOWS\system32\DRIVERS\irstusb.sys [2001-08-17 26624]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]
    S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    S3 USBCamera;Icatch(IV) Still Camera Device; C:\WINDOWS\System32\Drivers\Bulk533.sys [2002-07-25 10986]
    S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
    S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064]
    S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
    S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
    R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-20 152984]
    R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
    R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
    R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
    R3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
    R3 ServiceLayer;ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
    S2 gupdate1c9a5c6888afccc;Google Update Service (gupdate1c9a5c6888afccc); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-16 133104]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
    S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-25 182768]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
    S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-05-30 576680]
    S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-03-14 779824]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------
    a c 296 8 Sécurité
    25 Juillet 2009 05:52:45

    Tu as installé :
  • WebMediaPlayer qui est un programme piégé qui t'a installé l'infection Navipromo.
  • le programme EoRezo qui est une infection.
  • le programme QUAD Registry Cleaner qui affiche un nombre d'erreur conséquent pour t'inciter à acheter le logiciel. Si tu achètes le logiciel par carte bleue, tu seras débité d'environ 70€ au lieu de 30€, une grosse arnaque donc.
  • le sponsor de Messenger Plus! Live qui installe l'infection Lop/Swizzor.

    Bref, c'est la fête.

  • Télécharge Navilog1 (de IL-MAFIOSO) sur ton Bureau.
  • Double-clique sur Navilog1.exe afin de lancer l'installation.
  • Puis double-clique sur Navilog1 présent sur le Bureau.
    (Sous Vista, clique droit sur le raccourci de Navilog1 et choisis Exécuter en tant qu'administrateur)
  • Appuie sur F ou f puis valide par Entrée.
  • Appuie sur une touche de ton clavier à chaque fois que cela est demandé, tu arriveras au menu des options.
  • Choisis l'option 1 et appuie sur la touche Entrée pour valider ton choix.
  • Patiente le temps du scan. Il te sera peut-être demandé de redémarrer ton PC.
  • Patiente jusqu'au message : *** Scan terminé le ..... ***
  • Le scan fini, le Bloc-notes contenant le rapport sera affiché, poste le contenu de ce rapport dans ta prochaine réponse.
  • Si le résultat du scan ne s'affiche pas, tu le trouveras dans C:\cleannavi.txt
    a c 296 8 Sécurité
    25 Juillet 2009 06:12:15

    Je vais dormir ;) 
    25 Juillet 2009 06:26:37

    Re, une fois le scan fini mon PC c'est éteint puis a redemarré, et à l'ouverture de la session un téléchargement m'a été proposé... je l'ai refusé par peur d'empirer ou d'agravement fatalement la situation, j'espère que ce n'était pas un logiciel bienveillant qui m'aurait aidé que j'ai annulé là... Voici le rapport :


    Fix Navipromo version 4.0.1 commencé le 25/07/2009 6:01:37,31

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!

    Outil exécuté depuis C:\Program Files\navilog1

    Mise à jour le 18.07.2009 à 11h00 par IL-MAFIOSO

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
    BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
    USER : Patrick ( Administrator )
    BOOT : Normal boot

    Antivirus : avast! antivirus 4.8.1335 [VPS 090724-0] 4.8.1335 (Activated)


    C:\ (Local Disk) - NTFS - Total:176 Go (Free:117 Go)
    D:\ (CD or DVD)
    E:\ (USB)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)


    Recherche executée en mode normal

    Nettoyage exécuté au redémarrage de l'ordinateur


    C:\Program Files\WebMediaPlayer supprimé !
    C:\Documents and Settings\All Users\menudm~1\progra~1\WebMediaPlayer supprimé !
    C:\WINDOWS\prefetch\GA511.EXE-229F80B1.pf supprimé !
    C:\WINDOWS\prefetch\cgeckii*.pf supprimé !
    C:\Documents and Settings\Patrick\locals~1\applic~1\cgeckii.exe supprimé !
    C:\Documents and Settings\Patrick\locals~1\applic~1\cgeckii.dat supprimé !
    C:\Documents and Settings\Patrick\locals~1\applic~1\cgeckii_nav.dat supprimé !
    C:\Documents and Settings\Patrick\locals~1\applic~1\cgeckii_navps.dat supprimé !


    Nettoyage contenu C:\WINDOWS\Temp effectué !
    Nettoyage contenu C:\Documents and Settings\Patrick\locals~1\Temp effectué !


    *** Sauvegarde du Registre vers dossier Safebackup ***

    sauvegarde du Registre réalisée avec succès !

    *** Nettoyage Registre ***

    Nettoyage Registre Ok





    *** Scan terminé 25/07/2009 6:19:05,50 ***

    25 Juillet 2009 09:41:05

    Je t'attendrais, sans peine pour moi je ne dors pas, et j'en profite maintenant vu que le temps ne compte plus comme je dois patienter en attendant ton retour, pour m'excuser de ma précipitation et de mon manque de politesse et de courtoisie (que je n'apprécie pas moi-même)... J'espère que tu n'as pas eu de préjuger ou que tu as sous estimé mon savoir-vivre, mais j'étais vraiment paniqué et désemparé... A tout à l'heure merci et encore merci pour prendre de ton temps et de le dévouer pour m'aider !
    a c 296 8 Sécurité
    25 Juillet 2009 13:47:24

    Infection Navipromo supprimée, désinstalle Navilog1.

  • Télécharge Lop S&D sur ton Bureau.
  • Double-clique dessus pour lancer l'installation.
  • Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau.
    (Sous Vista, il faut cliquer sur le raccourci Lop S&D et choisir Exécuter en tant qu'administrateur)
  • Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche) .
  • Patiente jusqu'à la fin du scan.
  • Poste le rapport généré (C:\lopR.txt).
    25 Juillet 2009 14:44:58

    Je n'ai pas trouvé de logiciel ou programme "Navilog1" sur mon PC, j'ai donc téléchargé dirrectement Lop S&D et ceci a marché, le scan est actuellement en cours.
    ------------------
    quelques minutes plus tard
    ------------------

    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
    BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
    USER : Patrick ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1335 [VPS 090724-0] 4.8.1335 (Activated)
    C:\ (Local Disk) - NTFS - Total:176 Go (Free:123 Go)
    D:\ (CD or DVD)
    E:\ (USB)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 25/07/2009|14:43 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [09/10/2008|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    [13/06/2008|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{B7A015B7-4802-4678-8CEC-700380BA9AFD}
    [21/11/2008|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [09/10/2008|18:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [09/10/2008|18:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [18/07/2008|05:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Audio 4 part browse
    [23/11/2008|13:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFishGamesCache
    [20/11/2008|11:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FreshGames
    [17/01/2009|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [14/06/2008|11:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
    [25/01/2009|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
    [22/11/2008|13:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear
    [14/06/2008|11:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
    [21/07/2008|16:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [19/02/2009|12:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [13/06/2008|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
    [06/03/2009|23:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NokiaMusic
    [05/03/2009|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberongames
    [25/01/2009|14:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
    [30/04/2009|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
    [25/02/2009|19:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [11/06/2009|23:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
    [01/03/2009|19:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [13/06/2008|18:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [27/12/2008|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [15/03/2009|20:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\wmp
    [28/07/2008|10:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

    [12/06/2009|18:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [06/07/2008|19:46] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [11/07/2008|16:48] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [17/06/2008|17:53] C:\DOCUME~1\Patrick\APPLIC~1\Adobe
    [14/06/2008|18:08] C:\DOCUME~1\Patrick\APPLIC~1\Ahead
    [19/12/2008|05:51] C:\DOCUME~1\Patrick\APPLIC~1\Apple Computer
    [25/07/2009|03:40] C:\DOCUME~1\Patrick\APPLIC~1\Burn Hope Live
    [22/05/2009|21:16] C:\DOCUME~1\Patrick\APPLIC~1\D-Jix Media
    [25/07/2009|13:45] C:\DOCUME~1\Patrick\APPLIC~1\EoRezo
    [20/11/2008|15:01] C:\DOCUME~1\Patrick\APPLIC~1\Google
    [19/01/2009|19:22] C:\DOCUME~1\Patrick\APPLIC~1\Help
    [17/06/2008|16:57] C:\DOCUME~1\Patrick\APPLIC~1\HP
    [30/04/2009|18:31] C:\DOCUME~1\Patrick\APPLIC~1\Identities
    [29/10/2008|19:17] C:\DOCUME~1\Patrick\APPLIC~1\Image Zone Express
    [13/06/2008|17:01] C:\DOCUME~1\Patrick\APPLIC~1\InstallShield
    [25/07/2009|03:20] C:\DOCUME~1\Patrick\APPLIC~1\LimeWire
    [17/06/2008|17:53] C:\DOCUME~1\Patrick\APPLIC~1\Macromedia
    [12/06/2009|06:56] C:\DOCUME~1\Patrick\APPLIC~1\Microsoft
    [31/07/2008|18:52] C:\DOCUME~1\Patrick\APPLIC~1\Mindscape
    [14/09/2008|11:35] C:\DOCUME~1\Patrick\APPLIC~1\Mozilla
    [06/03/2009|23:26] C:\DOCUME~1\Patrick\APPLIC~1\Nokia
    [23/03/2009|16:19] C:\DOCUME~1\Patrick\APPLIC~1\Nokia Multimedia Player
    [19/07/2009|00:59] C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker
    [06/03/2009|23:54] C:\DOCUME~1\Patrick\APPLIC~1\PC Suite
    [30/04/2009|18:31] C:\DOCUME~1\Patrick\APPLIC~1\PlayFirst
    [25/07/2009|05:27] C:\DOCUME~1\Patrick\APPLIC~1\QUAD Backups
    [25/09/2008|11:38] C:\DOCUME~1\Patrick\APPLIC~1\SecondLife
    [18/06/2009|11:48] C:\DOCUME~1\Patrick\APPLIC~1\Skype
    [17/06/2009|16:09] C:\DOCUME~1\Patrick\APPLIC~1\skypePM
    [14/10/2008|16:03] C:\DOCUME~1\Patrick\APPLIC~1\Sun
    [29/04/2009|01:25] C:\DOCUME~1\Patrick\APPLIC~1\uTorrent
    [05/04/2009|22:05] C:\DOCUME~1\Patrick\APPLIC~1\Windows Live Writer
    [30/04/2009|18:31] C:\DOCUME~1\Patrick\APPLIC~1\Zylom

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [25/07/2009 14:29][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-343818398-412668190-725345543-1004UA.job
    [25/07/2009 07:29][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-343818398-412668190-725345543-1004Core.job
    [25/07/2009 13:59][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [25/07/2009 11:35][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [20/07/2009 07:54][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [25/07/2009 11:36][--ah-----] C:\WINDOWS\tasks\MP Scheduled Scan.job
    [25/07/2009 11:33][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [02/03/2006 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [21/11/2008|18:35] C:\Program Files\Adobe
    [13/06/2008|17:57] C:\Program Files\Alwil Software
    [13/06/2008|17:01] C:\Program Files\AMD
    [09/10/2008|18:28] C:\Program Files\Apple Software Update
    [21/05/2009|02:56] C:\Program Files\Ares
    [22/11/2008|13:03] C:\Program Files\bfgclient
    [15/11/2008|14:30] C:\Program Files\Bonjour
    [21/06/2008|21:59] C:\Program Files\Burn Hope Live
    [18/07/2008|21:06] C:\Program Files\Circle Developement
    [26/10/2008|11:35] C:\Program Files\Coktel
    [13/06/2008|13:08] C:\Program Files\ComPlus Applications
    [22/05/2009|21:11] C:\Program Files\Consumer Update Firmware
    [23/06/2008|14:57] C:\Program Files\Cyanide
    [25/01/2009|14:35] C:\Program Files\DIFX
    [22/05/2009|21:13] C:\Program Files\D-Jix
    [26/05/2009|17:20] C:\Program Files\Dofus
    [29/04/2009|01:00] C:\Program Files\eMule
    [13/03/2009|21:52] C:\Program Files\Enlight
    [25/07/2009|11:35] C:\Program Files\EoRezo
    [11/06/2009|23:55] C:\Program Files\Fichiers communs
    [23/07/2008|15:17] C:\Program Files\Gadwin Systems
    [18/07/2009|03:00] C:\Program Files\Google
    [14/06/2008|11:49] C:\Program Files\Hewlett-Packard
    [14/06/2008|11:52] C:\Program Files\HP
    [06/07/2008|17:28] C:\Program Files\id Software
    [13/03/2009|21:57] C:\Program Files\InstallShield Installation Information
    [12/06/2009|06:53] C:\Program Files\Internet Explorer
    [09/10/2008|18:30] C:\Program Files\iPod
    [09/10/2008|18:31] C:\Program Files\iTunes
    [20/01/2009|19:35] C:\Program Files\Java
    [24/07/2009|06:07] C:\Program Files\LimeWire
    [13/06/2008|15:48] C:\Program Files\ma-config.com
    [29/06/2008|10:38] C:\Program Files\McDonaldsFairies
    [15/08/2008|03:02] C:\Program Files\Messenger
    [03/10/2008|22:36] C:\Program Files\Messenger Plus! Live
    [22/06/2008|14:51] C:\Program Files\metin2
    [17/12/2008|15:36] C:\Program Files\Microsoft
    [15/06/2008|03:00] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [13/06/2008|13:11] C:\Program Files\microsoft frontpage
    [13/06/2008|18:07] C:\Program Files\Microsoft Office
    [27/02/2009|09:27] C:\Program Files\Microsoft Silverlight
    [10/07/2008|19:03] C:\Program Files\Microsoft SQL Server Compact Edition
    [17/12/2008|15:34] C:\Program Files\Microsoft Sync Framework
    [13/06/2008|18:07] C:\Program Files\Microsoft Visual Studio
    [22/12/2008|11:25] C:\Program Files\Microsoft Works
    [12/12/2008|08:13] C:\Program Files\Microsoft.NET
    [31/07/2008|18:52] C:\Program Files\Mindscape
    [13/06/2008|18:26] C:\Program Files\Movie Maker
    [17/11/2008|20:30] C:\Program Files\Mozilla Firefox
    [06/03/2009|23:13] C:\Program Files\MSBuild
    [13/06/2008|13:06] C:\Program Files\MSN
    [13/06/2008|13:07] C:\Program Files\MSN Gaming Zone
    [25/06/2008|12:04] C:\Program Files\MSXML 4.0
    [25/07/2009|06:19] C:\Program Files\Navilog1
    [13/06/2008|18:04] C:\Program Files\Nero
    [13/06/2008|17:44] C:\Program Files\NETGEAR GA511 Adapter
    [13/06/2008|18:25] C:\Program Files\NetMeeting
    [06/03/2009|23:21] C:\Program Files\Nokia
    [13/06/2008|13:07] C:\Program Files\Online Services
    [25/04/2009|10:26] C:\Program Files\OpenAL
    [13/06/2008|18:47] C:\Program Files\Outlook Express
    [19/07/2009|00:59] C:\Program Files\PacificPoker
    [31/07/2008|11:13] C:\Program Files\PhotoFiltre Studio
    [25/07/2009|05:26] C:\Program Files\QUAD Utilities
    [09/10/2008|18:30] C:\Program Files\QuickTime
    [13/06/2008|17:45] C:\Program Files\Realtek AC97
    [06/03/2009|23:13] C:\Program Files\Reference Assemblies
    [31/07/2008|10:59] C:\Program Files\Seagrand
    [13/06/2008|13:09] C:\Program Files\Services en ligne
    [29/03/2009|15:14] C:\Program Files\Sierra On-Line
    [25/02/2009|19:55] C:\Program Files\Skype
    [25/07/2009|11:37] C:\Program Files\Steam
    [09/10/2008|18:40] C:\Program Files\Sun
    [25/07/2009|05:41] C:\Program Files\trend micro
    [13/06/2008|15:43] C:\Program Files\Uninstall Information
    [27/10/2008|12:23] C:\Program Files\uTorrent
    [06/07/2008|13:26] C:\Program Files\Valve
    [14/06/2008|11:26] C:\Program Files\VIA Technologies, INC
    [25/04/2009|10:26] C:\Program Files\Warzone 2100
    [13/06/2008|21:25] C:\Program Files\Windows Defender
    [19/02/2009|12:13] C:\Program Files\Windows Live
    [10/07/2008|19:01] C:\Program Files\Windows Live Favorites
    [17/12/2008|15:31] C:\Program Files\Windows Live SkyDrive
    [27/12/2008|18:53] C:\Program Files\Windows Live Toolbar
    [03/11/2008|16:22] C:\Program Files\Windows Media Connect 2
    [03/11/2008|16:23] C:\Program Files\Windows Media Player
    [13/06/2008|18:25] C:\Program Files\Windows NT
    [13/06/2008|13:09] C:\Program Files\WindowsUpdate
    [13/06/2008|18:06] C:\Program Files\WinRAR
    [13/06/2008|13:11] C:\Program Files\xerox
    [30/04/2009|18:30] C:\Program Files\Zylom Games

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [21/11/2008|18:36] C:\Program Files\Fichiers communs\Adobe
    [13/06/2008|18:05] C:\Program Files\Fichiers communs\Ahead
    [09/10/2008|18:29] C:\Program Files\Fichiers communs\Apple
    [05/07/2008|19:31] C:\Program Files\Fichiers communs\Blizzard Entertainment
    [13/06/2008|18:07] C:\Program Files\Fichiers communs\DESIGNER
    [14/06/2008|11:48] C:\Program Files\Fichiers communs\Hewlett-Packard
    [11/06/2009|23:54] C:\Program Files\Fichiers communs\HP
    [14/06/2008|11:51] C:\Program Files\Fichiers communs\InstallShield
    [09/10/2008|18:37] C:\Program Files\Fichiers communs\Java
    [06/03/2009|23:20] C:\Program Files\Fichiers communs\Microsoft Shared
    [13/06/2008|13:08] C:\Program Files\Fichiers communs\MSSoap
    [06/03/2009|23:21] C:\Program Files\Fichiers communs\Nokia
    [13/06/2008|14:14] C:\Program Files\Fichiers communs\ODBC
    [25/01/2009|14:36] C:\Program Files\Fichiers communs\PCSuite
    [13/06/2008|13:09] C:\Program Files\Fichiers communs\Services
    [25/02/2009|19:55] C:\Program Files\Fichiers communs\Skype
    [14/06/2008|12:37] C:\Program Files\Fichiers communs\snp325
    [11/06/2009|23:55] C:\Program Files\Fichiers communs\Sonic Shared
    [13/06/2008|14:14] C:\Program Files\Fichiers communs\SpeechEngines
    [13/06/2008|18:47] C:\Program Files\Fichiers communs\System
    [17/12/2008|15:12] C:\Program Files\Fichiers communs\Windows Live
    [13/06/2008|19:01] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    --------------------\\ Process

    ( 70 Processes )

    iexplore.exe ~ [PID:1060]

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Audio 4 part browse
    C:\Program Files\Circle Developement
    C:\DOCUME~1\Patrick\Cookies\patrick@d2.advertserve[1].txt
    C:\DOCUME~1\Patrick\Cookies\patrick@advertising[2].txt
    C:\DOCUME~1\Patrick\Cookies\patrick@2xmoinscher[1].txt
    C:\DOCUME~1\Patrick\Cookies\patrick@cc.2xmoinscher[2].txt

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-07-25 14:44:31
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 1

    --------------------\\ Recherche d'autres infections


    Aucune autre infection trouvée !

    [F:559][D:13]-> C:\DOCUME~1\Patrick\LOCALS~1\Temp
    [F:246][D:0]-> C:\DOCUME~1\Patrick\Cookies
    [F:13233][D:72]-> C:\DOCUME~1\Patrick\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 25/07/2009|14:46 - Option : [1]

    --------------------\\ Fin du rapport a 14:46:56
    a c 296 8 Sécurité
    25 Juillet 2009 14:48:08

    Pour Navilog1, Panneau de configuration > Ajout/Suppression des programmes.
    25 Juillet 2009 14:50:09

    Destrio5 a dit :
    Pour Navilog1, Panneau de configuration > Ajout/Suppression des programmes.


    C'est ce que j'ai fait, et je n'ai rien trouvé de ce nom...
    a c 296 8 Sécurité
    25 Juillet 2009 14:51:55

    Ok.
    25 Juillet 2009 15:04:43

    J'attends vos instruction et les démarches à suivre Chef ! =)
    a c 296 8 Sécurité
    25 Juillet 2009 15:10:42

    Je n'avais pas vu que tu avais édité ton message.

  • Relance Lop S&D.
    (Sous Vista, il faut cliquer sur le raccourci Lop S&D et choisir Exécuter en tant qu'administrateur)
  • Choisis cette fois-ci l'option 2 (Suppression).
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt).

    (Si le Bureau ne réapparaît pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
    25 Juillet 2009 15:13:57

    Destrio5 a dit :

  • Choisis cette fois-ci l'option 2 (Suppression).


  • 2_ Suppression + Hosts

    ou

    3_ Suppression - Hosts
    a c 296 8 Sécurité
    25 Juillet 2009 15:16:29

    Suppression + Hosts
    25 Juillet 2009 15:20:28

    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3200+ )
    BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
    USER : Patrick ( Administrator )
    BOOT : Normal boot
    Antivirus : avast! antivirus 4.8.1335 [VPS 090724-0] 4.8.1335 (Activated)
    C:\ (Local Disk) - NTFS - Total:176 Go (Free:123 Go)
    D:\ (CD or DVD)
    E:\ (USB)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( 25/07/2009|15:14 )


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\DOCUME~1\Patrick\Cookies\patrick@d2.advertserve[1].txt
    Supprime! - C:\DOCUME~1\Patrick\Cookies\patrick@2xmoinscher[1].txt
    Supprime! - C:\DOCUME~1\Patrick\Cookies\patrick@cc.2xmoinscher[2].txt
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Audio 4 part browse
    Supprime! - C:\Program Files\Circle Developement

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    --------------------\\ Listing des dossiers dans APPLIC~1

    [09/10/2008|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    [13/06/2008|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{B7A015B7-4802-4678-8CEC-700380BA9AFD}
    [21/11/2008|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [09/10/2008|18:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [09/10/2008|18:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [23/11/2008|13:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFishGamesCache
    [20/11/2008|11:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FreshGames
    [17/01/2009|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [14/06/2008|11:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
    [25/01/2009|14:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
    [22/11/2008|13:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear
    [14/06/2008|11:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
    [21/07/2008|16:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [19/02/2009|12:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [13/06/2008|18:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
    [06/03/2009|23:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NokiaMusic
    [05/03/2009|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberongames
    [25/01/2009|14:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
    [30/04/2009|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
    [25/02/2009|19:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [11/06/2009|23:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
    [01/03/2009|19:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [13/06/2008|18:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [27/12/2008|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [15/03/2009|20:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\wmp
    [28/07/2008|10:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

    [12/06/2009|18:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [06/07/2008|19:46] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [11/07/2008|16:48] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [17/06/2008|17:53] C:\DOCUME~1\Patrick\APPLIC~1\Adobe
    [14/06/2008|18:08] C:\DOCUME~1\Patrick\APPLIC~1\Ahead
    [19/12/2008|05:51] C:\DOCUME~1\Patrick\APPLIC~1\Apple Computer
    [25/07/2009|03:40] C:\DOCUME~1\Patrick\APPLIC~1\Burn Hope Live
    [22/05/2009|21:16] C:\DOCUME~1\Patrick\APPLIC~1\D-Jix Media
    [25/07/2009|13:45] C:\DOCUME~1\Patrick\APPLIC~1\EoRezo
    [20/11/2008|15:01] C:\DOCUME~1\Patrick\APPLIC~1\Google
    [19/01/2009|19:22] C:\DOCUME~1\Patrick\APPLIC~1\Help
    [17/06/2008|16:57] C:\DOCUME~1\Patrick\APPLIC~1\HP
    [30/04/2009|18:31] C:\DOCUME~1\Patrick\APPLIC~1\Identities
    [29/10/2008|19:17] C:\DOCUME~1\Patrick\APPLIC~1\Image Zone Express
    [13/06/2008|17:01] C:\DOCUME~1\Patrick\APPLIC~1\InstallShield
    [25/07/2009|03:20] C:\DOCUME~1\Patrick\APPLIC~1\LimeWire
    [17/06/2008|17:53] C:\DOCUME~1\Patrick\APPLIC~1\Macromedia
    [12/06/2009|06:56] C:\DOCUME~1\Patrick\APPLIC~1\Microsoft
    [31/07/2008|18:52] C:\DOCUME~1\Patrick\APPLIC~1\Mindscape
    [14/09/2008|11:35] C:\DOCUME~1\Patrick\APPLIC~1\Mozilla
    [06/03/2009|23:26] C:\DOCUME~1\Patrick\APPLIC~1\Nokia
    [23/03/2009|16:19] C:\DOCUME~1\Patrick\APPLIC~1\Nokia Multimedia Player
    [19/07/2009|00:59] C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker
    [06/03/2009|23:54] C:\DOCUME~1\Patrick\APPLIC~1\PC Suite
    [30/04/2009|18:31] C:\DOCUME~1\Patrick\APPLIC~1\PlayFirst
    [25/07/2009|05:27] C:\DOCUME~1\Patrick\APPLIC~1\QUAD Backups
    [25/09/2008|11:38] C:\DOCUME~1\Patrick\APPLIC~1\SecondLife
    [18/06/2009|11:48] C:\DOCUME~1\Patrick\APPLIC~1\Skype
    [17/06/2009|16:09] C:\DOCUME~1\Patrick\APPLIC~1\skypePM
    [14/10/2008|16:03] C:\DOCUME~1\Patrick\APPLIC~1\Sun
    [29/04/2009|01:25] C:\DOCUME~1\Patrick\APPLIC~1\uTorrent
    [05/04/2009|22:05] C:\DOCUME~1\Patrick\APPLIC~1\Windows Live Writer
    [30/04/2009|18:31] C:\DOCUME~1\Patrick\APPLIC~1\Zylom

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [25/07/2009 14:29][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-343818398-412668190-725345543-1004UA.job
    [25/07/2009 07:29][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-343818398-412668190-725345543-1004Core.job
    [25/07/2009 14:59][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [25/07/2009 11:35][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [20/07/2009 07:54][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [25/07/2009 11:36][--ah-----] C:\WINDOWS\tasks\MP Scheduled Scan.job
    [25/07/2009 11:33][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [02/03/2006 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [21/11/2008|18:35] C:\Program Files\Adobe
    [13/06/2008|17:57] C:\Program Files\Alwil Software
    [13/06/2008|17:01] C:\Program Files\AMD
    [09/10/2008|18:28] C:\Program Files\Apple Software Update
    [21/05/2009|02:56] C:\Program Files\Ares
    [22/11/2008|13:03] C:\Program Files\bfgclient
    [15/11/2008|14:30] C:\Program Files\Bonjour
    [21/06/2008|21:59] C:\Program Files\Burn Hope Live
    [26/10/2008|11:35] C:\Program Files\Coktel
    [13/06/2008|13:08] C:\Program Files\ComPlus Applications
    [22/05/2009|21:11] C:\Program Files\Consumer Update Firmware
    [23/06/2008|14:57] C:\Program Files\Cyanide
    [25/01/2009|14:35] C:\Program Files\DIFX
    [22/05/2009|21:13] C:\Program Files\D-Jix
    [26/05/2009|17:20] C:\Program Files\Dofus
    [29/04/2009|01:00] C:\Program Files\eMule
    [13/03/2009|21:52] C:\Program Files\Enlight
    [25/07/2009|11:35] C:\Program Files\EoRezo
    [11/06/2009|23:55] C:\Program Files\Fichiers communs
    [23/07/2008|15:17] C:\Program Files\Gadwin Systems
    [18/07/2009|03:00] C:\Program Files\Google
    [14/06/2008|11:49] C:\Program Files\Hewlett-Packard
    [14/06/2008|11:52] C:\Program Files\HP
    [06/07/2008|17:28] C:\Program Files\id Software
    [13/03/2009|21:57] C:\Program Files\InstallShield Installation Information
    [12/06/2009|06:53] C:\Program Files\Internet Explorer
    [09/10/2008|18:30] C:\Program Files\iPod
    [09/10/2008|18:31] C:\Program Files\iTunes
    [20/01/2009|19:35] C:\Program Files\Java
    [24/07/2009|06:07] C:\Program Files\LimeWire
    [13/06/2008|15:48] C:\Program Files\ma-config.com
    [29/06/2008|10:38] C:\Program Files\McDonaldsFairies
    [15/08/2008|03:02] C:\Program Files\Messenger
    [03/10/2008|22:36] C:\Program Files\Messenger Plus! Live
    [22/06/2008|14:51] C:\Program Files\metin2
    [17/12/2008|15:36] C:\Program Files\Microsoft
    [15/06/2008|03:00] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [13/06/2008|13:11] C:\Program Files\microsoft frontpage
    [13/06/2008|18:07] C:\Program Files\Microsoft Office
    [27/02/2009|09:27] C:\Program Files\Microsoft Silverlight
    [10/07/2008|19:03] C:\Program Files\Microsoft SQL Server Compact Edition
    [17/12/2008|15:34] C:\Program Files\Microsoft Sync Framework
    [13/06/2008|18:07] C:\Program Files\Microsoft Visual Studio
    [22/12/2008|11:25] C:\Program Files\Microsoft Works
    [12/12/2008|08:13] C:\Program Files\Microsoft.NET
    [31/07/2008|18:52] C:\Program Files\Mindscape
    [13/06/2008|18:26] C:\Program Files\Movie Maker
    [17/11/2008|20:30] C:\Program Files\Mozilla Firefox
    [06/03/2009|23:13] C:\Program Files\MSBuild
    [13/06/2008|13:06] C:\Program Files\MSN
    [13/06/2008|13:07] C:\Program Files\MSN Gaming Zone
    [25/06/2008|12:04] C:\Program Files\MSXML 4.0
    [25/07/2009|06:19] C:\Program Files\Navilog1
    [13/06/2008|18:04] C:\Program Files\Nero
    [13/06/2008|17:44] C:\Program Files\NETGEAR GA511 Adapter
    [13/06/2008|18:25] C:\Program Files\NetMeeting
    [06/03/2009|23:21] C:\Program Files\Nokia
    [13/06/2008|13:07] C:\Program Files\Online Services
    [25/04/2009|10:26] C:\Program Files\OpenAL
    [13/06/2008|18:47] C:\Program Files\Outlook Express
    [19/07/2009|00:59] C:\Program Files\PacificPoker
    [31/07/2008|11:13] C:\Program Files\PhotoFiltre Studio
    [25/07/2009|05:26] C:\Program Files\QUAD Utilities
    [09/10/2008|18:30] C:\Program Files\QuickTime
    [13/06/2008|17:45] C:\Program Files\Realtek AC97
    [06/03/2009|23:13] C:\Program Files\Reference Assemblies
    [31/07/2008|10:59] C:\Program Files\Seagrand
    [13/06/2008|13:09] C:\Program Files\Services en ligne
    [29/03/2009|15:14] C:\Program Files\Sierra On-Line
    [25/02/2009|19:55] C:\Program Files\Skype
    [25/07/2009|11:37] C:\Program Files\Steam
    [09/10/2008|18:40] C:\Program Files\Sun
    [25/07/2009|05:41] C:\Program Files\trend micro
    [13/06/2008|15:43] C:\Program Files\Uninstall Information
    [27/10/2008|12:23] C:\Program Files\uTorrent
    [06/07/2008|13:26] C:\Program Files\Valve
    [14/06/2008|11:26] C:\Program Files\VIA Technologies, INC
    [25/04/2009|10:26] C:\Program Files\Warzone 2100
    [13/06/2008|21:25] C:\Program Files\Windows Defender
    [19/02/2009|12:13] C:\Program Files\Windows Live
    [10/07/2008|19:01] C:\Program Files\Windows Live Favorites
    [17/12/2008|15:31] C:\Program Files\Windows Live SkyDrive
    [27/12/2008|18:53] C:\Program Files\Windows Live Toolbar
    [03/11/2008|16:22] C:\Program Files\Windows Media Connect 2
    [03/11/2008|16:23] C:\Program Files\Windows Media Player
    [13/06/2008|18:25] C:\Program Files\Windows NT
    [13/06/2008|13:09] C:\Program Files\WindowsUpdate
    [13/06/2008|18:06] C:\Program Files\WinRAR
    [13/06/2008|13:11] C:\Program Files\xerox
    [30/04/2009|18:30] C:\Program Files\Zylom Games

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [21/11/2008|18:36] C:\Program Files\Fichiers communs\Adobe
    [13/06/2008|18:05] C:\Program Files\Fichiers communs\Ahead
    [09/10/2008|18:29] C:\Program Files\Fichiers communs\Apple
    [05/07/2008|19:31] C:\Program Files\Fichiers communs\Blizzard Entertainment
    [13/06/2008|18:07] C:\Program Files\Fichiers communs\DESIGNER
    [14/06/2008|11:48] C:\Program Files\Fichiers communs\Hewlett-Packard
    [11/06/2009|23:54] C:\Program Files\Fichiers communs\HP
    [14/06/2008|11:51] C:\Program Files\Fichiers communs\InstallShield
    [09/10/2008|18:37] C:\Program Files\Fichiers communs\Java
    [06/03/2009|23:20] C:\Program Files\Fichiers communs\Microsoft Shared
    [13/06/2008|13:08] C:\Program Files\Fichiers communs\MSSoap
    [06/03/2009|23:21] C:\Program Files\Fichiers communs\Nokia
    [13/06/2008|14:14] C:\Program Files\Fichiers communs\ODBC
    [25/01/2009|14:36] C:\Program Files\Fichiers communs\PCSuite
    [13/06/2008|13:09] C:\Program Files\Fichiers communs\Services
    [25/02/2009|19:55] C:\Program Files\Fichiers communs\Skype
    [14/06/2008|12:37] C:\Program Files\Fichiers communs\snp325
    [11/06/2009|23:55] C:\Program Files\Fichiers communs\Sonic Shared
    [13/06/2008|14:14] C:\Program Files\Fichiers communs\SpeechEngines
    [13/06/2008|18:47] C:\Program Files\Fichiers communs\System
    [17/12/2008|15:12] C:\Program Files\Fichiers communs\Windows Live
    [13/06/2008|19:01] C:\Program Files\Fichiers communs\WindowsLiveInstaller

    --------------------\\ Process

    ( 68 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\Patrick\Cookies\patrick@advertising[1].txt

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-07-25 15:15:38
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 1

    --------------------\\ Recherche d'autres infections


    Aucune autre infection trouvée !

    [F:560][D:14]-> C:\DOCUME~1\Patrick\LOCALS~1\Temp
    [F:243][D:0]-> C:\DOCUME~1\Patrick\Cookies
    [F:13392][D:72]-> C:\DOCUME~1\Patrick\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 25/07/2009|14:46 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 25/07/2009|15:17 - Option : [2]

    --------------------\\ Fin du rapport a 15:17:20


    Je n'est pas fermé la page une fois la recherche fini, il y a juste marqué Fin du rapport a 15:17:20 _ (le "_" clignote), puis-je la fermer maintenant ?)
    a c 296 8 Sécurité
    25 Juillet 2009 15:26:44

    Oui.

  • Désinstalle eoEngine.

  • Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

    /!\ Déconnecte-toi et ferme toutes applications en cours /!\

  • Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).
  • Double-clique sur le raccourci d'Ad-Remover situé sur ton Bureau pour le lancer.
    (Sous Vista, il faut cliquer droit sur le raccourci d'Ad-Remover et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour français.
  • Au menu principal, choisis l'option S.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-SCAN.log).

    (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

    Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
    25 Juillet 2009 15:57:31

    .
    ======= RAPPORT D'AD-REMOVER 1.1.4.5_O | UNIQUEMENT XP/VISTA/SEVEN =======
    .
    Mit à jour par C_XX le 24/06/2009 à 7:10 PM
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 15:31:51, 25/07/2009 | Mode Normal | Option: SCAN
    Exécuté de: C:\Program Files\Ad-remover\
    Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
    Nom du PC: CHOUAIB-BE00B00 | Utilisateur actuel: Patrick
    .
    Administrateur: Administrateur
    N'est pas administrateur: ASPNET
    N'est pas administrateur: HelpAssistant *Desactive*
    N'est pas administrateur: Invité *Desactive*
    Administrateur: Patrick
    N'est pas administrateur: SUPPORT_388945a0 *Desactive*
    .
    ============== ÉLÉMENT(S) TROUVÉ(S) ==============
    .
    .
    HKCR\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
    HKCR\AppID\EoRezoBHO.DLL
    HKCR\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
    HKCR\EoRezoBHO.EoBho
    HKCR\EoRezoBHO.EoBho.1
    HKCR\Typelib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
    HKCU\Software\EoRezo
    HKCU\Software\pacificpoker
    HKCU\Software\pokerinstaller
    HKLM\Software\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
    HKLM\Software\Classes\AppID\EoRezoBHO.DLL
    HKLM\Software\Classes\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
    HKLM\Software\Classes\EoRezoBHO.EoBho
    HKLM\Software\Classes\EoRezoBHO.EoBho.1
    HKLM\Software\Classes\Typelib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
    HKLM\Software\EoRezo
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pacific Poker
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
    HKU\S-1-5-21-343818398-412668190-725345543-1004\Software\Eorezo
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Eoengine
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Softwarehelper
    .
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker
    C:\DOCUME~1\Patrick\MESDOC~1\PacificPoker
    C:\Program Files\EoRezo
    C:\Program Files\PacificPoker
    C:\DOCUME~1\Patrick\MENUDM~1\PROGRA~1\Pacific Poker
    C:\Documents and Settings\Patrick\Application Data\Microsoft\Internet Explorer\Quick Launch\Pacific Poker.lnk
    C:\DOCUME~1\Patrick\MENUDM~1\Pacific Poker.lnk
    C:\WINDOWS\Prefetch\SOFTWAREUPDATEHP.EXE-30C6DE45.pf
    C:\DOCUME~1\Patrick\Cookies\patrick@ads.eorezo[1].txt
    C:\DOCUME~1\Patrick\Cookies\patrick@eorezo[2].txt
    .
    ============== Scan additionnel ==============
    .

    * Mozilla FireFox Version [Impossible d'obtenir la version] *

    Nom du profil: a14fusgo.default (Patrick)
    .
    (Prefs.js) user_pref("browser.search.defaultenginename", "Google");
    (Prefs.js) user_pref("browser.search.selectedEngine", "Live Search");
    (Prefs.js) user_pref("browser.search.selectedEngine", "Live Search");
    (Prefs.js) user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=");
    (Prefs.js) user_pref("browser.startup.homepage", "hxxp://y.lo.st");
    (Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.3");
    (Prefs.js) user_pref("browser.startup.homepage", "hxxp://fr.msn.com/");
    (Prefs.js) user_pref("browser.startup.homepage", "hxxp://fr.msn.com/");
    .
    (prefs.js) TROUVÉ: user_pref("browser.startup.homepage", "hxxp://y.lo.st");
    .

    * Internet Explorer Version 7.0.5730.13 *

    [HKEY_CURRENT_USER\..\Internet Explorer\Main]

    Default_Search_URL: hxxp://www.google.com/ie
    Search bar: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://y.lo.st
    First Home Page: hxxp://y.lo.st

    [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

    Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
    Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Search bar: hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
    Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157

    [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

    Tabs: hxxp://lo.st/?tabs

    ============== Suspect (Cracks, Serials ... ) ==============

    .
    C:\Documents and Settings\Patrick\Mes documents\Antony\metin2\PatchUpdater.exe
    C:\Documents and Settings\Patrick\Mes documents\Antony\World of Warcraft 1\WoW-2.3.0.7561-to-2.3.2.7741-frFR-patch.exe
    C:\Documents and Settings\Patrick\Mes documents\Antony\World of Warcraft 1\WoW-2.3.2.7741-to-2.3.3.7799-frFR-patch.exe
    C:\Documents and Settings\Patrick\Mes documents\Antony\World of Warcraft 1\WoW-2.4.0.8089-to-2.4.1.8125-frFR-patch.exe
    C:\Documents and Settings\Patrick\Mes documents\Antony\World of Warcraft 1\WoW-2.4.1.8125-to-2.4.2.8278-frFR-patch.exe
    C:\Documents and Settings\Patrick\Mes documents\Antony\World of Warcraft 1\Patches\WoW-2.3.3-to-2.4.0-frFR-Win-patch\BNUpdate.exe
    .
    ===================================
    .
    5060 Octet(s) - C:\Ad-Report-SCAN.log
    .
    227 Fichier(s) - C:\DOCUME~1\Patrick\LOCALS~1\Temp
    5 Fichier(s) - C:\WINDOWS\Temp
    .
    0 Fichier(s) - C:\Program Files\Ad-remover\BACKUP
    0 Fichier(s) - C:\Program Files\Ad-remover\QUARANTINE
    .
    Fin à: 15:55:53 | 25/07/2009
    .
    ============== E.O.F ==============
    .
    a c 296 8 Sécurité
    25 Juillet 2009 16:00:50

    Tu peux faire l'option L et poster le rapport log.
    25 Juillet 2009 16:04:33

    C'est bizard "Navilog1" apparaît dans le rapport, et il est belle-et-bien dans mon Disque Local - Progam Files, mais aucune trace dans Panneau de Config. - Ajouts/Suppression de programme...
    a c 296 8 Sécurité
    25 Juillet 2009 16:07:56

    Ce n'est pas grave, ToolsCleaner le virera.
    25 Juillet 2009 16:37:27

    .
    ======= RAPPORT D'AD-REMOVER 1.1.4.5_O | UNIQUEMENT XP/VISTA/SEVEN =======
    .
    Mit à jour par C_XX le 24/06/2009 à 7:10 PM
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 16:05:20, 25/07/2009 | Mode Normal | Option: CLEAN
    Exécuté de: C:\Program Files\Ad-remover\
    Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
    Nom du PC: CHOUAIB-BE00B00 | Utilisateur actuel: Patrick
    .
    Administrateur: Administrateur
    N'est pas administrateur: ASPNET
    N'est pas administrateur: HelpAssistant *Desactive*
    N'est pas administrateur: Invité *Desactive*
    Administrateur: Patrick
    N'est pas administrateur: SUPPORT_388945a0 *Desactive*
    .
    ============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
    .
    .
    HKCR\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
    HKCR\AppID\EoRezoBHO.DLL
    HKCR\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
    HKCR\EoRezoBHO.EoBho
    HKCR\EoRezoBHO.EoBho.1
    HKCR\Typelib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
    HKCU\Software\EoRezo
    HKCU\Software\pacificpoker
    HKCU\Software\pokerinstaller
    HKLM\Software\EoRezo
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pacific Poker
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Eoengine
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Softwarehelper
    .
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\cmhost.cyp
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\ConfMedia.cyp
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\db
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\eoDesktop
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\eoStats
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\host.cyp
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\user.cyp
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\db\cat.cyp
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\eoDesktop\config.xml
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\eoDesktop\eoDesktop.html
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\eoDesktop\userConfig.xml
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\eoStats\eoStats.txt
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\Download
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\help_config.cyp
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\Software
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\SoftwareUpdate.exe
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\unins000.dat
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\unins000.exe
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\user_config.cyp
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\user_profil.cyp
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\Software\eobrowserpub
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\Software\eoengine
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\Software\eobrowserpub\1.0.0.1
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\Software\eoengine\9.1.0.0
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.2
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.3
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.4
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.5
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.6
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.7
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.8
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.9
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.1.0
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.1.1
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.1.2
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.1.3
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.3\itstv.exe
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.4\itstv.exe
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.5\itstv.exe
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.6\itstv.exe
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.7\itstv.exe
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.8\itstv.exe
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.0.9\itstv.exe
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.1.0\itstv.exe
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.1.1\itstv.exe
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.1.2\itstv.exe
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo\SoftwareUpdate\Software\itsTV\3.0.1.3\itstv.exe
    C:\DOCUME~1\Patrick\APPLIC~1\EoRezo
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Chat
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Config
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\GameHist
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Help_Support
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Icons
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Localization
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Login
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\media
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\NoFlash
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Poker
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Pokerex
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\PokerLobby
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Settings
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Update
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Utils
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash\media
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash\media\888logo_up.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash\media\back_lobby_down.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash\media\back_lobby_hover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash\media\back_lobby_up.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash\media\Bankroll.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash\media\bonus_down.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash\media\bonus_hover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash\media\bonus_up.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash\media\CashBgr.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash\media\cashierbg.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash\media\cash_out_down.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash\media\cash_out_hover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash\media\cash_out_up.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash\media\convert_disable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash\media\convert_down.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash\media\convert_hover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash\media\convert_up.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash\media\dep888logo0.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash\media\Depfont0.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash\media\Depfont1.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash\media\depositby.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash\media\deposit_down.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash\media\deposit_hover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash\media\deposit_up.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash\media\lobby_disabled.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash\media\lobby_down.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash\media\lobby_hover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash\media\lobby_up.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\Cash\media\Pnt888logo_up.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\CaribPoker
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Cash
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\FlashGames
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Login
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Logs
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\media
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\roulette
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\SlotsMedia
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Update
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Utils
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\VideoSlot
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\VP
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\ArCommon
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\ArenasList.cxm
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\bj
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\Jackpots
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\ArCommon\arconfgen.cxm
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\ArCommon\Arena_BG.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\ArCommon\Arrow_leftDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\ArCommon\Arrow_leftDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\ArCommon\Arrow_leftHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\ArCommon\Arrow_leftUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\ArCommon\Arrow_rightDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\ArCommon\Arrow_rightDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\ArCommon\Arrow_rightHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\ArCommon\Arrow_rightUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\ArCommon\bArena_BG.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\ArCommon\BJDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\ArCommon\BJDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\ArCommon\BJHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\ArCommon\BJUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\ArCommon\ClassicSlotsDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\ArCommon\ClassicSlotsHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\ArCommon\ClassicSlotsUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\ArCommon\dalang.ini
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\ArCommon\JP_BG.png
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\ArCommon\JP_Numbers.png
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\ArCommon\RLDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\ArCommon\RLDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\ArCommon\RLHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\ArCommon\RLUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\ArCommon\VSArenaDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\ArCommon\VSArenaHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\ArCommon\VSArenaUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\bj\ArenaBG.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\bj\BJ_MHpreview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\bj\BJ_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\bj\CrazyBjDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\bj\CrazyBjDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\bj\CrazyBjHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\bj\CrazyBjUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\bj\Crazy_BJ_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\bj\daconfbj.cxm
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\bj\MHDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\bj\MHDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\bj\MHHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\bj\MHUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\bj\welcome_Bj_F.mp3
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\bj\welcome_Bj_M.mp3
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\CADDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\CADDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\CADHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\CADUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\CAD_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\CardsHiLoDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\CardsHiLoDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\CardsHiLoHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\CardsHiLoUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\CardsHiLo_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\daconfFlashGamesArena.cxm
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\FlashGamesArenaBG.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\FOWDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\FOWDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\FOWHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\FOWUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\FOW_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\HAJDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\HAJDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\HAJHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\HAJUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\HAJ_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\HiLoDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\HiLoDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\HiLoHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\HiLoUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\HiLo_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\JPFKDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\JPFKDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\JPFKHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\JPFKUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\JPFK_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\KenoDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\KenoDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\KenoHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\KenoUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\Keno_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\MTFDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\MTFDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\MTFHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\MTFUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\MTF_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\PotShotDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\PotShotDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\PotShotHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\PotShotUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\PotShot_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\SCBDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\SCBDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\SCBHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\SCBUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\SCB_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\TCEMDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\TCEMDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\TCEMHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\TCEMUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\TCEM_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\welcome_FlashGamesArena_F.mp3
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\welcome_FlashGamesArena_M.mp3
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\WofFDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\WofFDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\WofFHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\WofFUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\FlashGamesArena\WofF_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\Jackpots\daconfJackpots.cxm
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\Jackpots\JackpotsBkg.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\Jackpots\welcome_Jackpots_F.mp3
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\Jackpots\welcome_Jackpots_M.mp3
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\AIOrbitDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\AIOrbitDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\AIOrbitHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\AIOrbitUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\BejeweledDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\BejeweledDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\BejeweledHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\BejeweledUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\BJDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\BJDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\BjGamesDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\BjGamesDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\BjGamesHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\BjGamesUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\BJHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\BJMDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\BJMDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\BJMHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\BJMUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\BJUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\BJ_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\ClassicSlotsDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\ClassicSlotsDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\ClassicSlotsHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\ClassicSlotsUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\CPLobDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\CPLobDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\CPLobHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\CPLobUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\CrazyBjDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\CrazyBjDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\CrazyBjHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\CrazyBjUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\daconflobby.cxm
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\FGCHLDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\FGCHLDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\FGCHLHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\FGCHLUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\FlashGamesDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\FlashGamesDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\FlashGamesHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\FlashGamesUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\flsRgn.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\JackpotsDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\JackpotsDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\JackpotsHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\JackpotsUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\JP_numbers.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\LiveDealer_disable.png
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\LiveDealer_down.png
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\LiveDealer_hover.png
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\LiveDealer_up.png
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\LobbyBkg.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\MoneyPlay.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\NewGamesDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\NewGamesDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\NewGamesHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\NewGamesUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\OtherDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\OtherDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\OtherHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\OtherUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\PokerGamesDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\PokerGamesDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\PokerGamesHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\PokerGamesUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\PracticePlay.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\promo.swf
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\PVPDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\PVPDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\PVPHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\PVPUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\RDDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\RDDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\RDHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\RDUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\RouletteDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\RouletteDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\RouletteHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\RouletteUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\Roul_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\Switch2Disable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\Switch2Down.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\Switch2Hover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\Switch2Up.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\SwitchHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\SwitchUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\TableAndCardGamesDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\TableAndCardGamesDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\TableAndCardGamesHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\TableAndCardGamesUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\TCPokerDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\TCPokerDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\TCPokerHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\TCPokerUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VideoPokerDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VideoPokerDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VideoPokerHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VideoPokerUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VideoSlotsDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VideoSlotsDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VideoSlotsHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VideoSlotsUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VIP.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VIPGold.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VIP_diamond.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSBBQDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSBBQDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSBBQHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSBBQup.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSBLLDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSBLLDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSBLLHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSBLLUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSCLDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSCLDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSCLHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSCLUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSGameDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSGameDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSGameHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSGameUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSKaMDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSKaMDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSKaMHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSKaMUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSOCODisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSOCODown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSOCOHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSOCOUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSRGBDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSRGBDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSRGBHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSRGBUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSSCDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSSCDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSSCHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSSCUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSSPADisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSSPADown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSSPAHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSSPAUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSXMDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSXMDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSXMHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\lobby\VSXMUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\10twDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\10twDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\10twHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\10twUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\10TW_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\2tewDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\2tewDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\2tewHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\2tewUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\2TEW_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\2twDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\2twDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\2twHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\2twUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\2TW_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\5twDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\5twDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\5twHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\5twUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\5TW_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\Arrow_leftDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\Arrow_leftDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\Arrow_leftHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\Arrow_leftUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\Arrow_rightDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\Arrow_rightDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\Arrow_rightHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\Arrow_rightUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\daconfslot.cxm
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\doDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\doDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\doHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\doUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\DO_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\ggDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\ggDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\ggHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\ggUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\GG_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\koDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\koDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\koHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\koUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\KO_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\mgDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\mgDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\mggDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\mggDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\mggHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\mggUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\MGG_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\mgHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\mgUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\MG_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\ogDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\ogDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\ogHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\ogUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\OG_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\ptDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\ptDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\ptHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\ptUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\PT_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\saDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\saDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\saHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\saUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\SA_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\SlotArenaBG_Page1.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\SlotArenaBG_Page2.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\st888Disable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\st888Down.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\st888Hover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\st888Up.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\ST888_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\t888Disable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\t888Down.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\t888Hover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\t888Up.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\T888_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\ttDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\ttDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\ttHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\ttUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\TT_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\welcome_slots_F.mp3
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\welcome_slots_M.mp3
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\wsDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\wsDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\wsHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\wsUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\slot\WS_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\BaccaratDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\BaccaratDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\BaccaratHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\BaccaratUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\Baccarat_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\BjGamesDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\BjGamesDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\BjGamesHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\BjGamesUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\CPDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\CPDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\CPHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\CPUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\CP_Preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\CrapsDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\CrapsDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\CrapsHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\CrapsUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\craps_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\daconfTableAndCard.cxm
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\PGPDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\PGPDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\PGPHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\PGPUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\PGP_Preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\PokerBetDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\PokerBetDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\PokerBetHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\PokerBetUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\PokerBet_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\TableAndCardArenaBG.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\TCPokerDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\TCPokerDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\TCPokerHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\TCPokerUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\TCPoker_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\welcome_TableAndCard_F.mp3
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\TableAndCard\welcome_TableAndCard_M.mp3
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\AFDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\AFDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\AFHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\AFUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\AF_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\BPDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\BPDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\BPHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\BPUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\BP_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\daconfvp.cxm
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\DWDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\DWDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\DWHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\DWUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\DW_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\ENJOY_VP_F.mp3
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\ENJOY_VP_M.mp3
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\JBDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\JBDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\JBHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\JBUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\JB_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\JWDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\JWDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\JWHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\JWUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\JW_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\PVPDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\PVPDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\PVPHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\PVPUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\PVP_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\RDDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\RDDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\RDHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\RDUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\RD_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vp\VPArenaBG.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\BBQDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\BBQDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\BBQHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\BBQup.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\BBQ_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\BejeweledDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\BejeweledDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\BejeweledHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\BejeweledUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\Bejeweled_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\BLLDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\BLLDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\BLLHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\BLLUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\BLL_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\CLDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\CLDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\CLHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\CLUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\CL_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\CoolBDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\CoolBDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\CoolBHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\CoolBUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\CoolB_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\daconfvs.cxm
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\DRLDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\DRLDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\DRLHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\DRLUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\DRL_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\ESDDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\ESDDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\ESDHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\ESDUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\ESD_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\EURDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\EURDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\EURHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\EURUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\EUR_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\FFDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\FFDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\FFHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\FFourDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\FFourDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\FFourHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\FFourUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\FFour_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\FFUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\FF_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\FPDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\FPDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\FPHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\FPUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\FP_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\FWKDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\FWKDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\FWKHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\FWKUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\FWK_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\GGDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\GGDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\GGHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\GGUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\GG_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\GMMDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\GMMDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\GMMHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\GMMUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\GMM_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\GTDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\GTDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\GTHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\GTUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\GT_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\KMDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\KMDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\KMHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\KMUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\KM_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\LoEDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\LoEDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\LoEHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\LoEUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\LoE_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\MONDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\MONDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\MONHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\MONUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\MON_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\MTDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\MTDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\MTHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\MTUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\MT_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\OCODisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\OCODown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\OCOHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\OCOUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\OCO_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\RGBDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\RGBDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\RGBHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\RGBUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\RGB_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\SCDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\SCDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\SCHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\SCUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\SC_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\SnookerDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\SnookerDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\SnookerHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\SnookerUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\snooker_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\SPADisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\SPADown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\SPAHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\SPAUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\SPA_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\SpidermanDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\SpidermanDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\SpidermanHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\SpidermanUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\Spiderman_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\VideoSlotsArenaBG1.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\VideoSlotsArenaBG2.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\VideoSlotsArenaBG3.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\welcome_vslots_F.mp3
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\welcome_vslots_M.mp3
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\XMDisable.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\XMDown.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\XMHover.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\XMUp.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Arena\vs\XM_preview.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\askinsur.png
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\BjBkgr.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\bjconf.cxm
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\BJTableLimits.png
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\BJ_F.mp3
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\BJ_M.mp3
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\BJ_vip.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Continue0.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Continue1.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Continue3.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Double0.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Double1.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Double3.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\ENJOY_BJ_F.mp3
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\ENJOY_BJ_M.mp3
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\high_left.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\high_leftBkrf.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\high_leftf.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\high_mid.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\high_midBkrf.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\high_midf.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\high_right.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\high_rightBkrf.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\high_rightf.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Hit0.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Hit1.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Hit3.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\InsNo0.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\InsNo1.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\InsNo3.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\INSUR_PAYS_F.mp3
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\INSUR_PAYS_M.mp3
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\InsYes0.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\InsYes1.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\InsYes3.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\multi_hand.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Repeat0.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Repeat1.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Repeat3.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\ScoreFont.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Split0.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Split1.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Split2.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Split3.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Stand0.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Stand1.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Stand2.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Stand3.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\strip_get_back_card.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\strip_get_card.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\strip_remove_card.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Turn.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\WOULD_U_LIKE_INSUR_F.mp3
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\WOULD_U_LIKE_INSUR_M.mp3
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\yourturn.png
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy\BJ.cxm
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy\CenterJackPotBkr.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy\CenterRgn.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy\CrazyBjBkgr.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy\CrazyBjFontLimits.png
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy\CRBJhigh_limit.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy\CRBJstandard_limit.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy\CRBJvip_limit.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy\ENJOY_CRBJ_F.mp3
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy\ENJOY_CRBJ_M.mp3
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy\EURpaytable.png
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy\GBPpaytable.png
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy\LeftJackPotBkr.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy\LeftRgn.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy\leftSlot.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy\MidSlot.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy\multihand_bet_cycle_center.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy\multihand_bet_cycle_left.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy\multihand_bet_cycle_right.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy\PayTableCloseup.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy\PayTableOpenDown.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy\PayTableOpenHover.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy\PayTableOpenup.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy\RightJackPotBkr.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy\RightRgn.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy\RightSlot.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy\safe_bet_cycle_center.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy\safe_bet_cycle_left.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy\safe_bet_cycle_right.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\Bj\media\Crazy\USDpaytable.png
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\CaribPoker\media
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\CaribPoker\media\Bet0.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\CaribPoker\media\Bet1.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\CaribPoker\media\Bet3.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\CaribPoker\media\CpBkgr.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\CaribPoker\media\cpconf.cxm
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\CaribPoker\media\CpTableLimits.png
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\CaribPoker\media\cp_strip.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\CaribPoker\media\cp_strip_no_flip.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\CaribPoker\media\cp_strip_remove.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\CaribPoker\media\cp_vip.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\CaribPoker\media\dealer does not qualify.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\CaribPoker\media\dealer qualifies.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\CaribPoker\media\ENJOY_CON_CP_F.mp3
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\CaribPoker\media\ENJOY_CON_CP_M.mp3
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\CaribPoker\media\jackpot_numbers_CP.png
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\CaribPoker\media\leftSlot.jpg
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\casinopoker\CaribPoker\media\leftSlotAnim.bmp
    C:\DOCUME~1\Patrick\APPLIC~1\PacificPoker\c
    a c 296 8 Sécurité
    25 Juillet 2009 16:41:30

  • Désinstalle Ad-Remover.

  • Refais un scan RSIT et poste le rapport log.
    25 Juillet 2009 16:46:37

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Patrick at 2009-07-25 16:45:50
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 127 GB (70%) free of 180 GB
    Total RAM: 1022 MB (31% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:46:05, on 25/07/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16850)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\WINDOWS\tsnp325.exe
    C:\WINDOWS\vsnp325.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer.exe
    C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Nokia\PC Connectivity Solution\Transports\NclUSBSrv.exe
    C:\Program Files\Nokia\PC Connectivity Solution\Transports\NclRSSrv.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Ares\Ares.exe
    C:\Program Files\NETGEAR GA511 Adapter\GA511.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Documents and Settings\Patrick\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
    C:\Documents and Settings\Patrick\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Windows Live\Toolbar\wltuser.exe
    C:\Documents and Settings\Patrick\Local Settings\Temporary Internet Files\Content.IE5\880A8M3D\RSIT[1].exe
    C:\Program Files\trend micro\Patrick.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe
    O4 - HKLM\..\Run: [snp325] C:\WINDOWS\vsnp325.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer /watchfiles
    O4 - HKLM\..\Run: [Nokia FastStart] "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
    O4 - HKLM\..\Run: [winupdate.exe] C:\WINDOWS\system32\winupdate.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [MagsBin] C:\DOCUME~1\Patrick\APPLIC~1\BURNHO~1\Rdr spam 32.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
    O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~3.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; GTB6; .NET CLR 2.0.50727; InfoPath.1; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET CLR 1.1.4322)" -"http://www8.agame.com/games/shockwave/h/horse_eventing/..."
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Patrick\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
    O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: GA511 Smart Wizard Utility.lnk = ?
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll
    O9 - Extra 'Tools' menuitem: Paramètres de Google &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://gamenextfr.oberon-media.com/Gameshell/GameHost/1...
    O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://msnfr.oberon-media.com/online2/MSN_INTL_FRANCE/z...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Update Service (gupdate1c9a5c6888afccc) (gupdate1c9a5c6888afccc) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe

    --
    End of file - 14511 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-343818398-412668190-725345543-1004Core.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-343818398-412668190-725345543-1004UA.job
    C:\WINDOWS\tasks\MP Scheduled Scan.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
    Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-01-29 1088296]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-20 320920]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-14 259696]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-06-28 669168]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-25 470512]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-20 34816]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}]
    Google Gears Helper - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll [2009-07-17 2097152]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-20 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-14 259696]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088]
    "nwiz"=nwiz.exe /install []
    "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-03 86016]
    "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
    "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-09 153136]
    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
    "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-05-11 49152]
    "tsnp325"=C:\WINDOWS\tsnp325.exe [2006-10-10 270336]
    "snp325"=C:\WINDOWS\vsnp325.exe [2006-10-10 827392]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-20 136600]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
    "PCSuiteTrayApplication"=C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-06-18 271360]
    "NokiaMServer"=C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer /watchfiles []
    "Nokia FastStart"=C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe [2009-02-26 2376992]
    "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
    "Google Quick Search Box"=C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2009-04-26 68592]
    "winupdate.exe"=C:\WINDOWS\system32\winupdate.exe [2009-07-25 43008]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]
    "MagsBin"=C:\DOCUME~1\Patrick\APPLIC~1\BURNHO~1\Rdr spam 32.exe []
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408]
    "Gadwin PrintScreen"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2007-08-20 495616]
    "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-01-29 23975720]
    "Google Update"=C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-04-25 133104]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-12-02 68856]
    "Steam"=C:\Program Files\Steam\Steam.exe [2009-06-12 1217784]
    "ares"=C:\Program Files\Ares\Ares.exe [2009-02-03 1004544]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "Shockwave Updater"=C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~3.EXE [2008-12-06 460216]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Démarrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    GA511 Smart Wizard Utility.lnk - C:\WINDOWS\Installer\{52CAD7C7-1E41-43FE-8613-AB9D79B2DBBC}\NewShortcut1.exe
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

    C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\Démarrage
    Outil de notification Live Search.lnk - C:\Documents and Settings\Patrick\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-13 240128]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "DisableTaskMgr"=1

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    "NoSetActiveDesktop"=1
    "NoActiveDesktopChanges"=1

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=
    "NoSetActiveDesktop"=
    "NoActiveDesktopChanges"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Documents and Settings\Patrick\Bureau\WoW-frFR-Installer-downloader.exe"="C:\Documents and Settings\Patrick\Bureau\WoW-frFR-Installer-downloader.exe:*:Enabled:WoW-frFR-Installer-downloader"
    "C:\Program Files\Cyanide\GameCenter\GameCenter.exe"="C:\Program Files\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter"
    "C:\Program Files\Cyanide\Loki\Loki.exe"="C:\Program Files\Cyanide\Loki\Loki.exe:*:Enabled:Loki"
    "C:\Program Files\Cyanide\Loki\Autorun\AutoRun.exe"="C:\Program Files\Cyanide\Loki\Autorun\AutoRun.exe:*:Enabled:Loki - AutoRun"
    "C:\Documents and Settings\Patrick\Mes documents\Dimitri\Réseau\BGM\metin2.bin"="C:\Documents and Settings\Patrick\Mes documents\Dimitri\Réseau\BGM\metin2.bin:*:Enabled:metin2"
    "C:\Documents and Settings\Patrick\Mes documents\Dimitri\Réseau\BGM\Metin 2.exe"="C:\Documents and Settings\Patrick\Mes documents\Dimitri\Réseau\BGM\Metin 2.exe:*:Enabled:Metin 2"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "C:\Program Files\SecondLife\SLVoice.exe"="C:\Program Files\SecondLife\SLVoice.exe:*:Enabled:SLVoice"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
    "C:\Documents and Settings\Patrick\Bureau\metin2\metin2.bin"="C:\Documents and Settings\Patrick\Bureau\metin2\metin2.bin:*:Enabled:metin2"
    "C:\Documents and Settings\Patrick\Mes documents\Antony\metin2\metin2.bin"="C:\Documents and Settings\Patrick\Mes documents\Antony\metin2\metin2.bin:*:Enabled:metin2"
    "C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows"
    "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
    "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
    "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
    "C:\Documents and Settings\Patrick\Bureau\RSIT.exe"="C:\Documents and Settings\Patrick\Bureau\RSIT.exe:*:Enabled:RSIT"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0c5220a6-4704-11de-a771-00142a2e558e}]
    shell\Auto\command - I:\launcher.exe
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL launcher.exe


    ======List of files/folders created in the last 1 months======

    2009-07-25 15:31:38 ----D---- C:\Program Files\Ad-remover
    2009-07-25 14:43:25 ----A---- C:\lopR.txt
    2009-07-25 14:42:50 ----D---- C:\Lop SD
    2009-07-25 06:01:37 ----A---- C:\cleannavi.txt
    2009-07-25 06:00:34 ----D---- C:\Program Files\Navilog1
    2009-07-25 05:05:56 ----D---- C:\Program Files\trend micro
    2009-07-25 05:05:55 ----D---- C:\rsit
    2009-07-25 03:19:41 ----A---- C:\WINDOWS\system32\winupdate.exe
    2009-07-15 03:03:37 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
    2009-07-15 03:03:30 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
    2009-07-15 03:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$

    ======List of files/folders modified in the last 1 months======

    2009-07-25 16:46:03 ----D---- C:\WINDOWS\Prefetch
    2009-07-25 16:45:52 ----D---- C:\WINDOWS\Temp
    2009-07-25 16:34:11 ----RD---- C:\Program Files
    2009-07-25 14:13:14 ----A---- C:\WINDOWS\NeroDigital.ini
    2009-07-25 11:38:36 ----D---- C:\WINDOWS
    2009-07-25 11:37:22 ----D---- C:\Program Files\Steam
    2009-07-25 11:36:54 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-07-25 11:36:47 ----SD---- C:\WINDOWS\Tasks
    2009-07-25 11:28:44 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-07-25 06:19:05 ----D---- C:\WINDOWS\system32
    2009-07-25 05:26:46 ----D---- C:\Program Files\QUAD Utilities
    2009-07-25 03:40:54 ----D---- C:\Documents and Settings\Patrick\Application Data\Burn Hope Live
    2009-07-25 03:20:03 ----D---- C:\Documents and Settings\Patrick\Application Data\LimeWire
    2009-07-24 06:07:40 ----D---- C:\Program Files\LimeWire
    2009-07-20 02:24:09 ----A---- C:\WINDOWS\win.ini
    2009-07-18 03:00:10 ----SHD---- C:\WINDOWS\Installer
    2009-07-18 03:00:09 ----HD---- C:\Config.Msi
    2009-07-18 03:00:06 ----D---- C:\Program Files\Google
    2009-07-15 03:03:39 ----HD---- C:\WINDOWS\inf
    2009-07-15 03:03:36 ----HD---- C:\WINDOWS\$hf_mig$
    2009-07-15 03:03:34 ----A---- C:\WINDOWS\imsins.BAK
    2009-07-15 03:03:33 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-07-07 17:10:56 ----A---- C:\WINDOWS\system32\MRT.exe
    2009-07-05 14:51:22 ----RD---- C:\WINDOWS\Web
    2009-07-05 14:51:20 ----D---- C:\WINDOWS\SHELLNEW
    2009-07-05 14:51:17 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
    2009-07-04 19:45:41 ----D---- C:\WINDOWS\network diagnostic
    2009-06-30 15:22:48 ----D---- C:\WINDOWS\system32\Macromed
    2009-06-30 10:12:35 ----SD---- C:\WINDOWS\Downloaded Program Files

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
    R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
    R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
    R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
    R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
    R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
    R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
    R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
    R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
    R2 usbhub;DSC Composite USB Device; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-01-24 4127488]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
    R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
    R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
    R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12288]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-03 6554496]
    R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
    R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
    R3 SNP325;USB PC Camera (SNPSTD325); C:\WINDOWS\system32\DRIVERS\snp325.sys [2007-03-07 10260864]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
    R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S2 Ca533av;Icatch(IV) Video Camera Device; C:\WINDOWS\System32\Drivers\Ca533av.sys [2002-10-21 515803]
    S2 LANPkt;Realtek LANPkt Protocol; C:\WINDOWS\system32\DRIVERS\LANPkt.sys [2006-11-28 8440]
    S3 Bridge;Pont MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
    S3 BridgeMP;Miniport de pont MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
    S3 catchme;catchme; \??\C:\DOCUME~1\Patrick\LOCALS~1\Temp\catchme.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 Diag69xp;Diag69xp; C:\WINDOWS\System32\Drivers\Diag69xp.sys [2006-11-28 11237]
    S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664]
    S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016]
    S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 STIrUsb;Dongle SigmaTel USB-IrDA; C:\WINDOWS\system32\DRIVERS\irstusb.sys [2001-08-17 26624]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]
    S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    S3 USBCamera;Icatch(IV) Still Camera Device; C:\WINDOWS\System32\Drivers\Bulk533.sys [2002-07-25 10986]
    S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
    S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064]
    S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
    S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
    R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-20 152984]
    R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
    R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
    R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
    R3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
    R3 ServiceLayer;ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
    S2 gupdate1c9a5c6888afccc;Google Update Service (gupdate1c9a5c6888afccc); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-16 133104]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
    S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-25 182768]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
    S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-05-30 576680]
    S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-03-14 779824]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------
    a c 296 8 Sécurité
    25 Juillet 2009 16:50:55

  • Désinstalle QUAD Registry Cleaner.

  • Télécharge OTM (OldTimer) sur ton Bureau.
  • Double-clique sur OTM.exe afin de le lancer.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :reg
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "winupdate.exe"=-
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "MagsBin"=-

    :files
    C:\Program Files\Burn Hope Live
    C:\DOCUME~1\Patrick\APPLIC~1\Burn Hope Live
    C:\WINDOWS\system32\winupdate.exe
    C:\Program Files\QUAD Utilities

    :commands
    [purity]
    [emptytemp]
    [reboot]

  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTM.

    ---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log
    25 Juillet 2009 17:15:56

    Une fois que j'ai fait 'MoveIt', ça à affiché un résultat (je ne sais plus quoi) et l'écran c'est figé, j'ai donc 'Reset' mon PC et je vais recommencer cette démarche bien-entendu... Je précise qu'il n'y avait qu'une ligne dans les résultats et qu'aucune demande d'éteindre le PC ou question anglaise avec les choix Yes or No m'a été demandé avant que l'écran se fige. Donc dois-je bien recommencer la démarche ?

    Ps: Mon écran ce figer déjà de temps en temps avant. Sans doute aucun rapport avec le scan.

    Sinon, à chaque redemarrage de mon PC (je t'en avait vaguement parlé) ceci s'affiche : -[à chaque je fais 'annuler' pour ne prendre aucun risque mais elle revient à chaque réouverture de la session]-


    a c 296 8 Sécurité
    25 Juillet 2009 17:25:38

    C'est un virus.

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    25 Juillet 2009 18:00:23

    Alors, j'ai tout fais comme tu me l'as demandé, j'ai tout selectionné puis supprimé, et une fois à 100% mon PC c'est éteint (toujours sans demander; "salopiot va !!!!" ^^) et au redemarrage, plus la demande douteuse (annexe screen précédement illustré) et le fond d'écran qui était là avant la mise en alerte que je ne pouvais pas changer ou même éditer.
    Mais je suis désolé, pour cette opération et la précédente, à savoir la démarche OTM, je n'ai pas pû copier/coller les rapports vu que une fois le PC était la mémoire 'copier' disparaît au redemarrage et je n'ai pas trouvé les bloc-notes. Est-ce important ?
    a c 296 8 Sécurité
    25 Juillet 2009 18:04:27

  • Relance MBAM, va dans Rapports/Logs et tu trouveras le rapport.
    25 Juillet 2009 18:42:22

    Sinon je te laisse un chèque où ? Je vais ni te demander ton adresse, ni ton numéro de compte parce que vu le contexte se serait surréaliste que tu me les donne ^^ mais un carton, à côté d'un banc dans un park, déposé dans un poubelle avec trois zéros dessus =) dis-moi où et quand ;-)
    Non je plaisante l0l ça fais série américaine :lol: 
    Mais j'aimerais vraiment te parler en privée, est-il possible ?
    ----------------------------
    Je t'envois le rapport, en message édité, d'ici peu.
    a c 296 8 Sécurité
    25 Juillet 2009 18:46:21

    :lol: 
    25 Juillet 2009 18:57:08

    En fait j'édite pas.

    Malwarebytes' Anti-Malware 1.39
    Version de la base de données: 2499
    Windows 5.1.2600 Service Pack 3

    25/07/2009 18:55:33
    mbam-log-2009-07-25 (18-55-33).txt

    Type de recherche: Examen rapide
    Eléments examinés: 103816
    Temps écoulé: 16 minute(s), 27 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Sinon, je rigolais pas du tout, pourrions-nous discuter par MP ?
    a c 296 8 Sécurité
    25 Juillet 2009 19:02:06

    Citation :
    Sinon, je rigolais pas du tout, pourrions-nous discuter par MP ?

    --> Oui, bien sûr.

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Désinstalle Java 6 Update 7 et Java 6 Update 11.

  • Mets à jour Java.

  • Mets à jour Adobe Reader.

  • Refais un scan RSIT et poste le rapport log.
    25 Juillet 2009 21:09:25

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Patrick at 2009-07-25 21:06:05
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 127 GB (70%) free of 180 GB
    Total RAM: 1022 MB (29% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:07:22, on 25/07/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16850)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\WINDOWS\tsnp325.exe
    C:\WINDOWS\vsnp325.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Nokia\PC Connectivity Solution\Transports\NclUSBSrv.exe
    C:\Program Files\Nokia\PC Connectivity Solution\Transports\NclRSSrv.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\NETGEAR GA511 Adapter\GA511.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Documents and Settings\Patrick\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
    C:\Documents and Settings\Patrick\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\Documents and Settings\Patrick\Bureau\RSIT.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\trend micro\Patrick.exe
    C:\Program Files\Windows Live\Toolbar\wltuser.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe
    O4 - HKLM\..\Run: [snp325] C:\WINDOWS\vsnp325.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer /watchfiles
    O4 - HKLM\..\Run: [Nokia FastStart] "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [MagsBin] C:\DOCUME~1\Patrick\APPLIC~1\BURNHO~1\Rdr spam 32.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
    O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~3.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; GTB6; .NET CLR 2.0.50727; InfoPath.1; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET CLR 1.1.4322)" -"http://www8.agame.com/games/shockwave/h/horse_eventing/..."
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Patrick\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
    O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: GA511 Smart Wizard Utility.lnk = ?
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll
    O9 - Extra 'Tools' menuitem: Paramètres de Google &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://gamenextfr.oberon-media.com/Gameshell/GameHost/1...
    O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://msnfr.oberon-media.com/online2/MSN_INTL_FRANCE/z...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Update Service (gupdate1c9a5c6888afccc) (gupdate1c9a5c6888afccc) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe

    --
    End of file - 14336 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-343818398-412668190-725345543-1004Core.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-343818398-412668190-725345543-1004UA.job
    C:\WINDOWS\tasks\MP Scheduled Scan.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
    Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-01-29 1088296]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-14 259696]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-06-28 669168]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-25 470512]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41368]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}]
    Google Gears Helper - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll [2009-07-17 2097152]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-14 259696]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088]
    "nwiz"=nwiz.exe /install []
    "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-03 86016]
    "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
    "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-09 153136]
    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
    "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-05-11 49152]
    "tsnp325"=C:\WINDOWS\tsnp325.exe [2006-10-10 270336]
    "snp325"=C:\WINDOWS\vsnp325.exe [2006-10-10 827392]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
    "PCSuiteTrayApplication"=C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-06-18 271360]
    "NokiaMServer"=C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer /watchfiles []
    "Nokia FastStart"=C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe [2009-02-26 2376992]
    "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
    "Google Quick Search Box"=C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2009-04-26 68592]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 148888]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]
    "MagsBin"=C:\DOCUME~1\Patrick\APPLIC~1\BURNHO~1\Rdr spam 32.exe []
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408]
    "Gadwin PrintScreen"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2007-08-20 495616]
    "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-01-29 23975720]
    "Google Update"=C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-04-25 133104]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-12-02 68856]
    "Steam"=C:\Program Files\Steam\Steam.exe [2009-06-12 1217784]
    "ares"=C:\Program Files\Ares\Ares.exe [2009-02-03 1004544]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "Shockwave Updater"=C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~3.EXE [2008-12-06 460216]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Démarrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    GA511 Smart Wizard Utility.lnk - C:\WINDOWS\Installer\{52CAD7C7-1E41-43FE-8613-AB9D79B2DBBC}\NewShortcut1.exe
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

    C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\Démarrage
    Outil de notification Live Search.lnk - C:\Documents and Settings\Patrick\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-13 240128]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "DisableTaskMgr"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    "NoSetActiveDesktop"=0
    "NoActiveDesktopChanges"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=
    "NoSetActiveDesktop"=
    "NoActiveDesktopChanges"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Documents and Settings\Patrick\Bureau\WoW-frFR-Installer-downloader.exe"="C:\Documents and Settings\Patrick\Bureau\WoW-frFR-Installer-downloader.exe:*:Enabled:WoW-frFR-Installer-downloader"
    "C:\Program Files\Cyanide\GameCenter\GameCenter.exe"="C:\Program Files\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter"
    "C:\Program Files\Cyanide\Loki\Loki.exe"="C:\Program Files\Cyanide\Loki\Loki.exe:*:Enabled:Loki"
    "C:\Program Files\Cyanide\Loki\Autorun\AutoRun.exe"="C:\Program Files\Cyanide\Loki\Autorun\AutoRun.exe:*:Enabled:Loki - AutoRun"
    "C:\Documents and Settings\Patrick\Mes documents\Dimitri\Réseau\BGM\metin2.bin"="C:\Documents and Settings\Patrick\Mes documents\Dimitri\Réseau\BGM\metin2.bin:*:Enabled:metin2"
    "C:\Documents and Settings\Patrick\Mes documents\Dimitri\Réseau\BGM\Metin 2.exe"="C:\Documents and Settings\Patrick\Mes documents\Dimitri\Réseau\BGM\Metin 2.exe:*:Enabled:Metin 2"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "C:\Program Files\SecondLife\SLVoice.exe"="C:\Program Files\SecondLife\SLVoice.exe:*:Enabled:SLVoice"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
    "C:\Documents and Settings\Patrick\Bureau\metin2\metin2.bin"="C:\Documents and Settings\Patrick\Bureau\metin2\metin2.bin:*:Enabled:metin2"
    "C:\Documents and Settings\Patrick\Mes documents\Antony\metin2\metin2.bin"="C:\Documents and Settings\Patrick\Mes documents\Antony\metin2\metin2.bin:*:Enabled:metin2"
    "C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows"
    "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
    "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
    "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
    "C:\Documents and Settings\Patrick\Bureau\RSIT.exe"="C:\Documents and Settings\Patrick\Bureau\RSIT.exe:*:Enabled:RSIT"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0c5220a6-4704-11de-a771-00142a2e558e}]
    shell\Auto\command - I:\launcher.exe
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL launcher.exe


    ======List of files/folders created in the last 1 months======

    2009-07-25 20:49:06 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-07-25 20:49:06 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-07-25 20:49:06 ----A---- C:\WINDOWS\system32\java.exe
    2009-07-25 20:48:38 ----D---- C:\Program Files\Java
    2009-07-25 17:27:38 ----D---- C:\Documents and Settings\Patrick\Application Data\Malwarebytes
    2009-07-25 17:27:31 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-07-25 17:27:30 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-07-25 16:52:34 ----D---- C:\_OTM
    2009-07-25 15:31:38 ----D---- C:\Program Files\Ad-remover
    2009-07-25 14:43:25 ----A---- C:\lopR.txt
    2009-07-25 14:42:50 ----D---- C:\Lop SD
    2009-07-25 06:01:37 ----A---- C:\cleannavi.txt
    2009-07-25 06:00:34 ----D---- C:\Program Files\Navilog1
    2009-07-25 05:05:56 ----D---- C:\Program Files\trend micro
    2009-07-25 05:05:55 ----D---- C:\rsit
    2009-07-15 03:03:37 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
    2009-07-15 03:03:30 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
    2009-07-15 03:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$

    ======List of files/folders modified in the last 1 months======

    2009-07-25 21:07:21 ----D---- C:\WINDOWS\Temp
    2009-07-25 21:06:34 ----D---- C:\WINDOWS\Prefetch
    2009-07-25 21:04:59 ----D---- C:\WINDOWS
    2009-07-25 21:04:06 ----D---- C:\Program Files\Steam
    2009-07-25 21:03:52 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-07-25 21:03:26 ----SD---- C:\WINDOWS\Tasks
    2009-07-25 20:59:13 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-07-25 20:57:56 ----SHD---- C:\WINDOWS\Installer
    2009-07-25 20:57:54 ----HD---- C:\Config.Msi
    2009-07-25 20:57:54 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2009-07-25 20:57:03 ----D---- C:\Program Files\Fichiers communs\Adobe
    2009-07-25 20:55:47 ----D---- C:\Program Files\Adobe
    2009-07-25 20:55:36 ----D---- C:\WINDOWS\WinSxS
    2009-07-25 20:53:49 ----D---- C:\WINDOWS\system32
    2009-07-25 20:48:43 ----A---- C:\WINDOWS\system32\deploytk.dll
    2009-07-25 20:48:38 ----RD---- C:\Program Files
    2009-07-25 20:43:22 ----D---- C:\Program Files\Fichiers communs
    2009-07-25 17:48:14 ----D---- C:\WINDOWS\system32\drivers
    2009-07-25 14:13:14 ----A---- C:\WINDOWS\NeroDigital.ini
    2009-07-25 05:26:46 ----D---- C:\Program Files\QUAD Utilities
    2009-07-25 03:40:54 ----D---- C:\Documents and Settings\Patrick\Application Data\Burn Hope Live
    2009-07-25 03:20:03 ----D---- C:\Documents and Settings\Patrick\Application Data\LimeWire
    2009-07-24 06:07:40 ----D---- C:\Program Files\LimeWire
    2009-07-20 02:24:09 ----A---- C:\WINDOWS\win.ini
    2009-07-18 03:00:06 ----D---- C:\Program Files\Google
    2009-07-15 03:03:39 ----HD---- C:\WINDOWS\inf
    2009-07-15 03:03:36 ----HD---- C:\WINDOWS\$hf_mig$
    2009-07-15 03:03:34 ----A---- C:\WINDOWS\imsins.BAK
    2009-07-15 03:03:33 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-07-07 17:10:56 ----A---- C:\WINDOWS\system32\MRT.exe
    2009-07-05 14:51:22 ----RD---- C:\WINDOWS\Web
    2009-07-05 14:51:20 ----D---- C:\WINDOWS\SHELLNEW
    2009-07-05 14:51:17 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
    2009-07-04 19:45:41 ----D---- C:\WINDOWS\network diagnostic
    2009-06-30 15:22:48 ----D---- C:\WINDOWS\system32\Macromed
    2009-06-30 10:12:35 ----SD---- C:\WINDOWS\Downloaded Program Files

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
    R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
    R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
    R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
    R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
    R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
    R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
    R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
    R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
    R2 usbhub;DSC Composite USB Device; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-01-24 4127488]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
    R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
    R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
    R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12288]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-03 6554496]
    R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
    R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
    R3 SNP325;USB PC Camera (SNPSTD325); C:\WINDOWS\system32\DRIVERS\snp325.sys [2007-03-07 10260864]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
    R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S2 Ca533av;Icatch(IV) Video Camera Device; C:\WINDOWS\System32\Drivers\Ca533av.sys [2002-10-21 515803]
    S2 LANPkt;Realtek LANPkt Protocol; C:\WINDOWS\system32\DRIVERS\LANPkt.sys [2006-11-28 8440]
    S3 Bridge;Pont MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
    S3 BridgeMP;Miniport de pont MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
    S3 catchme;catchme; \??\C:\DOCUME~1\Patrick\LOCALS~1\Temp\catchme.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 Diag69xp;Diag69xp; C:\WINDOWS\System32\Drivers\Diag69xp.sys [2006-11-28 11237]
    S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664]
    S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016]
    S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 STIrUsb;Dongle SigmaTel USB-IrDA; C:\WINDOWS\system32\DRIVERS\irstusb.sys [2001-08-17 26624]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]
    S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    S3 USBCamera;Icatch(IV) Still Camera Device; C:\WINDOWS\System32\Drivers\Bulk533.sys [2002-07-25 10986]
    S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
    S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064]
    S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
    S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
    R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 152984]
    R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
    R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
    R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
    R3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
    R3 ServiceLayer;ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
    S2 gupdate1c9a5c6888afccc;Google Update Service (gupdate1c9a5c6888afccc); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-16 133104]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
    S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-25 182768]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
    S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-05-30 576680]
    S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-03-14 779824]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------
    a c 296 8 Sécurité
    25 Juillet 2009 21:21:26

    Retente la manip' avec OTM.
    26 Juillet 2009 00:50:25

    All processes killed
    ========== PROCESSES ==========
    No active process named explorer.exe was found!
    ========== REGISTRY ==========
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\winupdate.exe not found.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MagsBin deleted successfully.
    ========== FILES ==========
    C:\Program Files\Burn Hope Live moved successfully.
    C:\DOCUME~1\Patrick\APPLIC~1\Burn Hope Live moved successfully.
    File/Folder C:\WINDOWS\system32\winupdate.exe not found.
    C:\Program Files\QUAD Utilities\QUAD Registry Cleaner moved successfully.
    C:\Program Files\QUAD Utilities moved successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: LocalService
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
    ->Temp folder emptied: 115616 bytes
    ->Temporary Internet Files folder emptied: 7152013 bytes

    User: NetworkService
    ->Temp folder emptied: 895844 bytes
    ->Temporary Internet Files folder emptied: 422144 bytes

    User: Patrick
    ->Temp folder emptied: 2304295 bytes
    File delete failed. C:\Documents and Settings\Patrick\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    ->Temporary Internet Files folder emptied: 513725650 bytes
    ->Java cache emptied: 24144314 bytes
    ->FireFox cache emptied: 109756973 bytes
    ->Google Chrome cache emptied: 188790854 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 2148155 bytes
    %systemroot%\System32 .tmp files removed: 4371456 bytes
    File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_568.dat scheduled to be deleted on reboot.
    Windows Temp folder emptied: 51612 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 814,35 mb


    OTM by OldTimer - Version 3.0.0.5 log created on 07262009_000438

    ||||||||||||||||||||||||||||||||||||||||||||||||||||||

    Une fois le scan fait, mon PC a fait 'Reset' et au redemarrage une fois la session ouverte cette fenêtre c'est ouverte :
    Vu qu'elle était similaire à celle don nous avions parlé au dessus, et que tu m'avais dit que c'était un virus je l'ai annulé aussi, ai-je bien fait ? C'était 'OTM' comme nom... :sweat: 


    a c 296 8 Sécurité
    26 Juillet 2009 01:01:25

    OTM.exe est le programme que tu viens d'utiliser.

  • Refais un scan RSIT et poste le rapport log.

    Ton PC fonctionne bien ?
    26 Juillet 2009 01:06:27

    Ok, mon PC... mis-à-part les problèmes d'avant* oui enfin je ne vois pas d'anomalie...

    *problèmes d'avant = l'écran qui se fige pour X ou Y raison, il me semble que c'est quand il y a trop de demandes, comme msn + plusieurs pages internet + musik + jeu ... (mon frère dit que c'est la carte graphique qui est morte, car plus aucun jeu ne passe [jeu à télécharger ou via CD] car l'écran se fige presque instantanement) sinon défois l'écran s'éteint et devient noir, et là impossible de le réallumer obligé de faire reset. XD il est H.S mais il a déjà beaucoup encaissé ce PC, de gros virus...
    26 Juillet 2009 01:09:25

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Patrick at 2009-07-26 01:07:00
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 127 GB (71%) free of 180 GB
    Total RAM: 1022 MB (24% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 01:07:18, on 26/07/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16850)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\WINDOWS\tsnp325.exe
    C:\WINDOWS\vsnp325.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\Nokia\PC Connectivity Solution\Transports\NclUSBSrv.exe
    C:\Program Files\Nokia\PC Connectivity Solution\Transports\NclRSSrv.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\NETGEAR GA511 Adapter\GA511.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Documents and Settings\Patrick\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
    C:\Documents and Settings\Patrick\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Windows Live\Toolbar\wltuser.exe
    C:\Documents and Settings\Patrick\Bureau\Logiciels Pro\RSIT.exe
    C:\Program Files\trend micro\Patrick.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe
    O4 - HKLM\..\Run: [snp325] C:\WINDOWS\vsnp325.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer /watchfiles
    O4 - HKLM\..\Run: [Nokia FastStart] "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
    O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~3.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; GTB6; .NET CLR 2.0.50727; InfoPath.1; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET CLR 1.1.4322)" -"http://www8.agame.com/games/shockwave/h/horse_eventing/..."
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Patrick\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
    O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: GA511 Smart Wizard Utility.lnk = ?
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll
    O9 - Extra 'Tools' menuitem: Paramètres de Google &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://gamenextfr.oberon-media.com/Gameshell/GameHost/1...
    O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://msnfr.oberon-media.com/online2/MSN_INTL_FRANCE/z...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Update Service (gupdate1c9a5c6888afccc) (gupdate1c9a5c6888afccc) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe

    --
    End of file - 14034 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-343818398-412668190-725345543-1004Core.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-343818398-412668190-725345543-1004UA.job
    C:\WINDOWS\tasks\MP Scheduled Scan.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
    Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-01-29 1088296]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-14 259696]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-06-28 669168]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-25 470512]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41368]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}]
    Google Gears Helper - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll [2009-07-17 2097152]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-14 259696]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088]
    "nwiz"=nwiz.exe /install []
    "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-03 86016]
    "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
    "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-09 153136]
    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
    "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-05-11 49152]
    "tsnp325"=C:\WINDOWS\tsnp325.exe [2006-10-10 270336]
    "snp325"=C:\WINDOWS\vsnp325.exe [2006-10-10 827392]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
    "PCSuiteTrayApplication"=C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-06-18 271360]
    "NokiaMServer"=C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer /watchfiles []
    "Nokia FastStart"=C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe [2009-02-26 2376992]
    "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
    "Google Quick Search Box"=C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2009-04-26 68592]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 148888]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408]
    "Gadwin PrintScreen"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2007-08-20 495616]
    "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-01-29 23975720]
    "Google Update"=C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-04-25 133104]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-12-02 68856]
    "Steam"=C:\Program Files\Steam\Steam.exe [2009-06-12 1217784]
    "ares"=C:\Program Files\Ares\Ares.exe [2009-02-03 1004544]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "Shockwave Updater"=C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~3.EXE [2008-12-06 460216]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Démarrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    GA511 Smart Wizard Utility.lnk - C:\WINDOWS\Installer\{52CAD7C7-1E41-43FE-8613-AB9D79B2DBBC}\NewShortcut1.exe
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

    C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\Démarrage
    Outil de notification Live Search.lnk - C:\Documents and Settings\Patrick\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-13 240128]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "DisableTaskMgr"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    "NoSetActiveDesktop"=0
    "NoActiveDesktopChanges"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=
    "NoSetActiveDesktop"=
    "NoActiveDesktopChanges"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Documents and Settings\Patrick\Bureau\WoW-frFR-Installer-downloader.exe"="C:\Documents and Settings\Patrick\Bureau\WoW-frFR-Installer-downloader.exe:*:Enabled:WoW-frFR-Installer-downloader"
    "C:\Program Files\Cyanide\GameCenter\GameCenter.exe"="C:\Program Files\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter"
    "C:\Program Files\Cyanide\Loki\Loki.exe"="C:\Program Files\Cyanide\Loki\Loki.exe:*:Enabled:Loki"
    "C:\Program Files\Cyanide\Loki\Autorun\AutoRun.exe"="C:\Program Files\Cyanide\Loki\Autorun\AutoRun.exe:*:Enabled:Loki - AutoRun"
    "C:\Documents and Settings\Patrick\Mes documents\Dimitri\Réseau\BGM\metin2.bin"="C:\Documents and Settings\Patrick\Mes documents\Dimitri\Réseau\BGM\metin2.bin:*:Enabled:metin2"
    "C:\Documents and Settings\Patrick\Mes documents\Dimitri\Réseau\BGM\Metin 2.exe"="C:\Documents and Settings\Patrick\Mes documents\Dimitri\Réseau\BGM\Metin 2.exe:*:Enabled:Metin 2"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "C:\Program Files\SecondLife\SLVoice.exe"="C:\Program Files\SecondLife\SLVoice.exe:*:Enabled:SLVoice"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
    "C:\Documents and Settings\Patrick\Bureau\metin2\metin2.bin"="C:\Documents and Settings\Patrick\Bureau\metin2\metin2.bin:*:Enabled:metin2"
    "C:\Documents and Settings\Patrick\Mes documents\Antony\metin2\metin2.bin"="C:\Documents and Settings\Patrick\Mes documents\Antony\metin2\metin2.bin:*:Enabled:metin2"
    "C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows"
    "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
    "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
    "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
    "C:\Documents and Settings\Patrick\Bureau\RSIT.exe"="C:\Documents and Settings\Patrick\Bureau\RSIT.exe:*:Enabled:RSIT"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0c5220a6-4704-11de-a771-00142a2e558e}]
    shell\Auto\command - I:\launcher.exe
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL launcher.exe


    ======List of files/folders created in the last 1 months======

    2009-07-25 20:49:06 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-07-25 20:49:06 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-07-25 20:49:06 ----A---- C:\WINDOWS\system32\java.exe
    2009-07-25 20:48:38 ----D---- C:\Program Files\Java
    2009-07-25 17:27:38 ----D---- C:\Documents and Settings\Patrick\Application Data\Malwarebytes
    2009-07-25 17:27:31 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-07-25 17:27:30 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-07-25 16:52:34 ----D---- C:\_OTM
    2009-07-25 15:31:38 ----D---- C:\Program Files\Ad-remover
    2009-07-25 14:43:25 ----A---- C:\lopR.txt
    2009-07-25 14:42:50 ----D---- C:\Lop SD
    2009-07-25 06:01:37 ----A---- C:\cleannavi.txt
    2009-07-25 06:00:34 ----D---- C:\Program Files\Navilog1
    2009-07-25 05:05:56 ----D---- C:\Program Files\trend micro
    2009-07-25 05:05:55 ----D---- C:\rsit
    2009-07-15 03:03:37 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
    2009-07-15 03:03:30 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
    2009-07-15 03:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$

    ======List of files/folders modified in the last 1 months======

    2009-07-26 01:07:11 ----D---- C:\WINDOWS\Temp
    2009-07-26 01:07:08 ----D---- C:\WINDOWS\Prefetch
    2009-07-26 00:44:02 ----D---- C:\WINDOWS
    2009-07-26 00:43:46 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-07-26 00:43:23 ----D---- C:\Program Files\Steam
    2009-07-26 00:27:16 ----SD---- C:\WINDOWS\Tasks
    2009-07-26 00:09:47 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-07-26 00:08:35 ----D---- C:\WINDOWS\system32
    2009-07-26 00:04:43 ----RD---- C:\Program Files
    2009-07-25 21:00:14 ----HD---- C:\Config.Msi
    2009-07-25 20:57:56 ----SHD---- C:\WINDOWS\Installer
    2009-07-25 20:57:54 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2009-07-25 20:57:03 ----D---- C:\Program Files\Fichiers communs\Adobe
    2009-07-25 20:55:47 ----D---- C:\Program Files\Adobe
    2009-07-25 20:55:36 ----D---- C:\WINDOWS\WinSxS
    2009-07-25 20:48:43 ----A---- C:\WINDOWS\system32\deploytk.dll
    2009-07-25 20:43:22 ----D---- C:\Program Files\Fichiers communs
    2009-07-25 17:48:14 ----D---- C:\WINDOWS\system32\drivers
    2009-07-25 14:13:14 ----A---- C:\WINDOWS\NeroDigital.ini
    2009-07-25 03:20:03 ----D---- C:\Documents and Settings\Patrick\Application Data\LimeWire
    2009-07-24 06:07:40 ----D---- C:\Program Files\LimeWire
    2009-07-20 02:24:09 ----A---- C:\WINDOWS\win.ini
    2009-07-18 03:00:06 ----D---- C:\Program Files\Google
    2009-07-15 03:03:39 ----HD---- C:\WINDOWS\inf
    2009-07-15 03:03:36 ----HD---- C:\WINDOWS\$hf_mig$
    2009-07-15 03:03:34 ----A---- C:\WINDOWS\imsins.BAK
    2009-07-15 03:03:33 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-07-07 17:10:56 ----A---- C:\WINDOWS\system32\MRT.exe
    2009-07-05 14:51:22 ----RD---- C:\WINDOWS\Web
    2009-07-05 14:51:20 ----D---- C:\WINDOWS\SHELLNEW
    2009-07-05 14:51:17 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
    2009-07-04 19:45:41 ----D---- C:\WINDOWS\network diagnostic
    2009-06-30 15:22:48 ----D---- C:\WINDOWS\system32\Macromed
    2009-06-30 10:12:35 ----SD---- C:\WINDOWS\Downloaded Program Files

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
    R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
    R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
    R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
    R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
    R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
    R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
    R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
    R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
    R2 usbhub;DSC Composite USB Device; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-01-24 4127488]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
    R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
    R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
    R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12288]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-03 6554496]
    R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
    R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
    R3 SNP325;USB PC Camera (SNPSTD325); C:\WINDOWS\system32\DRIVERS\snp325.sys [2007-03-07 10260864]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
    R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S2 Ca533av;Icatch(IV) Video Camera Device; C:\WINDOWS\System32\Drivers\Ca533av.sys [2002-10-21 515803]
    S2 LANPkt;Realtek LANPkt Protocol; C:\WINDOWS\system32\DRIVERS\LANPkt.sys [2006-11-28 8440]
    S3 Bridge;Pont MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
    S3 BridgeMP;Miniport de pont MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
    S3 catchme;catchme; \??\C:\DOCUME~1\Patrick\LOCALS~1\Temp\catchme.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 Diag69xp;Diag69xp; C:\WINDOWS\System32\Drivers\Diag69xp.sys [2006-11-28 11237]
    S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664]
    S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016]
    S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 STIrUsb;Dongle SigmaTel USB-IrDA; C:\WINDOWS\system32\DRIVERS\irstusb.sys [2001-08-17 26624]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]
    S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    S3 USBCamera;Icatch(IV) Still Camera Device; C:\WINDOWS\System32\Drivers\Bulk533.sys [2002-07-25 10986]
    S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
    S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064]
    S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
    S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
    R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 152984]
    R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
    R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
    R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
    R3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
    R3 ServiceLayer;ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
    S2 gupdate1c9a5c6888afccc;Google Update Service (gupdate1c9a5c6888afccc); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-16 133104]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
    S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-25 182768]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
    S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-05-30 576680]
    S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-03-14 779824]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------


    - N'oublie la petite reponse précédent ce message =) -
    a c 296 8 Sécurité
    26 Juillet 2009 01:15:32

    Je trouve qu'il y a trop de programmes qui se lancent au démarrage.

    Tu souhaites conserver Avast ?
    26 Juillet 2009 01:22:41

  • Oui ... Pourquoi :??: 

    ---------|--------

  • ² Sinon, est-ce-que tous problèmes, virus ou autres sont désormais bannis de mon PC ? (enfin ceux qui y logés avant toutes ces démarches de ûrification XD)
    a c 296 8 Sécurité
    26 Juillet 2009 01:27:06

    Je trouve qu'AntiVir est mieux qu'Avast.
    26 Juillet 2009 01:30:54

    Bah qu'est-ce-que ça changerais concrêtement pour moi, simple débutant informaticien... ^^
    (en langage amateur ne m'écri pas une matrix XD)
        • 1 / 2
        • 2
        • Dernier
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS