Se connecter / S'enregistrer
Votre question

Virus spoolsvt

Tags :
  • Virus
  • Sécurité
Dernière réponse : dans Sécurité et virus
3 Mars 2009 18:22:11

Bonjour
Apres avoir cliké sur un fichier dl sur emule mon PC a planté. Maintenant quand il redémarre je ne peux plus aller sur internet ni msn ni gestionnaire de tache ni avast ( c:\program files\alwil software\avast4\ashavast.exe n'est pas une application Win32 valide) . Et une page internet s'ouvre toute seule: C:\WINDOWS\ad1.htm
J'ai trouvé un fichier appelé SPOOLSVT dans mes progammes files que je suppose etre le virus.

J'ai donc essayé de le supprimer mais c'est impossible, j'ai voulu démarrer en mode sans echec mais ecran bleu, j'ai voulu formater je n'y arrive pas non plus et pour finir j'ai essayé le scan hijackthis et ca ne marche pas non plus.

Quelqu'un a une idée de ce que je dois faire ???

PS: je ne suis pas pro en pc

Merci

Autres pages sur : virus spoolsvt

a b 8 Sécurité
3 Mars 2009 19:08:30

Bonjour,

Ça ressemble à du Bagle.

Télécharge Gmer. (Przemyslaw Gmerek)

  • Dézippe-le dans un dossier dédié ou sur ton Bureau.
  • Déconnecte toi d'Internet puis ferme tous les programmes.
  • Double-clique sur Gmer.exe.
    Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.
  • Clique sur l'onglet Rootkit.
  • A droite, coche seulement Files et Services.
  • Clique maintenant sur Scan.
  • Lorsque le scan est terminé, clique sur Copy.
  • Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
  • Le rapport doit alors apparaître.
  • Enregistre le fichier sur ton Bureau et poste le contenu ici.
    5 Mars 2009 15:42:40

    Bonjour Angeldark

    Merci pour ta reponse, j'ai Telechargé Gmer mais ca ne fonctionne pas, il ne veux pas scanné il me mets des problemes de system 32 et il se ferme tout seul

    Une autre solution ??
    Contenus similaires
    a b 8 Sécurité
    5 Mars 2009 16:47:34

    Il se ferme avec un message d'erreur ?

    Télécharge Elibagla au bas de cette page.
    Il est préférable pour certains antivirus de les désactiver avant d’entâmer cette procédure !

  • Clique sur le Descargar Elibagla afin de télécharger le fichier, enregistre-le sur ton Bureau.
  • Lance le en double cliquant dessus.
  • Vérifie que dans le menu déroulant Unidad, il y ait bien la racine de la racine de la partition où est installé Windows, généralement -> C:\
  • L'option Eliminar Ficheros Automaticamente doit également être cochée.
  • Clique sur Explorar pour lancer l'analyse.
  • Poste le rapport généré en fin fin d'analyse.

    Note : Le rapport se trouve ici : C:\infosat.txt
    5 Mars 2009 18:26:15

    Quand je cliquais sur Gmer j'ai eu des messages d'erreurs ensuite il s'ouvrait puis se fermait tout seul sans message d'erreur.

    La j'ai dl elibagla mais lui aussi se fermait tous seul aprés avoir analysé a peine 5000 fichiers. J'ai redémarré et elibagla c'est lancé au démarrage la ca analyse.
    a b 8 Sécurité
    5 Mars 2009 19:28:41

    On va essayer avec un autre tool :/ 

    Télécharge FindyKill (Chiquitine29) sur ton Bureau.

  • Lance l'installation du programme en exécutant le fichier téléchargé.
  • Double-clique maintenant sur le raccourci de FindyKill.
  • Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  • Poste le lien du rapport généré dans ta prochaine réponse.

    NB : La barre des tâches et les icônes vont disparaître pendant la recherche.
    5 Mars 2009 20:08:41

    Elibagla a donné ca :
    a ce que je comprend il a effacé qques vers mais il n'arrive pas a allé au bout !


    Thu Mar 05 18:13:36 2009
    EliBagle v12.29 (c)2009 S.G.H. / Satinfo S.L. (Actualizado el 4 de Marzo del 2009)
    ----------------------------------------------
    Lista de Acciones (por Acción Directa):
    C:\DOCUMENTS AND SETTINGS\JEREMY\APPLICATION DATA\DRIVERS\WINUPGRO.EXE --> Bagle.dldr Acceso Denegado.
    C:\DOCUMENTS AND SETTINGS\JEREMY\APPLICATION DATA\DRIVERS\SROSA2.SYS --> Eliminado Bagle(rootkit)
    Restaurada Clave: "SafeBoot\Minimal y Network"
    Reinicie para Completar la Limpieza.

    Thu Mar 05 18:13:58 2009
    EliBagle v12.29 (c)2009 S.G.H. / Satinfo S.L. (Actualizado el 4 de Marzo del 2009)
    ----------------------------------------------
    Lista de Acciones (por Acción Directa):
    C:\DOCUMENTS AND SETTINGS\JEREMY\APPLICATION DATA\DRIVERS\WINUPGRO.EXE --> Bagle.dldr Acceso Denegado.
    Restaurada Clave: "SafeBoot\Minimal y Network"
    Reinicie para Completar la Limpieza.

    Thu Mar 05 18:14:38 2009
    EliBagle v12.29 (c)2009 S.G.H. / Satinfo S.L. (Actualizado el 4 de Marzo del 2009)
    ----------------------------------------------
    Lista de Acciones (por Acción Directa):
    C:\DOCUMENTS AND SETTINGS\JEREMY\APPLICATION DATA\DRIVERS\WINUPGRO.EXE --> Bagle.dldr Acceso Denegado.
    Restaurada Clave: "SafeBoot\Minimal y Network"
    Reinicie para Completar la Limpieza.

    Thu Mar 05 18:14:49 2009
    EliBagle v12.29 (c)2009 S.G.H. / Satinfo S.L. (Actualizado el 4 de Marzo del 2009)
    ----------------------------------------------
    Lista de Acciones (por Exploración):
    Explorando "C:\"

    Thu Mar 05 18:14:58 2009
    EliBagle v12.29 (c)2009 S.G.H. / Satinfo S.L. (Actualizado el 4 de Marzo del 2009)
    ----------------------------------------------
    Lista de Acciones (por Acción Directa):
    C:\DOCUMENTS AND SETTINGS\JEREMY\APPLICATION DATA\DRIVERS\WINUPGRO.EXE --> Bagle.dldr Acceso Denegado.
    Restaurada Clave: "SafeBoot\Minimal y Network"
    Reinicie para Completar la Limpieza.

    Thu Mar 05 18:15:01 2009
    EliBagle v12.29 (c)2009 S.G.H. / Satinfo S.L. (Actualizado el 4 de Marzo del 2009)
    ----------------------------------------------
    Lista de Acciones (por Exploración):
    Explorando "C:\"

    Thu Mar 05 18:15:44 2009
    EliBagle v12.29 (c)2009 S.G.H. / Satinfo S.L. (Actualizado el 4 de Marzo del 2009)
    ----------------------------------------------
    Lista de Acciones (por Acción Directa):
    C:\DOCUMENTS AND SETTINGS\JEREMY\APPLICATION DATA\DRIVERS\WINUPGRO.EXE --> Bagle.dldr Acceso Denegado.
    Restaurada Clave: "SafeBoot\Minimal y Network"
    Reinicie para Completar la Limpieza.

    Thu Mar 05 18:15:48 2009
    EliBagle v12.29 (c)2009 S.G.H. / Satinfo S.L. (Actualizado el 4 de Marzo del 2009)
    ----------------------------------------------
    Lista de Acciones (por Exploración):
    Explorando "C:\"

    Thu Mar 05 18:16:08 2009
    EliBagle v12.29 (c)2009 S.G.H. / Satinfo S.L. (Actualizado el 4 de Marzo del 2009)
    ----------------------------------------------
    Lista de Acciones (por Acción Directa):
    C:\DOCUMENTS AND SETTINGS\JEREMY\APPLICATION DATA\DRIVERS\WINUPGRO.EXE --> Bagle.dldr Acceso Denegado.
    Restaurada Clave: "SafeBoot\Minimal y Network"
    Reinicie para Completar la Limpieza.

    Thu Mar 05 18:16:12 2009
    EliBagle v12.29 (c)2009 S.G.H. / Satinfo S.L. (Actualizado el 4 de Marzo del 2009)
    ----------------------------------------------
    Lista de Acciones (por Exploración):
    Explorando "C:\"

    Thu Mar 05 18:17:26 2009
    EliBagle v12.29 (c)2009 S.G.H. / Satinfo S.L. (Actualizado el 4 de Marzo del 2009)
    ----------------------------------------------
    Lista de Acciones (por Acción Directa):
    C:\DOCUMENTS AND SETTINGS\JEREMY\APPLICATION DATA\DRIVERS\WINUPGRO.EXE --> Bagle.dldr Acceso Denegado.
    Restaurada Clave: "SafeBoot\Minimal y Network"
    Reinicie para Completar la Limpieza.

    Thu Mar 05 18:17:30 2009
    EliBagle v12.29 (c)2009 S.G.H. / Satinfo S.L. (Actualizado el 4 de Marzo del 2009)
    ----------------------------------------------
    Lista de Acciones (por Exploración):
    Explorando "C:\"

    Thu Mar 05 18:18:23 2009
    EliBagle v12.29 (c)2009 S.G.H. / Satinfo S.L. (Actualizado el 4 de Marzo del 2009)
    ----------------------------------------------
    Lista de Acciones (por Acción Directa):
    C:\DOCUMENTS AND SETTINGS\JEREMY\APPLICATION DATA\DRIVERS\WINUPGRO.EXE --> Bagle.dldr Acceso Denegado.
    Restaurada Clave: "SafeBoot\Minimal y Network"
    Reinicie para Completar la Limpieza.

    Thu Mar 05 18:18:28 2009
    EliBagle v12.29 (c)2009 S.G.H. / Satinfo S.L. (Actualizado el 4 de Marzo del 2009)
    ----------------------------------------------
    Lista de Acciones (por Exploración):
    Explorando "C:\"

    Thu Mar 05 18:20:04 2009
    EliBagle v12.29 (c)2009 S.G.H. / Satinfo S.L. (Actualizado el 4 de Marzo del 2009)
    ----------------------------------------------
    Lista de Acciones (por Acción Directa):
    C:\DOCUMENTS AND SETTINGS\JEREMY\APPLICATION DATA\DRIVERS\WINUPGRO.EXE --> Bagle.dldr Acceso Denegado.
    Restaurada Clave: "SafeBoot\Minimal y Network"
    Reinicie para Completar la Limpieza.

    Thu Mar 05 18:20:37 2009
    EliBagle v12.29 (c)2009 S.G.H. / Satinfo S.L. (Actualizado el 4 de Marzo del 2009)
    ----------------------------------------------
    Lista de Acciones (por Exploración):
    Explorando "C:\"
    C:\Program Files\Windows Live\Messenger\MSNMSGR.EXE --> Eliminado Bagle.dldr
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023221.SYS --> Eliminado Bagle(rootkit)
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023227.EXE --> Eliminado Bagle.dldr
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023274.SYS --> Eliminado Bagle(rootkit)
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023341.SYS --> Eliminado Bagle(rootkit)
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023456.SYS --> Eliminado Bagle(rootkit)
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023476.SYS --> Eliminado Bagle(rootkit)
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023501.SYS --> Eliminado Bagle(rootkit)
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023651.SYS --> Eliminado Bagle(rootkit)
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023695.SYS --> Eliminado Bagle(rootkit)
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023721.SYS --> Eliminado Bagle(rootkit)
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP233\A0023734.SYS --> Eliminado Bagle(rootkit)
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP233\A0023821.SYS --> Eliminado Bagle(rootkit)
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP234\A0023832.SYS --> Eliminado Bagle(rootkit)
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0023928.SYS --> Eliminado Bagle(rootkit)
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0024009.SYS --> Eliminado Bagle(rootkit)
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0024026.SYS --> Eliminado Bagle(rootkit)
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0024059.SYS --> Eliminado Bagle(rootkit)
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0025060.SYS --> Eliminado Bagle(rootkit)
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026061.SYS --> Eliminado Bagle(rootkit)
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026081.SYS --> Eliminado Bagle(rootkit)
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026163.SYS --> Eliminado Bagle(rootkit)
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026358.SYS --> Eliminado Bagle(rootkit)
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026373.SYS --> Eliminado Bagle(rootkit)
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026388.SYS --> Eliminado Bagle(rootkit)
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026404.SYS --> Eliminado Bagle(rootkit)
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026420.EXE --> Eliminado Bagle.dldr

    Nº Total de Directorios: 4325
    Nº Total de Ficheros: 57614
    Nº de Ficheros Analizados: 13178
    Nº de Ficheros Infectados: 27
    Nº de Ficheros Limpiados: 27

    Thu Mar 05 18:24:44 2009
    EliBagle v12.29 (c)2009 S.G.H. / Satinfo S.L. (Actualizado el 4 de Marzo del 2009)
    ----------------------------------------------
    Lista de Acciones (por Exploración):
    Explorando "C:\"

    Nº Total de Directorios: 4325
    Nº Total de Ficheros: 57587
    Nº de Ficheros Analizados: 13151
    Nº de Ficheros Infectados: 0
    Nº de Ficheros Limpiados: 0

    Thu Mar 05 18:25:35 2009
    EliBagle v12.29 (c)2009 S.G.H. / Satinfo S.L. (Actualizado el 4 de Marzo del 2009)
    ----------------------------------------------
    Lista de Acciones (por Exploración):
    Explorando "C:\"

    Nº Total de Directorios: 4325
    Nº Total de Ficheros: 57587
    Nº de Ficheros Analizados: 13151
    Nº de Ficheros Infectados: 0
    Nº de Ficheros Limpiados: 0

    Thu Mar 05 18:27:19 2009
    EliBagle v12.29 (c)2009 S.G.H. / Satinfo S.L. (Actualizado el 4 de Marzo del 2009)
    ----------------------------------------------
    Lista de Acciones (por Exploración):
    Explorando "C:\"

    Nº Total de Directorios: 4325
    Nº Total de Ficheros: 57586
    Nº de Ficheros Analizados: 13151
    Nº de Ficheros Infectados: 0
    Nº de Ficheros Limpiados: 0

    Thu Mar 05 18:28:30 2009
    EliBagle v12.29 (c)2009 S.G.H. / Satinfo S.L. (Actualizado el 4 de Marzo del 2009)
    ----------------------------------------------
    Lista de Acciones (por Exploración):
    Explorando "C:\"

    Nº Total de Directorios: 1094
    Nº Total de Ficheros: 21343
    Nº de Ficheros Analizados: 6401
    Nº de Ficheros Infectados: 0
    Nº de Ficheros Limpiados: 0
    Exploración Detenida por el Usuario.

    Thu Mar 05 18:28:46 2009
    EliBagle v12.29 (c)2009 S.G.H. / Satinfo S.L. (Actualizado el 4 de Marzo del 2009)
    ----------------------------------------------
    Lista de Acciones (por Exploración):
    Explorando "C:\"

    Nº Total de Directorios: 4325
    Nº Total de Ficheros: 57586
    Nº de Ficheros Analizados: 13151
    Nº de Ficheros Infectados: 0
    Nº de Ficheros Limpiados: 0

    Thu Mar 05 18:30:09 2009
    EliBagle v12.29 (c)2009 S.G.H. / Satinfo S.L. (Actualizado el 4 de Marzo del 2009)
    ----------------------------------------------
    Lista de Acciones (por Acción Directa):
    C:\DOCUMENTS AND SETTINGS\JEREMY\APPLICATION DATA\DRIVERS\WINUPGRO.EXE --> Bagle.dldr Acceso Denegado.
    Reinicie para Completar la Limpieza.

    Thu Mar 05 18:30:12 2009
    EliBagle v12.29 (c)2009 S.G.H. / Satinfo S.L. (Actualizado el 4 de Marzo del 2009)
    ----------------------------------------------
    Lista de Acciones (por Exploración):
    Explorando "C:\"
    C:\Program Files\Windows Live\Messenger\MSNMSGR.EXE --> Eliminado Bagle.dldr

    Nº Total de Directorios: 4325
    Nº Total de Ficheros: 57593
    Nº de Ficheros Analizados: 13153
    Nº de Ficheros Infectados: 1
    Nº de Ficheros Limpiados: 1

    Thu Mar 05 18:33:28 2009
    EliBagle v12.29 (c)2009 S.G.H. / Satinfo S.L. (Actualizado el 4 de Marzo del 2009)
    ----------------------------------------------
    Lista de Acciones (por Acción Directa):
    C:\DOCUMENTS AND SETTINGS\JEREMY\APPLICATION DATA\DRIVERS\WINUPGRO.EXE --> Bagle.dldr Acceso Denegado.
    Reinicie para Completar la Limpieza.

    Thu Mar 05 18:34:00 2009
    EliBagle v12.29 (c)2009 S.G.H. / Satinfo S.L. (Actualizado el 4 de Marzo del 2009)
    ----------------------------------------------
    Lista de Acciones (por Exploración):
    Explorando "C:\"

    Nº Total de Directorios: 4325
    Nº Total de Ficheros: 57604
    Nº de Ficheros Analizados: 13155
    Nº de Ficheros Infectados: 0
    Nº de Ficheros Limpiados: 0
    6 Mars 2009 18:32:08

    Voila pour findykill :


    ############################## [ FindyKill V4.718 ]

    # User : Jeremy (Administrateurs) # ACER-36ADEA1256
    # Update on 01/03/09
    # Start at: 18:28:44 | 06/03/2009

    # Genuine Intel(R) CPU T2300 @ 1.66GHz
    # Microsoft Windows XP dition familiale (5.1.2600 32-bit) # Service Pack 3
    # Internet Explorer 7.0.5730.13
    # Windows Firewall Status : Enabled

    # C:\ # Disque fixe local # 53,69 Go (24,06 Go free) [ACER] # FAT32
    # D:\ # Disque fixe local # 54,18 Go (7,84 Go free) [ACERDATA] # FAT32
    # E:\ # Disque CD-ROM
    # F:\ # Disque CD-ROM
    # G:\ # Disque amovible # 3,64 Go (3,5 Go free) [USB DISK] # FAT32
    # H:\ # Disque CD-ROM

    ############################## [ Processus actifs ]

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Acer\Empowering Technology\admServ.exe
    c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
    C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Acer\Acer Arcade\PCMService.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
    C:\WINDOWS\system32\ElkCtrl.exe
    C:\Acer\Empowering Technology\admtray.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    C:\WINDOWS\system32\jwt32.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\TomTom HOME 2\HOMERunner.exe
    C:\Documents and Settings\Jeremy\Application Data\drivers\winupgro.exe
    C:\Program Files\spoolsvt.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe

    ################## [ Processus infectieux stoppés ]

    "C:\Documents and Settings\Jeremy\Application Data\drivers\winupgro.exe" (2932)

    ################## [ Fichiers / Dossiers infectieux C:\ ]

    Found ! - C:\InfoSat.txt

    ################## [ C:\WINDOWS ]


    ################## [ C:\WINDOWS\system32 ]


    ################## [ C:\WINDOWS\system32\drivers ]


    ################## [ C:\.. Application Data ... ]

    Found ! - "C:\Documents and Settings\Jeremy\Application Data\drivers"
    Found ! - "C:\Documents and Settings\Jeremy\Application Data\drivers\wfsintwq.sys"
    Found ! - "C:\Documents and Settings\Jeremy\Application Data\drivers\winupgro.exe"
    Found ! - "C:\Documents and Settings\Jeremy\Application Data\drivers\downld"

    ################## [ Registre / Clés infectieuses ]

    Found ! - HKEY_USERS\S-1-5-21-1602045562-1948361695-3302033575-1006\Software\Local AppWizard-Generated Applications\keygen
    Found ! - HKEY_USERS\S-1-5-21-1602045562-1948361695-3302033575-1006\Software\Local AppWizard-Generated Applications\msnmsgr
    Found ! - HKEY_USERS\S-1-5-21-1602045562-1948361695-3302033575-1006\Software\Local AppWizard-Generated Applications\winupgro
    Found ! - HKEY_USERS\S-1-5-21-1602045562-1948361695-3302033575-1006\Software\bisoft
    Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\keygen
    Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\msnmsgr
    Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sK9Ou0s
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sK9Ou0s
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S
    Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
    Found ! - HKEY_CURRENT_USER\Software\bisoft
    Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\"drvsyskit"
    Found ! - HKEY_USERS\S-1-5-21-1602045562-1948361695-3302033575-1006\Software\Microsoft\Windows\CurrentVersion\Run\\"drvsyskit"

    # Infection active : HKLM\SYSTEM\...\Services\srosa -> Start = 0x1
    # Infection active : HKLM\SYSTEM\...\Services\sK9Ou0s -> Start = 0x1

    ################## [ Recherche dans supports amovibles]

    # Presence des fichiers :


    ################## [ Registre / Mountpoint2 ]

    # -> Not found !

    ################## [ ! Fin du rapport # FindyKill V4.718 ! ]

    a b 8 Sécurité
    6 Mars 2009 19:18:50

    Passe l'option 2 de Findykill.
    7 Mars 2009 14:30:02

    Yes ca a marché mon PC a l'air de bien refonctonner

    Merci beaucoup a toi Angeldark

    Que me conseille tu comme antivirus gratuit ?? je pensais a antivir pour remplacé ma passoire d'avast ?
    a b 8 Sécurité
    7 Mars 2009 14:31:31

    AntiVir oui. Tu as le rapport Findykill ?
    7 Mars 2009 15:33:51


    ############################## [ FindyKill V4.718 ]

    # User : Jeremy (Administrateurs) # ACER-36ADEA1256
    # Update on 01/03/09
    # Start at: 14:15:57 | 07/03/2009

    # Genuine Intel(R) CPU T2300 @ 1.66GHz
    # Microsoft Windows XP dition familiale (5.1.2600 32-bit) # Service Pack 3
    # Internet Explorer 7.0.5730.13
    # Windows Firewall Status : Disabled

    # C:\ # Disque fixe local # 53,69 Go (24,05 Go free) [ACER] # FAT32
    # D:\ # Disque fixe local # 54,18 Go (7,84 Go free) [ACERDATA] # FAT32
    # E:\ # Disque CD-ROM
    # F:\ # Disque CD-ROM
    # H:\ # Disque CD-ROM

    ############################## [ Active Processes ]

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\Acer\Empowering Technology\admServ.exe
    c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
    C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Acer\Acer Arcade\PCMService.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
    C:\WINDOWS\system32\ElkCtrl.exe
    C:\Acer\Empowering Technology\admtray.exe
    C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    C:\WINDOWS\system32\jwt32.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\TomTom HOME 2\HOMERunner.exe
    C:\Documents and Settings\Jeremy\Application Data\drivers\winupgro.exe
    C:\Program Files\spoolsvt.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

    ################## [ Infected processes stopped ]

    "C:\Documents and Settings\Jeremy\Application Data\drivers\winupgro.exe" (3360)

    ################## [ Infected Files / Folders C:\ ]

    Deleted ! - C:\InfoSat.txt

    ################## [ C:\WINDOWS ]


    ################## [ C:\WINDOWS\system32 ]


    ################## [ C:\WINDOWS\system32\drivers ]


    ################## [ C:\.. Application Data ... ]

    Deleted ! - "C:\Documents and Settings\Jeremy\Application Data\drivers\srosa2.sys"
    Deleted ! - "C:\Documents and Settings\Jeremy\Application Data\drivers\wfsintwq.sys"
    Deleted ! - "C:\Documents and Settings\Jeremy\Application Data\drivers\winupgro.exe"
    Deleted ! - "C:\Documents and Settings\Jeremy\Application Data\drivers\downld"
    Deleted ! - "C:\Documents and Settings\Jeremy\Application Data\drivers"

    ################## [ Registry / Infected keys ]

    Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
    Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
    Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
    Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
    Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s
    Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sK9Ou0s
    Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
    Deleted ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
    Deleted ! - HKEY_CURRENT_USER\Software\bisoft
    Deleted ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\keygen
    Deleted ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\msnmsgr
    Deleted ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro
    Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\"drvsyskit"
    Deleted ! - HKEY_USERS\S-1-5-21-1602045562-1948361695-3302033575-1006\Software\Microsoft\Windows\CurrentVersion\Run\\"drvsyskit"

    ################## [ Cleaning Removable drives ]

    # Deleting files :


    ################## [ Registry / Mountpoint2 ]

    # -> Not found !

    ################## [ Searching Other Infections ]

    # Références de comparaison Bagle MD5 :

    7196d5a3 C:\Documents and Settings\Jeremy\Application Data\drivers\winupgro.exe
    cbdc9ed044b6f463fc4ae80232331e4f C:\Documents and Settings\Jeremy\Application Data\drivers\winupgro.exe

    Suspect ! "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe"
    # Taille : 864256 # MD5 : CBDC9ED044B6F463FC4AE80232331E4F

    Suspect ! "C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026541.Exe"
    # Taille : 864256 # MD5 : CBDC9ED044B6F463FC4AE80232331E4F

    Suspect ! "C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026554.Exe"
    # Taille : 864256 # MD5 : CBDC9ED044B6F463FC4AE80232331E4F

    Suspect ! "C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026578.EXE"
    # Taille : 864256 # MD5 : CBDC9ED044B6F463FC4AE80232331E4F

    Deleted ! "C:\Program Files\Micro Application\Réussir ses CV et Lettres de Motivation.rar"
    # Contain ERROR: with Bagle CRC32 : et


    ################## [ PEH Corrupted ]

    C:\WINDOWS\system32\dllcache\register.exe
    C:\Program Files\Unlocker\UnlockerAssistant.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023269.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023270.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023277.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023278.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023279.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023283.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023284.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023285.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023286.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023287.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023288.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023289.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023290.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023291.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023292.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023293.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023294.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023295.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023296.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023297.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023311.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023312.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023313.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023314.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023315.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023316.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023317.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023318.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023319.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023320.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023321.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023322.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023323.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023324.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023325.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023326.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023327.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023328.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023329.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023337.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023344.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023345.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023452.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023465.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023469.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023471.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023472.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023478.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023492.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023497.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023498.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023504.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023505.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023645.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023646.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023648.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023655.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023656.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023677.EXE
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023688.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023690.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023691.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023701.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023702.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023714.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023715.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023717.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023724.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP232\A0023725.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP233\A0023730.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP233\A0023731.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP233\A0023737.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP233\A0023739.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP233\A0023740.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP233\A0023754.EXE
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP233\A0023755.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP233\A0023756.EXE
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP233\A0023757.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP233\A0023758.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP233\A0023759.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP233\A0023760.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP233\A0023761.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP233\A0023762.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP233\A0023763.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP233\A0023764.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP233\A0023765.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP233\A0023766.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP233\A0023770.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP233\A0023771.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP233\A0023779.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP233\A0023816.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP233\A0023817.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP233\A0023818.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP233\A0023823.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP233\A0023824.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP234\A0023829.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP234\A0023830.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP234\A0023835.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP234\A0023836.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP234\A0023837.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP234\A0023853.EXE
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP234\A0023854.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP234\A0023855.EXE
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP234\A0023856.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP234\A0023857.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP234\A0023858.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP234\A0023859.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP234\A0023860.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP234\A0023861.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP234\A0023862.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP234\A0023863.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP234\A0023864.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP234\A0023865.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP234\A0023869.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP234\A0023870.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP234\A0023878.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0023915.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0023925.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0023926.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0023931.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0023932.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0023942.EXE
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0023943.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0023944.EXE
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0023945.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0023946.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0023947.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0023948.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0023949.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0023950.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0023951.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0023952.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0023953.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0023954.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0023958.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0023959.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0023967.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0024004.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0024005.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0024006.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0024020.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0024022.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0024023.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0024032.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0024033.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0024037.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0024053.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0024055.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0024056.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0024064.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0024065.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0024066.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0025053.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0025055.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0025056.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0025062.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0025063.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026053.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026054.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026055.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026059.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026060.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026075.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026077.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026078.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026083.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026084.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026085.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026086.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026087.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026143.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026156.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026157.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026159.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026160.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026165.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026166.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026167.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026168.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026169.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026170.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026171.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026172.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026173.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026174.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026175.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026176.EXE
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026177.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026178.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026179.EXE
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026183.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026184.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026273.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026279.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026282.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026283.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026284.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026285.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026287.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026288.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026289.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026292.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026293.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026294.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026295.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026301.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026302.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026315.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026319.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026323.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026324.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026327.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026328.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026353.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026354.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026369.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026370.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026384.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026385.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026399.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026401.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026419.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026421.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026436.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026437.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026452.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026453.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026465.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026466.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026478.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026479.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026491.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026492.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026504.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026505.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026525.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026526.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026537.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026538.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026550.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026551.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026563.exe
    C:\System Volume Information\_restore{DA93E6EB-CF98-47EB-B731-377A4E5ABEC4}\RP235\A0026564.exe
    C:\Acer\Empowering Technology\eRecovery\Monitor.exe

    ################## [ ! End of Report # FindyKill V4.718 ! ]

    Sur ca j'ai mis ativie et je crois qu'il m'a supprimé des vers trojen et rootkit

    Je dois encore faire quelquechose ou mon PC est propre ??

    Merci
    a b 8 Sécurité
    7 Mars 2009 15:48:44

    On va faire une dernière vérif.

    Télécharge Random's System Information Tool (RSIT) (de random/random) et sauvegarde-le sur le Bureau.

  • Double-clique sur RSIT.exe afin de lancer RSIT.
  • Clique Continue  à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt  (qui sera affiché)
    ainsi que de info.txt  (qui sera réduit dans la Barre des Tâches)
  • NB : Les rapports sont sauvegardés dans le dossier C:\rsit  
  • Veille bien à me poster l'intégralité des rapports, vérifie qu'ils soient complets une fois que tu les as postés.
    7 Mars 2009 15:53:56

    Logfile of random's system information tool 1.05 (written by random/random)
    Run by Jeremy at 2009-03-07 15:50:32
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 24 GB (44%) free of 55 GB
    Total RAM: 2046 MB (62% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:51:57, on 07/03/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16791)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\Acer\Empowering Technology\admServ.exe
    c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Acer\Acer Arcade\PCMService.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
    C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
    C:\WINDOWS\system32\ElkCtrl.exe
    C:\Acer\Empowering Technology\admtray.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\TomTom HOME 2\HOMERunner.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\MessengerPlus! 3\MsgPlus.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Documents and Settings\Jeremy\Bureau\RSIT.exe
    C:\Program Files\trend micro\Jeremy.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Acer eDataSecurity Management - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\WINDOWS\system32\ToolBand.dll
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
    O4 - HKLM\..\Run: [Printspooler] C:\Program Files\spooler.exe
    O4 - HKLM\..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
    O4 - HKCU\..\Run: [drvsyskit] C:\Documents and Settings\Jeremy\Application Data\drivers\winupgro.exe
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: &Sample Toolband Serach - res://C:\WINDOWS\system32\ToolBand.dll/MENUSEARCH.HTM
    O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=...
    O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
    O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

    --
    End of file - 10640 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    AcroIEHlprObj Class - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - Acer eDataSecurity Management - C:\WINDOWS\system32\ToolBand.dll [2005-10-19 94208]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "LaunchApp"=Alaunch []
    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-11-16 15600128]
    "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
    "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-11-02 102491]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-11-02 692315]
    "PCMService"=C:\Program Files\Acer\Acer Arcade\PCMService.exe [2005-12-02 151552]
    "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
    "MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-05 59392]
    "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
    "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
    "ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2005-08-12 45056]
    "eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2005-10-19 69632]
    "ePower_DMC"=C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [2006-01-17 344064]
    "Acer ePower Management"=C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe [2006-01-16 3080192]
    "LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2005-12-06 458752]
    "eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\Monitor.exe [2009-03-07 397312]
    "LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-11-30 225280]
    "LogitechCameraAssistant"=C:\Program Files\Acer\OrbiCam\CameraAssistant.exe [2005-11-29 438272]
    "LogitechVideo[inspector]"=C:\Program Files\Acer\OrbiCam\InstallHelper.exe [2005-11-29 73728]
    "LogitechCameraService(E)"=C:\WINDOWS\system32\ElkCtrl.exe [2004-11-01 262144]
    "ADMTray.exe"=C:\Acer\Empowering Technology\admtray.exe [2005-10-24 2462208]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
    "VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2004-08-20 45056]
    "Printspooler"=C:\Program Files\spooler.exe []
    "UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2009-03-07 15872]
    "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
    "MessengerPlus3"=C:\Program Files\MessengerPlus! 3\MsgPlus.exe [2009-03-07 190024]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-05-06 202088]
    "drvsyskit"=C:\Documents and Settings\Jeremy\Application Data\drivers\winupgro.exe []
    "MessengerPlus3"=C:\Program Files\MessengerPlus! 3\MsgPlus.exe [2009-03-07 190024]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2006-01-04 61440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableLUA"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Acer\Acer Arcade\PCMService.exe"="C:\Program Files\Acer\Acer Arcade\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\Program Files\EA GAMES\Medal of Honor Batailles du Pacifique(tm)\mohpa.exe"="C:\Program Files\EA GAMES\Medal of Honor Batailles du Pacifique(tm)\mohpa.exe:*:Enabled:Medal of Honor Pacific Assault(tm)"
    "C:\Program Files\Capcom\MotoGP 08\Launcher.exe"="C:\Program Files\Capcom\MotoGP 08\Launcher.exe:*:Enabled:MotoGP 08"
    "C:\Program Files\spoolsvt.exe"="C:\Program Files\spoolsvt.exe:*:Enabled:p rint Spooler"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    ======List of files/folders created in the last 1 months======

    2009-03-07 15:50:33 ----D---- C:\Program Files\trend micro
    2009-03-07 15:50:32 ----D---- C:\rsit
    2009-03-07 15:24:31 ----D---- C:\Program Files\Microsoft
    2009-03-07 15:23:29 ----D---- C:\Program Files\Windows Live SkyDrive
    2009-03-07 15:15:15 ----D---- C:\Program Files\Fichiers communs\Windows Live
    2009-03-07 14:55:09 ----D---- C:\Program Files\MessengerPlus! 3
    2009-03-07 14:38:06 ----D---- C:\Documents and Settings\Jeremy\Application Data\c5
    2009-03-07 14:35:25 ----D---- C:\Documents and Settings\Jeremy\Application Data\c3
    2009-03-07 14:34:28 ----D---- C:\Program Files\Avira
    2009-03-07 14:34:28 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
    2009-03-07 14:34:05 ----D---- C:\Documents and Settings\Jeremy\Application Data\c2
    2009-03-07 14:32:44 ----D---- C:\Documents and Settings\Jeremy\Application Data\c1
    2009-03-07 14:27:11 ----HD---- C:\Documents and Settings\Jeremy\Application Data\drivers
    2009-03-07 14:20:26 ----A---- C:\FindyKill2.txt
    2009-03-07 14:15:55 ----A---- C:\FindyKill.txt
    2009-03-06 18:47:32 ----A---- C:\WINDOWS\ntbtlog.txt
    2009-03-06 18:28:18 ----D---- C:\Program Files\FindyKill
    2009-03-05 15:22:22 ----A---- C:\WINDOWS\gmer_uninstall.cmd
    2009-03-05 15:22:13 ----A---- C:\WINDOWS\gmer.exe
    2009-03-03 17:54:27 ----D---- C:\Program Files\Unlocker
    2009-03-03 17:40:08 ----SHD---- C:\FOUND.001
    2009-03-03 17:19:39 ----A---- C:\WINDOWS\msnfix.txt
    2009-02-25 22:34:04 ----HD---- C:\WINDOWS\$NtUninstallKB967715$
    2009-02-20 18:31:28 ----A---- C:\WINDOWS\system32\HPZisn12.dll
    2009-02-20 18:31:28 ----A---- C:\WINDOWS\system32\HPZipt12.dll
    2009-02-20 18:31:28 ----A---- C:\WINDOWS\system32\HPZipr12.dll
    2009-02-20 18:31:28 ----A---- C:\WINDOWS\system32\HPZipm12.exe
    2009-02-20 18:31:28 ----A---- C:\WINDOWS\system32\HPZinw12.exe
    2009-02-20 18:31:28 ----A---- C:\WINDOWS\system32\HPZidr12.dll
    2009-02-20 18:30:12 ----D---- C:\Program Files\HP
    2009-02-20 18:27:35 ----HD---- C:\Config.Msi
    2009-02-20 18:26:07 ----RA---- C:\WINDOWS\system32\HPZIDS01.dll
    2009-02-20 18:25:59 ----A---- C:\WINDOWS\system32\hpz3l054.dll
    2009-02-16 11:21:21 ----D---- C:\Documents and Settings\All Users\Application Data\Raxco
    2009-02-16 11:21:20 ----D---- C:\Program Files\Raxco
    2009-02-12 17:55:44 ----HD---- C:\WINDOWS\$NtUninstallKB960715$

    ======List of files/folders modified in the last 1 months======

    2009-03-07 15:25:46 ----A---- C:\WINDOWS\win.ini
    2009-03-07 14:27:22 ----A---- C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt
    2009-03-07 14:24:32 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-03-07 14:19:18 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-03-01 10:35:24 ----A---- C:\WINDOWS\system32\eRLog.ini
    2009-02-12 17:55:48 ----A---- C:\WINDOWS\imsins.BAK

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-07 75072]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
    R1 OsaFsLoc;OsaFsLoc; \??\C:\WINDOWS\system32\drivers\OsaFsLoc.sys []
    R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
    R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-07-19 21275]
    R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
    R2 DefragFS;DefragFS; C:\WINDOWS\system32\drivers\DefragFS.sys [2009-01-09 71184]
    R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2004-07-21 9856]
    R2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []
    R2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []
    R2 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
    R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
    R2 osaio;osaio; \??\C:\WINDOWS\system32\drivers\osaio.sys []
    R2 osanbm;osanbm; \??\C:\WINDOWS\system32\drivers\osanbm.sys []
    R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-28 13568]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-01-04 1420288]
    R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
    R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2005-04-05 132352]
    R3 BTKRNL;Enumérateur de bus Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2005-12-02 854826]
    R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
    R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-08 16896]
    R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2004-02-12 3968]
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-11-08 997376]
    R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-11-08 202240]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-11-17 4069888]
    R3 lv321av;Logitech USB PC Camera (VC0321); C:\WINDOWS\System32\Drivers\lv321av.sys [2005-11-30 1088896]
    R3 lvmvdrv;Logitech Machine Vision Engine Loader; \??\C:\WINDOWS\system32\drivers\lvmvdrv.sys []
    R3 LVPrcMon;Logitech LVPrcMon Driver; \??\C:\WINDOWS\system32\drivers\LVPrcMon.sys []
    R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-11-30 39424]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 NdisFilt;OSA NdisFilter Protocol; C:\WINDOWS\System32\Drivers\NdisFilt.sys [2005-09-13 4392]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2003-04-05 6144]
    R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
    R3 SMCIRDA;SMSC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2004-12-09 46592]
    R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-11-02 191456]
    R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-06-22 162176]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-11-26 1427968]
    R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-11-08 723712]
    S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
    S1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
    S3 AVerM115;AVerM115 service; C:\WINDOWS\system32\DRIVERS\AVerM115.sys [2005-08-24 692992]
    S3 btaudio;Périphérique audio Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2005-12-02 328141]
    S3 BTDriver;Pilote de communications virtuelles Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2005-12-02 30363]
    S3 BTWDNDIS;Serveur d'accès au réseau local Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2005-12-02 148488]
    S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2005-12-02 65016]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys []
    S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
    S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 NETMNT;Acer NetMonitor Protocol; C:\WINDOWS\system32\DRIVERS\NETMNT.sys [2005-05-02 9600]
    S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2005-08-03 32512]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 SMCB000;SMSC CIR HID Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\hidsmsc.sys [2005-12-06 15744]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
    R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
    R2 AWService;AdminWorks Agent X6; C:\Acer\Empowering Technology\admServ.exe [2005-10-24 1314816]
    R2 btwdins;Bluetooth Service; c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2005-12-02 266295]
    R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe [2005-12-02 254050]
    R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe [2005-12-02 114784]
    R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe [2005-12-02 61440]
    R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-28 114753]
    R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    R2 LVPrcSrv;Logitech Process Monitor; c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe [2005-11-30 81920]
    R2 PDAgent;PDAgent; C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe [2009-01-13 918792]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
    R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-28 217164]
    R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-01-21 143360]
    R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-28 540745]
    S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
    S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 PDEngine;PDEngine; C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe [2009-01-13 1021192]
    S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2005-08-03 86016]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-01-04 405504]

    -----------------EOF-----------------


    info.txt logfile of random's system information tool 1.05 2009-03-07 15:51:59

    ======Uninstall list======

    -->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Acer Inc.\Acer French Guide Link\Uninst.isu"
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{13E613EF-BB55-11D9-9D77-000129760D75}\setup.exe" -uninstall
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC4F90EC-B1DA-11D9-9D77-000129760D75}\setup.exe" -uninstall
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Acer Arcade-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.exe" -uninstall
    Acer eDataSecurity Management 1.00.23-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E431C518-2EE2-471E-9234-BE995C36D513}\setup.exe" -l0x40c -removeonly
    Acer eLock Management-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{6CA897D0-67F5-4F75-8261-DC8BFCA6DA42}
    Acer Empowering Technology framework-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{15B70821-7893-4607-805A-BB80F3EA8279}
    Acer eNet Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\Setup.exe" -l0x40c
    Acer ePerformance Management-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{DEE08946-40F0-4890-853E-60A6C3306041}
    Acer ePower Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\Setup.exe" -l0x40c
    Acer ePresentation Management-->C:\WINDOWS\UnInst32.exe AcerePrj.UNI
    Acer eSettings Management-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{E38BC648-883B-4EE5-966C-94C4B7AB3E0B}
    Acer GridVista-->C:\WINDOWS\UnInst32.exe GridV.UNI
    Acer Screensaver-->MsiExec.exe /I{D458BBDC-0363-42E0-8FF9-4736E3CB3CA2}
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Reader 7.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
    Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
    ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
    ATI Catalyst Control Center-->MsiExec.exe /I{86ACFE52-BE3A-4E54-840F-D031339825AD}
    ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:D ISPLAY -clean
    Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
    Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
    Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    FindyKill-->C:\Program Files\FindyKill\Uninstal.exe
    HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_AcrS1025\HXFSETUP.EXE -U -IAcrS1025.inf
    High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Launch Manager-->C:\WINDOWS\UnInst32.exe QtZgAcer.UNI
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Logiciel Acer OrbiCam-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{76AC1AEB-1167-4ABC-8861-4E58392A5B7F}\setup.exe" -l0x40c
    Logiciel Intel(R) PROSet/Wireless-->C:\WINDOWS\Installer\iProInst.exe
    mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
    Messenger Plus! 3-->"C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /Remove
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
    Microsoft Office Word Viewer 2003-->MsiExec.exe /I{9085040C-6000-11D3-8CFE-0150048383C9}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
    mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
    MotoGP 08-->"C:\Program Files\InstallShield Installation Information\{BDA825AD-D60B-4935-9590-B0F1AC2E0D22}\setup.exe" -runfromtemp -l0x040c -removeonly
    mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
    mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
    mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
    NTI Backup NOW! 4-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{385979FE-DC4F-4140-8EAD-A59625000D72} /l1036 BUN4
    NTI CD & DVD-Maker-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    PerfectDisk 10 Professional-->MsiExec.exe /I{7B738CD9-D107-48C7-8E65-2E6639A39C8D}
    PowerProducer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
    Programme de gestion Acer OrbiCam-->"C:\Program Files\Fichiers communs\Acer\OrbiCam\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT -l040c
    Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
    Réussir ses CV et Lettres de Motivation-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A3B685A0-4B1A-410F-B630-582324729318}\SETUP.EXE" -l0x40c
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    SLD Codec Pack-->C:\Program Files\SLD Codec Pack\uninstall.exe
    SMSC CIR HID V5.3.2600.2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F1B8DB67-D30E-4FF9-A85F-3CEE51825AA2}\setup.exe" -l0x40c UNINSTALL
    Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
    Texas Instruments PCIxx21/x515 drivers.-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{FF6F491D-BC82-4DCC-A72F-1824957C6466} /l1036
    TomTom HOME-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
    Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
    VC_MergeModuleToMSI-->MsiExec.exe /I{900A92BA-19EF-4A34-86CF-7B6C85BDD971}
    VirtualCloneDrive-->"C:\Program Files\Elaborate Bytes\VirtualCloneDrive\vcd-uninst.exe" /D="C:\Program Files\Elaborate Bytes\VirtualCloneDrive"
    VLC media player 0.9.6-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    WIDCOMM Bluetooth Software-->MsiExec.exe /X{3F4EC965-28EF-45C3-B063-04B25D4E9679}
    Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
    Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe

    ======Security center information======

    AV: Avira AntiVir PersonalEdition Classic

    System event log

    Computer Name: ACER-36ADEA1256
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service int15.sys.

    Record Number: 29862
    Source Name: Service Control Manager
    Time Written: 20090223175745.000000+060
    Event Type: Informations
    User: ACER-36ADEA1256\Jeremy

    Computer Name: ACER-36ADEA1256
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service aswRdr.

    Record Number: 29861
    Source Name: Service Control Manager
    Time Written: 20090223175745.000000+060
    Event Type: Informations
    User: AUTORITE NT\SYSTEM

    Computer Name: ACER-36ADEA1256
    Event Code: 7036
    Message: Le service Gestionnaire de connexions d'accès distant est entré dans l'état : en cours d'exécution.

    Record Number: 29860
    Source Name: Service Control Manager
    Time Written: 20090223175745.000000+060
    Event Type: Informations
    User:

    Computer Name: ACER-36ADEA1256
    Event Code: 7036
    Message: Le service Carte de performance WMI est entré dans l'état : en cours d'exécution.

    Record Number: 29859
    Source Name: Service Control Manager
    Time Written: 20090223175745.000000+060
    Event Type: Informations
    User:

    Computer Name: ACER-36ADEA1256
    Event Code: 7035
    Message: Un contrôle Démarrer a correctement été envoyé au service Carte de performance WMI.

    Record Number: 29858
    Source Name: Service Control Manager
    Time Written: 20090223175745.000000+060
    Event Type: Informations
    User: ACER-36ADEA1256\Jeremy

    Application event log

    Computer Name: ACER-36ADEA1256
    Event Code: 0
    Message:
    Record Number: 2120
    Source Name: RichVideo
    Time Written: 20090203175923.000000+060
    Event Type: Informations
    User:

    Computer Name: ACER-36ADEA1256
    Event Code: 0
    Message:
    Record Number: 2119
    Source Name: RegSrvc
    Time Written: 20090203175922.000000+060
    Event Type: Informations
    User:

    Computer Name: ACER-36ADEA1256
    Event Code: 0
    Message:
    Record Number: 2118
    Source Name: btwdins
    Time Written: 20090203175922.000000+060
    Event Type: Informations
    User:

    Computer Name: ACER-36ADEA1256
    Event Code: 0
    Message:
    Record Number: 2117
    Source Name: EvtEng
    Time Written: 20090203175913.000000+060
    Event Type: Informations
    User:

    Computer Name: ACER-36ADEA1256
    Event Code: 1517
    Message: Windows a sauvegardé le Registre utilisateur ACER-36ADEA1256\Jeremy alors qu'une application ou un service utilisait toujours le Registre pendant la fermeture de la session. La mémoire utilisée par le Registre de l'utilisateur n'a pas été libérée. le Registre sera déchargé lorsqu'il ne sera plus utilisé.


    Cela est souvent causé par des services s'exécutant en tant que compte d'utilisateur, essayez de configurer les services pour s'exécuter dans le compte service réseau ou service local.

    Record Number: 2116
    Source Name: Userenv
    Time Written: 20090202225330.000000+060
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Intel\Wireless\Bin\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 14 Stepping 8, GenuineIntel
    "PROCESSOR_REVISION"=0e08
    "NUMBER_OF_PROCESSORS"=2
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP

    -----------------EOF-----------------


    a b 8 Sécurité
    7 Mars 2009 19:02:51

    C'est pas tout à fait propre.

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.

  • Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :

    ~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    ~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
    ~~~~ Fais redémarrer ton ordinateur normalement et poste le rapport dans ta prochaine réponse.

    REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    Note : Si tu ne parviens à télécharger MBAM à part de MajorGeeks, tu peux le télécharger ici!

    [#FF0000]Aide
    :
  • Comment utiliser MBAM.
  • Comment faire démarrer son ordinateur en mode sans échec.
    8 Mars 2009 12:54:50

    Malwarebytes' Anti-Malware 1.34
    Version de la base de données: 1826
    Windows 5.1.2600 Service Pack 3

    08/03/2009 12:39:33
    mbam-log-2009-03-08 (12-39-33).txt

    Type de recherche: Examen complet (C:\|D:\|G:\|)
    Eléments examinés: 132531
    Temps écoulé: 20 minute(s), 52 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 1
    Valeur(s) du Registre infectée(s): 1
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe (Security.Hijack) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Printspooler (Trojan.Agent) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)


    Voila le rapport
    C'est bon mon pc est entierement propre ??
    a b 8 Sécurité
    8 Mars 2009 19:25:55

    Refais un scan RSTI pour voir.
    9 Mars 2009 18:16:09

    Logfile of random's system information tool 1.05 (written by random/random)
    Run by Jeremy at 2009-03-09 18:13:58
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 21 GB (38%) free of 55 GB
    Total RAM: 2046 MB (71% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:14:03, on 09/03/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16791)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Acer\Acer Arcade\PCMService.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Acer\Empowering Technology\admServ.exe
    C:\WINDOWS\system32\ElkCtrl.exe
    C:\Acer\Empowering Technology\admtray.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    C:\Program Files\MessengerPlus! 3\MsgPlus.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\TomTom HOME 2\HOMERunner.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
    C:\Documents and Settings\Jeremy\Bureau\RSIT.exe
    C:\Program Files\trend micro\Jeremy.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Acer eDataSecurity Management - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\WINDOWS\system32\ToolBand.dll
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
    O4 - HKLM\..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
    O4 - HKCU\..\Run: [drvsyskit] C:\Documents and Settings\Jeremy\Application Data\drivers\winupgro.exe
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: &Sample Toolband Serach - res://C:\WINDOWS\system32\ToolBand.dll/MENUSEARCH.HTM
    O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=...
    O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
    O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

    --
    End of file - 10495 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    AcroIEHlprObj Class - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - Acer eDataSecurity Management - C:\WINDOWS\system32\ToolBand.dll [2005-10-19 94208]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "LaunchApp"=Alaunch []
    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-11-16 15600128]
    "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
    "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-11-02 102491]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-11-02 692315]
    "PCMService"=C:\Program Files\Acer\Acer Arcade\PCMService.exe [2005-12-02 151552]
    "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
    "MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-05 59392]
    "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
    "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
    "ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2005-08-12 45056]
    "eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2005-10-19 69632]
    "ePower_DMC"=C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [2006-01-17 344064]
    "Acer ePower Management"=C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe [2006-01-16 3080192]
    "LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2005-12-06 458752]
    "eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\Monitor.exe [2009-03-07 397312]
    "LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-11-30 225280]
    "LogitechCameraAssistant"=C:\Program Files\Acer\OrbiCam\CameraAssistant.exe [2005-11-29 438272]
    "LogitechVideo[inspector]"=C:\Program Files\Acer\OrbiCam\InstallHelper.exe [2005-11-29 73728]
    "LogitechCameraService(E)"=C:\WINDOWS\system32\ElkCtrl.exe [2004-11-01 262144]
    "ADMTray.exe"=C:\Acer\Empowering Technology\admtray.exe [2005-10-24 2462208]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
    "VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2004-08-20 45056]
    "UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2009-03-07 15872]
    "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
    "MessengerPlus3"=C:\Program Files\MessengerPlus! 3\MsgPlus.exe [2009-03-07 190024]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-05-06 202088]
    "drvsyskit"=C:\Documents and Settings\Jeremy\Application Data\drivers\winupgro.exe []
    "MessengerPlus3"=C:\Program Files\MessengerPlus! 3\MsgPlus.exe [2009-03-07 190024]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2006-01-04 61440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableLUA"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Acer\Acer Arcade\PCMService.exe"="C:\Program Files\Acer\Acer Arcade\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\Program Files\EA GAMES\Medal of Honor Batailles du Pacifique(tm)\mohpa.exe"="C:\Program Files\EA GAMES\Medal of Honor Batailles du Pacifique(tm)\mohpa.exe:*:Enabled:Medal of Honor Pacific Assault(tm)"
    "C:\Program Files\Capcom\MotoGP 08\Launcher.exe"="C:\Program Files\Capcom\MotoGP 08\Launcher.exe:*:Enabled:MotoGP 08"
    "C:\Program Files\spoolsvt.exe"="C:\Program Files\spoolsvt.exe:*:Enabled:p rint Spooler"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    ======List of files/folders created in the last 1 months======

    2009-03-08 11:53:04 ----D---- C:\Documents and Settings\Jeremy\Application Data\Malwarebytes
    2009-03-08 11:52:59 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-03-08 11:52:59 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-03-07 15:50:33 ----D---- C:\Program Files\trend micro
    2009-03-07 15:50:32 ----D---- C:\rsit
    2009-03-07 15:24:31 ----D---- C:\Program Files\Microsoft
    2009-03-07 15:23:29 ----D---- C:\Program Files\Windows Live SkyDrive
    2009-03-07 15:15:15 ----D---- C:\Program Files\Fichiers communs\Windows Live
    2009-03-07 14:55:09 ----D---- C:\Program Files\MessengerPlus! 3
    2009-03-07 14:38:06 ----D---- C:\Documents and Settings\Jeremy\Application Data\c5
    2009-03-07 14:35:25 ----D---- C:\Documents and Settings\Jeremy\Application Data\c3
    2009-03-07 14:34:28 ----D---- C:\Program Files\Avira
    2009-03-07 14:34:28 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
    2009-03-07 14:34:05 ----D---- C:\Documents and Settings\Jeremy\Application Data\c2
    2009-03-07 14:32:44 ----D---- C:\Documents and Settings\Jeremy\Application Data\c1
    2009-03-07 14:27:11 ----HD---- C:\Documents and Settings\Jeremy\Application Data\drivers
    2009-03-07 14:20:26 ----A---- C:\FindyKill2.txt
    2009-03-07 14:15:55 ----A---- C:\FindyKill.txt
    2009-03-06 18:47:32 ----A---- C:\WINDOWS\ntbtlog.txt
    2009-03-06 18:28:18 ----D---- C:\Program Files\FindyKill
    2009-03-05 15:22:22 ----A---- C:\WINDOWS\gmer_uninstall.cmd
    2009-03-05 15:22:13 ----A---- C:\WINDOWS\gmer.exe
    2009-03-03 17:54:27 ----D---- C:\Program Files\Unlocker
    2009-03-03 17:40:08 ----SHD---- C:\FOUND.001
    2009-03-03 17:19:39 ----A---- C:\WINDOWS\msnfix.txt
    2009-02-25 22:34:04 ----HD---- C:\WINDOWS\$NtUninstallKB967715$
    2009-02-20 18:31:28 ----A---- C:\WINDOWS\system32\HPZisn12.dll
    2009-02-20 18:31:28 ----A---- C:\WINDOWS\system32\HPZipt12.dll
    2009-02-20 18:31:28 ----A---- C:\WINDOWS\system32\HPZipr12.dll
    2009-02-20 18:31:28 ----A---- C:\WINDOWS\system32\HPZipm12.exe
    2009-02-20 18:31:28 ----A---- C:\WINDOWS\system32\HPZinw12.exe
    2009-02-20 18:31:28 ----A---- C:\WINDOWS\system32\HPZidr12.dll
    2009-02-20 18:30:12 ----D---- C:\Program Files\HP
    2009-02-20 18:27:35 ----HD---- C:\Config.Msi
    2009-02-20 18:26:07 ----RA---- C:\WINDOWS\system32\HPZIDS01.dll
    2009-02-20 18:25:59 ----A---- C:\WINDOWS\system32\hpz3l054.dll
    2009-02-16 11:21:21 ----D---- C:\Documents and Settings\All Users\Application Data\Raxco
    2009-02-16 11:21:20 ----D---- C:\Program Files\Raxco
    2009-02-12 17:55:44 ----HD---- C:\WINDOWS\$NtUninstallKB960715$

    ======List of files/folders modified in the last 1 months======

    2009-03-09 17:54:52 ----A---- C:\WINDOWS\win.ini
    2009-03-09 17:54:34 ----A---- C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt
    2009-03-08 23:04:46 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-03-07 14:19:18 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-03-01 10:35:24 ----A---- C:\WINDOWS\system32\eRLog.ini
    2009-02-12 17:55:48 ----A---- C:\WINDOWS\imsins.BAK

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-07 75072]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
    R1 OsaFsLoc;OsaFsLoc; \??\C:\WINDOWS\system32\drivers\OsaFsLoc.sys []
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
    R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
    R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-07-19 21275]
    R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
    R2 DefragFS;DefragFS; C:\WINDOWS\system32\drivers\DefragFS.sys [2009-01-09 71184]
    R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2004-07-21 9856]
    R2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []
    R2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []
    R2 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
    R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
    R2 osaio;osaio; \??\C:\WINDOWS\system32\drivers\osaio.sys []
    R2 osanbm;osanbm; \??\C:\WINDOWS\system32\drivers\osanbm.sys []
    R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-28 13568]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-01-04 1420288]
    R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
    R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2005-04-05 132352]
    R3 BTKRNL;Enumérateur de bus Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2005-12-02 854826]
    R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
    R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-08 16896]
    R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2004-02-12 3968]
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-11-08 997376]
    R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-11-08 202240]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-11-17 4069888]
    R3 lv321av;Logitech USB PC Camera (VC0321); C:\WINDOWS\System32\Drivers\lv321av.sys [2005-11-30 1088896]
    R3 lvmvdrv;Logitech Machine Vision Engine Loader; \??\C:\WINDOWS\system32\drivers\lvmvdrv.sys []
    R3 LVPrcMon;Logitech LVPrcMon Driver; \??\C:\WINDOWS\system32\drivers\LVPrcMon.sys []
    R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-11-30 39424]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 NdisFilt;OSA NdisFilter Protocol; C:\WINDOWS\System32\Drivers\NdisFilt.sys [2005-09-13 4392]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2003-04-05 6144]
    R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
    R3 SMCIRDA;SMSC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2004-12-09 46592]
    R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-11-02 191456]
    R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-06-22 162176]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-11-26 1427968]
    R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-11-08 723712]
    S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
    S3 AVerM115;AVerM115 service; C:\WINDOWS\system32\DRIVERS\AVerM115.sys [2005-08-24 692992]
    S3 btaudio;Périphérique audio Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2005-12-02 328141]
    S3 BTDriver;Pilote de communications virtuelles Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2005-12-02 30363]
    S3 BTWDNDIS;Serveur d'accès au réseau local Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2005-12-02 148488]
    S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2005-12-02 65016]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys []
    S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
    S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 NETMNT;Acer NetMonitor Protocol; C:\WINDOWS\system32\DRIVERS\NETMNT.sys [2005-05-02 9600]
    S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2005-08-03 32512]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 SMCB000;SMSC CIR HID Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\hidsmsc.sys [2005-12-06 15744]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
    R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
    R2 AWService;AdminWorks Agent X6; C:\Acer\Empowering Technology\admServ.exe [2005-10-24 1314816]
    R2 btwdins;Bluetooth Service; c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2005-12-02 266295]
    R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe [2005-12-02 254050]
    R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe [2005-12-02 114784]
    R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe [2005-12-02 61440]
    R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-28 114753]
    R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    R2 LVPrcSrv;Logitech Process Monitor; c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe [2005-11-30 81920]
    R2 PDAgent;PDAgent; C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe [2009-01-13 918792]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
    R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-28 217164]
    R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-01-21 143360]
    R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-28 540745]
    S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
    S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 PDEngine;PDEngine; C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe [2009-01-13 1021192]
    S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2005-08-03 86016]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-01-04 405504]

    -----------------EOF-----------------

    Voila le dernier scan
    a b 8 Sécurité
    9 Mars 2009 18:59:55

    On va attaquer avec Combofix.
    11 Mars 2009 21:39:21

    Je le trouve ou ?

    Pasque d'apres mes recherches rapides sur le net faut bien s'y connaitre pour faire aller combofix nen ?
    a b 8 Sécurité
    12 Mars 2009 17:06:35

    Au temps pour moi, j'ai oublié la procédure xD

    Télécharge ComboFix (de sUBs) sur ton Bureau.

  • Désactive temporairement toute protection résidente ! (Antivirus, antispywares..)
  • Double clique sur ComboFix.exe.
  • Accepte la licence en cliquant sur Oui.
  • Le programme va te demander si tu souhaites installer la Console de Récupération. C'est une précaution, au cas où l'ordinateur tomberait en panne. Je te conseille donc de l'installer, ça ne coûte rien, et ça pourrait potentiellement servir !
  • Lorsque l'opération sera terminée, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

    Le rapport se trouve ici : %SystemDrive%\ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C:\ en général)

    Aide : Comment utiliser ComboFix.
    15 Mars 2009 11:51:33

    Bonjour
    Je n'arrive pas a utiliser combofix
    Quand je clic dessus une petite fenetre s'ouvre et charge puis un message d'erreur apparait en disant que tous les fichiers non pas pu etre créer et que je doit redémarrer, j'ai donc redémaré mais rien ne change
    a b 8 Sécurité
    15 Mars 2009 12:46:36

    Re,

    On va faire autrement alors.

    Télécharge OTMoveIt3 (de OldTimer). Sauvegarde-le sur ton Bureau.
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    :processes
    explorer.exe

    :reg
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "drvsyskit"=-

    :files
    c:\temp1\*.txt /s
    C:\Documents and Settings\Jeremy\Application Data\drivers
    C:\FOUND.?

    :commands
    [emptytemp]
    [start explorer]
    [reboot]


    Double clique sur OTMoveIt3.exe afin de le lancer.
    Colle (ou Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
    Clique maintenant sur le bouton [#ff0000]MoveIt![/#f] puis ferme OTMoveIt3.

    [#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.[/#f]

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log
    15 Mars 2009 13:10:19

    Voila le rapport:

    ========== PROCESSES ==========
    Process explorer.exe killed successfully.
    ========== REGISTRY ==========
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\\ deleted successfully.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\drvsyskit deleted successfully.
    ========== FILES ==========
    File/Folder c:\temp1\*.txt not found.
    C:\Documents and Settings\Jeremy\Application Data\drivers\downld moved successfully.
    C:\Documents and Settings\Jeremy\Application Data\drivers moved successfully.
    File/Folder C:\FOUND.? not found.
    ========== COMMANDS ==========
    File delete failed. C:\DOCUME~1\Jeremy\LOCALS~1\Temp\Perflib_Perfdata_5b4.dat scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\Jeremy\LOCALS~1\Temp\Perflib_Perfdata_fa0.dat scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\Jeremy\LOCALS~1\Temp\Perflib_Perfdata_f88.dat scheduled to be deleted on reboot.
    User's Temp folder emptied.
    User's Temporary Internet Files folder emptied.
    User's Internet Explorer cache folder emptied.
    Local Service Temp folder emptied.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    Local Service Temporary Internet Files folder emptied.
    File delete failed. C:\WINDOWS\temp\CLML_AGENT_LOG1.txt scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\sqlite_NmtibA945O1QnJs scheduled to be deleted on reboot.
    Windows Temp folder emptied.
    Java cache emptied.
    Temp folders emptied.
    Explorer started successfully

    OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 03152009_130112

    Files moved on Reboot...
    File C:\DOCUME~1\Jeremy\LOCALS~1\Temp\Perflib_Perfdata_5b4.dat not found!
    File C:\DOCUME~1\Jeremy\LOCALS~1\Temp\Perflib_Perfdata_fa0.dat not found!
    File C:\DOCUME~1\Jeremy\LOCALS~1\Temp\Perflib_Perfdata_f88.dat not found!
    File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
    C:\WINDOWS\temp\CLML_AGENT_LOG1.txt moved successfully.
    File C:\WINDOWS\temp\sqlite_NmtibA945O1QnJs not found!
    a b 8 Sécurité
    15 Mars 2009 13:33:08

    Refais un scan RSTI pour voir.
    15 Mars 2009 14:11:23

    Le voici

    Logfile of random's system information tool 1.05 (written by random/random)
    Run by Jeremy at 2009-03-15 14:10:23
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 18 GB (33%) free of 55 GB
    Total RAM: 2046 MB (65% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:10:27, on 15/03/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16791)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Acer\Empowering Technology\admServ.exe
    c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Acer\Acer Arcade\PCMService.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
    C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
    C:\WINDOWS\system32\ElkCtrl.exe
    C:\Acer\Empowering Technology\admtray.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\MessengerPlus! 3\MsgPlus.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\TomTom HOME 2\HOMERunner.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\eMule\emule.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Documents and Settings\Jeremy\Bureau\RSIT.exe
    C:\Program Files\trend micro\Jeremy.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Acer eDataSecurity Management - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\WINDOWS\system32\ToolBand.dll
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
    O4 - HKLM\..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: &Sample Toolband Serach - res://C:\WINDOWS\system32\ToolBand.dll/MENUSEARCH.HTM
    O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{A622A24D-4463-4C43-A78D-C56CC37E1603}: NameServer = 192.168.1.1
    O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
    O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

    --
    End of file - 10506 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    AcroIEHlprObj Class - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - Acer eDataSecurity Management - C:\WINDOWS\system32\ToolBand.dll [2005-10-19 94208]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "LaunchApp"=Alaunch []
    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-11-16 15600128]
    "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
    "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-11-02 102491]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-11-02 692315]
    "PCMService"=C:\Program Files\Acer\Acer Arcade\PCMService.exe [2005-12-02 151552]
    "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
    "MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-05 59392]
    "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
    "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
    "ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2005-08-12 45056]
    "eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2005-10-19 69632]
    "ePower_DMC"=C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [2006-01-17 344064]
    "Acer ePower Management"=C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe [2006-01-16 3080192]
    "LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2005-12-06 458752]
    "eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\Monitor.exe [2009-03-07 397312]
    "LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-11-30 225280]
    "LogitechCameraAssistant"=C:\Program Files\Acer\OrbiCam\CameraAssistant.exe [2005-11-29 438272]
    "LogitechVideo[inspector]"=C:\Program Files\Acer\OrbiCam\InstallHelper.exe [2005-11-29 73728]
    "LogitechCameraService(E)"=C:\WINDOWS\system32\ElkCtrl.exe [2004-11-01 262144]
    "ADMTray.exe"=C:\Acer\Empowering Technology\admtray.exe [2005-10-24 2462208]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
    "VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2004-08-20 45056]
    "UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2009-03-07 15872]
    "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
    "MessengerPlus3"=C:\Program Files\MessengerPlus! 3\MsgPlus.exe [2009-03-07 190024]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-05-06 202088]
    "MessengerPlus3"=C:\Program Files\MessengerPlus! 3\MsgPlus.exe [2009-03-07 190024]
    "eMuleAutoStart"=C:\Program Files\eMule\emule.exe [2008-05-11 5423104]
    "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2006-01-04 61440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableLUA"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Acer\Acer Arcade\PCMService.exe"="C:\Program Files\Acer\Acer Arcade\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\Program Files\EA GAMES\Medal of Honor Batailles du Pacifique(tm)\mohpa.exe"="C:\Program Files\EA GAMES\Medal of Honor Batailles du Pacifique(tm)\mohpa.exe:*:Enabled:Medal of Honor Pacific Assault(tm)"
    "C:\Program Files\Capcom\MotoGP 08\Launcher.exe"="C:\Program Files\Capcom\MotoGP 08\Launcher.exe:*:Enabled:MotoGP 08"
    "C:\Program Files\spoolsvt.exe"="C:\Program Files\spoolsvt.exe:*:Enabled:p rint Spooler"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    ======List of files/folders created in the last 1 months======

    2009-03-15 13:01:13 ----D---- C:\_OTMoveIt
    2009-03-15 11:50:13 ----D---- C:\32788R22FWJFW
    2009-03-15 11:28:20 ----D---- C:\Qoobox
    2009-03-15 11:28:19 ----A---- C:\Bug.txt
    2009-03-15 11:28:17 ----A---- C:\WINDOWS\system32\cmd.execf
    2009-03-14 08:23:43 ----HD---- C:\WINDOWS\$NtUninstallKB960225$
    2009-03-14 08:23:25 ----HD---- C:\WINDOWS\$NtUninstallKB958690$
    2009-03-14 08:20:44 ----SHD---- C:\FOUND.002
    2009-03-11 22:33:55 ----HD---- C:\WINDOWS\$NtUninstallKB959772_WM11$
    2009-03-08 11:53:04 ----D---- C:\Documents and Settings\Jeremy\Application Data\Malwarebytes
    2009-03-08 11:52:59 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-03-08 11:52:59 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-03-07 15:50:33 ----D---- C:\Program Files\trend micro
    2009-03-07 15:50:32 ----D---- C:\rsit
    2009-03-07 15:24:31 ----D---- C:\Program Files\Microsoft
    2009-03-07 15:23:29 ----D---- C:\Program Files\Windows Live SkyDrive
    2009-03-07 15:15:15 ----D---- C:\Program Files\Fichiers communs\Windows Live
    2009-03-07 14:55:09 ----D---- C:\Program Files\MessengerPlus! 3
    2009-03-07 14:38:06 ----D---- C:\Documents and Settings\Jeremy\Application Data\c5
    2009-03-07 14:35:25 ----D---- C:\Documents and Settings\Jeremy\Application Data\c3
    2009-03-07 14:34:28 ----D---- C:\Program Files\Avira
    2009-03-07 14:34:28 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
    2009-03-07 14:34:05 ----D---- C:\Documents and Settings\Jeremy\Application Data\c2
    2009-03-07 14:32:44 ----D---- C:\Documents and Settings\Jeremy\Application Data\c1
    2009-03-07 14:20:26 ----A---- C:\FindyKill2.txt
    2009-03-07 14:15:55 ----A---- C:\FindyKill.txt
    2009-03-06 18:47:32 ----A---- C:\WINDOWS\ntbtlog.txt
    2009-03-06 18:28:18 ----D---- C:\Program Files\FindyKill
    2009-03-05 15:22:22 ----A---- C:\WINDOWS\gmer_uninstall.cmd
    2009-03-05 15:22:13 ----A---- C:\WINDOWS\gmer.exe
    2009-03-03 17:54:27 ----D---- C:\Program Files\Unlocker
    2009-03-03 17:40:08 ----SHD---- C:\FOUND.001
    2009-03-03 17:19:39 ----A---- C:\WINDOWS\msnfix.txt
    2009-02-25 22:34:04 ----HD---- C:\WINDOWS\$NtUninstallKB967715$
    2009-02-20 18:31:28 ----A---- C:\WINDOWS\system32\HPZisn12.dll
    2009-02-20 18:31:28 ----A---- C:\WINDOWS\system32\HPZipt12.dll
    2009-02-20 18:31:28 ----A---- C:\WINDOWS\system32\HPZipr12.dll
    2009-02-20 18:31:28 ----A---- C:\WINDOWS\system32\HPZipm12.exe
    2009-02-20 18:31:28 ----A---- C:\WINDOWS\system32\HPZinw12.exe
    2009-02-20 18:31:28 ----A---- C:\WINDOWS\system32\HPZidr12.dll
    2009-02-20 18:30:12 ----D---- C:\Program Files\HP
    2009-02-20 18:27:35 ----HD---- C:\Config.Msi
    2009-02-20 18:26:07 ----RA---- C:\WINDOWS\system32\HPZIDS01.dll
    2009-02-20 18:25:59 ----A---- C:\WINDOWS\system32\hpz3l054.dll
    2009-02-16 11:21:21 ----D---- C:\Documents and Settings\All Users\Application Data\Raxco
    2009-02-16 11:21:20 ----D---- C:\Program Files\Raxco

    ======List of files/folders modified in the last 1 months======

    2009-03-15 13:05:02 ----A---- C:\WINDOWS\win.ini
    2009-03-15 13:04:42 ----A---- C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt
    2009-03-15 13:02:42 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-03-14 08:23:40 ----A---- C:\WINDOWS\imsins.BAK
    2009-03-07 14:19:18 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-03-01 10:35:24 ----A---- C:\WINDOWS\system32\eRLog.ini
    2009-02-25 12:55:00 ----A---- C:\WINDOWS\system32\MRT.exe

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-07 75072]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
    R1 OsaFsLoc;OsaFsLoc; \??\C:\WINDOWS\system32\drivers\OsaFsLoc.sys []
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
    R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
    R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-07-19 21275]
    R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
    R2 DefragFS;DefragFS; C:\WINDOWS\system32\drivers\DefragFS.sys [2009-01-09 71184]
    R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2004-07-21 9856]
    R2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []
    R2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []
    R2 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
    R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
    R2 osaio;osaio; \??\C:\WINDOWS\system32\drivers\osaio.sys []
    R2 osanbm;osanbm; \??\C:\WINDOWS\system32\drivers\osanbm.sys []
    R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-28 13568]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-01-04 1420288]
    R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
    R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2005-04-05 132352]
    R3 BTKRNL;Enumérateur de bus Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2005-12-02 854826]
    R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
    R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-08 16896]
    R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2004-02-12 3968]
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-11-08 997376]
    R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-11-08 202240]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-11-17 4069888]
    R3 lv321av;Logitech USB PC Camera (VC0321); C:\WINDOWS\System32\Drivers\lv321av.sys [2005-11-30 1088896]
    R3 lvmvdrv;Logitech Machine Vision Engine Loader; \??\C:\WINDOWS\system32\drivers\lvmvdrv.sys []
    R3 LVPrcMon;Logitech LVPrcMon Driver; \??\C:\WINDOWS\system32\drivers\LVPrcMon.sys []
    R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-11-30 39424]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 NdisFilt;OSA NdisFilter Protocol; C:\WINDOWS\System32\Drivers\NdisFilt.sys [2005-09-13 4392]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2003-04-05 6144]
    R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
    R3 SMCIRDA;SMSC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2004-12-09 46592]
    R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-11-02 191456]
    R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-06-22 162176]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-11-26 1427968]
    R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-11-08 723712]
    S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
    S3 AVerM115;AVerM115 service; C:\WINDOWS\system32\DRIVERS\AVerM115.sys [2005-08-24 692992]
    S3 btaudio;Périphérique audio Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2005-12-02 328141]
    S3 BTDriver;Pilote de communications virtuelles Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2005-12-02 30363]
    S3 BTWDNDIS;Serveur d'accès au réseau local Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2005-12-02 148488]
    S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2005-12-02 65016]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys []
    S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
    S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 NETMNT;Acer NetMonitor Protocol; C:\WINDOWS\system32\DRIVERS\NETMNT.sys [2005-05-02 9600]
    S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2005-08-03 32512]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 SMCB000;SMSC CIR HID Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\hidsmsc.sys [2005-12-06 15744]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
    R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
    R2 AWService;AdminWorks Agent X6; C:\Acer\Empowering Technology\admServ.exe [2005-10-24 1314816]
    R2 btwdins;Bluetooth Service; c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2005-12-02 266295]
    R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe [2005-12-02 254050]
    R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe [2005-12-02 114784]
    R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe [2005-12-02 61440]
    R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-28 114753]
    R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    R2 LVPrcSrv;Logitech Process Monitor; c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe [2005-11-30 81920]
    R2 PDAgent;PDAgent; C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe [2009-01-13 918792]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
    R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-28 217164]
    R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-01-21 143360]
    R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-28 540745]
    S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
    S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 PDEngine;PDEngine; C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe [2009-01-13 1021192]
    S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2005-08-03 86016]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-01-04 405504]

    -----------------EOF--------
    a b 8 Sécurité
    15 Mars 2009 15:17:47

    Ton pc se comporte mieux ?
    15 Mars 2009 19:05:24

    Oui je n'ai plus aucun probleme

    Il est propre ?? plus aucun squateur ??
    a b 8 Sécurité
    16 Mars 2009 17:25:12

    Normalement c'est bon.
    16 Mars 2009 18:24:24

    Ok bah moi j'ai plus de probleme dc ca doit etre bon

    Merci pr tout ce temps de passé Angeldark

    Si je peux faire quoi que ce soit pour t'aider n'hesite pas
    a b 8 Sécurité
    16 Mars 2009 19:08:54

    Bon surf ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS