Se connecter / S'enregistrer
Votre question

Mon pc part en ****

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
10 Novembre 2008 22:42:45

Bonsoir à tous, voila depuis peu, je rencontre pas mal de soucis ( impossibilité de mettre à jour mes drivers, impossibilité d'installer des jeux et clés en grand nombre du nom de erkkilantie dans mon registre, quelqu'un sait comment toutes les supprimer ? )

Pourtant, pas d'infections, j'utilise très peu mon pc ( jeux et production musicale ) et j'ai de bonnes protections, Avg + batterie d'anti-spywares....

Je m'en remets donc à vous pour rétablir l'ordre :) 

Voici mon scan HijackThis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:39:39, on 10/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\PCHButton.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\ATI\SUPPORT\8-10_xp32_dd_ccc_wdm_enu_69561\setup.exe
C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\Rar$EX00.453\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: ::1 localhost
O1 - Hosts: 91.121.124.125 eu.logon.worldofwarcraft.com
O2 - BHO: {9713f01e-3b3c-71fa-2364-3a98bb4c5020} - {0205c4bb-89a3-4632-af17-c3b3e10f3179} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5F11D5D5-3FB2-4ADD-84AD-D69BC9A5D312} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {8EBA3594-FE81-4310-9730-29AFC428DA4D} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1036 -noicon
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWA-110] C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [c8d26e29] rundll32.exe "C:\WINDOWS\system32\tqfakiun.dll",b
O4 - HKLM\..\Run: [BMcbe15db5] Rundll32.exe "C:\WINDOWS\system32\emrmncav.dll",s
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\PCHButton.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.1.2.76.ca...
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_P...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: jkkKebYq - jkkKebYq.dll (file missing)
O20 - Winlogon Notify: mlJYpPIB - mlJYpPIB.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe (file missing)
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 12039 bytes


Merci d'avance :) 

Autres pages sur : part

10 Novembre 2008 23:38:33

Ah je précise aussi, j'ai comme beaucoup des clés du nom de erkkilantie donc dans mon registre ( une centaine de milliers ), seul moyen de les supprimer, utiliser RegSeeker et attendre....attendre....attendre....lol

Merci d'avance pour votre aide ( oui quasiment impossible d'utiliser mon pc là )
11 Novembre 2008 01:09:41

Salut Phomos


-Télécharge et installe MalwareByte's Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

- Mets le à jour

---

- Redémarre en mode sans échec :

Au redémarrage de ton PC tapote sur la touche F8 ou F5 sur l'écran suivant déplace toi avec les flèches de direction et choisis Mode sans échec. Choisis ta session habituelle et non la session Administrateur

---

- Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
- Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
- clique sur Rechercher

- Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok

- Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.

- Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection

- Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport avec un nouveau rapport HijackThis.

Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok

Tutoriel pour MalwareByte's ici :
http://www.malekal.com/tutorial_MalwareBytes_AntiMalwar...


@++
Contenus similaires
11 Novembre 2008 09:32:43

Bonjour,

Poste pour suivre.

;) 
11 Novembre 2008 09:48:13

Bonjour à tous, merci je vais reboot en mode sans échec et vous tenir au courant.

Merci.
11 Novembre 2008 11:45:04

Alors voici mes différents scans, problème, un spy qui lance deux fichiers au démarrage ( tqfakiun.dll et emrmncav.dll ) continue à me foutre ses messages alors que j'ai tout fait : suppression du fichier dans la base de registre, sur msconfig, avec Malware Byte's....Aucun moyen il revient toujours :s

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:42:00, on 11/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\PCHButton.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\Rar$EX00.406\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: ::1 localhost
O1 - Hosts: 91.121.124.125 eu.logon.worldofwarcraft.com
O2 - BHO: {9713f01e-3b3c-71fa-2364-3a98bb4c5020} - {0205c4bb-89a3-4632-af17-c3b3e10f3179} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {8EBA3594-FE81-4310-9730-29AFC428DA4D} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWA-110] C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [c8d26e29] rundll32.exe "C:\WINDOWS\system32\tqfakiun.dll",b
O4 - HKLM\..\Run: [BMcbe15db5] Rundll32.exe "C:\WINDOWS\system32\emrmncav.dll",s
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\PCHButton.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.1.2.76.ca...
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_P...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: jkkKebYq - jkkKebYq.dll (file missing)
O20 - Winlogon Notify: mlJYpPIB - mlJYpPIB.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 11484 bytes

Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1306
Windows 5.1.2600 Service Pack 3

11/11/2008 11:33:50
mbam-log-2008-11-11 (11-33-45).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 154524
Temps écoulé: 1 hour(s), 15 minute(s), 34 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 11
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 13

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5f11d5d5-3fb2-4add-84ad-d69bc9a5d312} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{5f11d5d5-3fb2-4add-84ad-d69bc9a5d312} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bmcbe15db5 (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\c8d26e29 (Trojan.Vundo) -> No action taken.

Elément(s) de données du Registre infecté(s):
HKEY_CLASSES_ROOT\regfile\shell\open\command\ (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\gebqkdsi -> No action taken.

Dossier(s) infecté(s):
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> No action taken.

Fichier(s) infecté(s):
C:\System Volume Information\_restore{86E11626-5203-4B6B-99A3-889F6E4C5699}\RP1445\A1359616.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{86E11626-5203-4B6B-99A3-889F6E4C5699}\RP1388\A1353241.DLL (Adware.MyWebSearch) -> No action taken.
C:\WINDOWS\system32\emrmncav.VIR (Trojan.Vundo) -> No action taken.


Merci :) 
11 Novembre 2008 12:55:38

Salut Phomos


J'aurais du lire Quarantined and deleted successfully et non No action taken, tu as bien cliquer sur Supprimer la sélection?


-----


Je te fais passer un autre scan, télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.
  • Double-clique sur RSIT.exe afin de lancer RSIT.
  • Clique Continue à l'écran Disclaimer.
  • Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
    ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
  • NB : Les rapports sont sauvegardés dans le dossier C:\rsit
  • Veille bien à me poster l'intégralité des rapports, vérifie qu'ils soient complets une fois que tu les as postés.


    @++
    11 Novembre 2008 13:00:30

    Oui bizarre j'ai bien supprimé avec Malware, j'ai même du reboot pour supprimer des fichiers.

    Voici le log.txt :

    Logfile of random's system information tool 1.04 (written by random/random)
    Run by HP_Propriétaire at 2008-11-11 12:59:15
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 13 GB (7%) free of 185 GB
    Total RAM: 1023 MB (39% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:59:44, on 11/11/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\system32\keyhook.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\ALCWZRD.EXE
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
    C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\PCHButton.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\VideoLAN\VLC\vlc.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\Documents and Settings\HP_Propriétaire\Mes documents\Mes Applications\RegSeeker\RegSeeker.exe
    C:\Documents and Settings\HP_Propriétaire\Bureau\RSIT.exe
    C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\Rar$EX00.406\HP_Propriétaire.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O1 - Hosts: ::1 localhost
    O1 - Hosts: 91.121.124.125 eu.logon.worldofwarcraft.com
    O2 - BHO: {9713f01e-3b3c-71fa-2364-3a98bb4c5020} - {0205c4bb-89a3-4632-af17-c3b3e10f3179} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {8EBA3594-FE81-4310-9730-29AFC428DA4D} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWA-110] C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
    O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [c8d26e29] rundll32.exe "C:\WINDOWS\system32\tqfakiun.dll",b
    O4 - HKLM\..\Run: [BMcbe15db5] Rundll32.exe "C:\WINDOWS\system32\emrmncav.dll",s
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\PCHButton.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.1.2.76.ca...
    O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_P...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267....
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: avgrsstx.dll
    O20 - Winlogon Notify: jkkKebYq - jkkKebYq.dll (file missing)
    O20 - Winlogon Notify: mlJYpPIB - mlJYpPIB.dll (file missing)
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

    --
    End of file - 11748 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\Nettoyage de disque.job
    C:\WINDOWS\tasks\Symantec NetDetect.job
    C:\WINDOWS\tasks\Synchroniser.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0205c4bb-89a3-4632-af17-c3b3e10f3179}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
    AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-10-26 455960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8EBA3594-FE81-4310-9730-29AFC428DA4D}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}]
    FlashFXP Helper for Internet Explorer - C:\PROGRA~1\FlashFXP\IEFlash.dll [2007-05-16 191096]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "hpsysdrv"=c:\windows\system\hpsysdrv.exe [1998-05-07 52736]
    "Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2004-04-14 233472]
    "SiS Windows KeyHook"=C:\WINDOWS\system32\keyhook.exe [2004-05-20 249856]
    "AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2004-06-29 88363]
    "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-04-06 90112]
    "AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2005-04-06 2805248]
    "LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2004-10-08 221184]
    "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]
    "KBD"=C:\HP\KBD\KBD.EXE [2005-02-02 61440]
    "HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
    "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
    "ANIWZCS2Service"=C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [2007-01-19 49152]
    "D-Link D-Link Wireless G DWA-110"=C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe [2007-05-04 1662976]
    "Autoconfigurateur WiFi Neuf"=C:\Program Files\Neuf\Kit\WiFi\9wifi.exe [2008-03-18 287984]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
    "AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-10-26 1234712]
    "c8d26e29"=C:\WINDOWS\system32\tqfakiun.dll []
    "BMcbe15db5"=C:\WINDOWS\system32\emrmncav.dll []

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
    "Acme.PCHButton"=C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\PCHButton.exe [2004-01-01 159744]
    "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acme.PCHButton]
    C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe [2004-01-01 159744]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMcbe15db5]
    C:\WINDOWS\system32\emrmncav.dll []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c8d26e29]
    C:\WINDOWS\system32\tqfakiun.dll []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IziLock]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
    C:\Program Files\Logitech\Video\ManifestEngine.exe [2004-10-08 196608]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
    C:\Program Files\Logitech\Video\ISStart.exe [2004-10-08 458752]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
    C:\Program Files\Logitech\Video\LogiTray.exe [2004-10-08 217088]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
    C:\Program Files\Skype\Phone\Skype.exe [2007-09-13 22880040]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STYLEXP]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\webHancer Survey Companion]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
    C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [1999-11-04 113664]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
    C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe [2005-09-24 450560]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Propriétaire^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk]
    C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [1999-11-04 113664]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Propriétaire^Menu Démarrer^Programmes^Démarrage^DAEMON Tools.lnk]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Propriétaire^Menu Démarrer^Programmes^Démarrage^MSN Pictures Displayer.lnk]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Propriétaire^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.0.lnk]
    []

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="avgrsstx.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2008-06-03 139264]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    C:\WINDOWS\system32\igfxsrvc.dll [2004-08-03 344064]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\jkkKebYq]
    jkkKebYq.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\mlJYpPIB]
    mlJYpPIB.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveAutoRun"=FFFFFFFF
    "NoDriveTypeAutoRun"=36

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=
    "NoDrives"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:HP Software Update Client"
    "C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Messenger"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
    "C:\Program Files\Fichiers communs\Ahead\Nero Web\SetupX.exe"="C:\Program Files\Fichiers communs\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup"
    "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
    "C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "C:\Program Files\World of Warcraft\Repair.exe"="C:\Program Files\World of Warcraft\Repair.exe:*:Enabled:Blizzard Repair Utility"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console"
    "C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
    "C:\Program Files\SFR\Media Center\httpd\httpd.exe"="C:\Program Files\SFR\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.0/255.255.255.0:Enabled:Serveur de partage Media Center (Player SFR)"
    "C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Assistant Transfert de fichiers et de paramètres"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{611de187-7f1e-11db-9f00-00112f21d84e}]
    shell\AutoRun\command - K:\OblivionLauncher.exe


    ======File associations======

    .js - edit - C:\WINDOWS\system32\Notepad.exe %1
    .js - open - C:\WINDOWS\system32\WScript.exe "%1" %*

    ======List of files/folders created in the last 1 months======

    2008-11-11 12:59:15 ----D---- C:\rsit
    2008-11-11 12:32:35 ----A---- C:\Documents and Settings\All Users\Application Data\vlc-0.9.6-win32.exe
    2008-11-11 10:13:40 ----D---- C:\Program Files\DAEMON Tools Lite
    2008-11-11 09:59:52 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\DAEMON Tools
    2008-11-10 22:13:51 ----A---- C:\WINDOWS\OEWABLog.txt
    2008-11-10 19:45:27 ----A---- C:\WINDOWS\system32\xa3624828.exe
    2008-11-10 19:45:26 ----A---- C:\WINDOWS\system32\xa3624218.exe
    2008-11-10 19:40:26 ----A---- C:\WINDOWS\system32\xa3324250.exe
    2008-11-10 19:40:25 ----A---- C:\WINDOWS\system32\xa3322859.exe
    2008-11-02 19:27:26 ----D---- C:\Program Files\Pcsx2_0.9.4
    2008-10-30 21:31:02 ----A---- C:\WINDOWS\system32\psisdecd.dll
    2008-10-30 21:30:59 ----A---- C:\WINDOWS\system32\dxdllreg.exe
    2008-10-30 21:15:11 ----D---- C:\Program Files\Microsoft Games
    2008-10-30 21:01:18 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\Ubisoft
    2008-10-30 21:01:18 ----D---- C:\Documents and Settings\All Users\Application Data\Ubisoft
    2008-10-30 10:54:34 ----D---- C:\Program Files\UnZixWin
    2008-10-30 10:54:22 ----N---- C:\WINDOWS\Setup1.exe
    2008-10-30 10:54:16 ----A---- C:\WINDOWS\ST6UNST.EXE
    2008-10-29 12:03:28 ----A---- C:\WINDOWS\system32\DivXc32f.dll
    2008-10-29 12:03:28 ----A---- C:\WINDOWS\system32\DivXc32.dll
    2008-10-29 12:03:13 ----A---- C:\WINDOWS\system32\xvid.dll
    2008-10-29 12:02:40 ----D---- C:\Program Files\MPEG4 Direct Maker
    2008-10-28 16:19:14 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\XRay Engine
    2008-10-27 13:03:37 ----D---- C:\Program Files\SFR
    2008-10-27 10:16:34 ----HD---- C:\$AVG8.VAULT$
    2008-10-26 21:55:37 ----A---- C:\WINDOWS\system32\avgrsstx.dll
    2008-10-26 21:55:16 ----D---- C:\Program Files\AVG
    2008-10-26 21:55:15 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
    2008-10-24 15:03:05 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\SPORE
    2008-10-23 22:29:06 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
    2008-10-22 16:31:26 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
    2008-10-22 16:31:26 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
    2008-10-22 16:31:25 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
    2008-10-22 16:31:23 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
    2008-10-22 16:31:22 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
    2008-10-22 16:31:22 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
    2008-10-22 16:31:21 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
    2008-10-22 16:31:21 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
    2008-10-22 16:31:20 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
    2008-10-22 16:31:20 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
    2008-10-22 16:31:19 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
    2008-10-22 16:31:19 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
    2008-10-22 16:31:18 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
    2008-10-22 16:30:04 ----D---- C:\WINDOWS\Logs
    2008-10-16 11:59:09 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
    2008-10-16 11:59:03 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
    2008-10-16 11:58:56 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
    2008-10-16 11:57:00 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
    2008-10-16 11:56:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$

    ======List of files/folders modified in the last 1 months======

    2008-11-11 12:59:44 ----D---- C:\WINDOWS\Temp
    2008-11-11 12:59:23 ----D---- C:\WINDOWS\Prefetch
    2008-11-11 11:39:39 ----D---- C:\Program Files\Mozilla Firefox
    2008-11-11 11:36:36 ----D---- C:\WINDOWS\system32\drivers
    2008-11-11 11:36:36 ----D---- C:\WINDOWS\system32
    2008-11-11 11:36:05 ----A---- C:\WINDOWS\SchedLgU.Txt
    2008-11-11 11:34:01 ----AD---- C:\Program Files
    2008-11-11 11:34:00 ----D---- C:\WINDOWS
    2008-11-11 11:23:41 ----RASH---- C:\boot.ini
    2008-11-11 11:23:41 ----A---- C:\WINDOWS\win.ini
    2008-11-11 11:23:41 ----A---- C:\WINDOWS\system.ini
    2008-11-11 10:13:55 ----HD---- C:\WINDOWS\inf
    2008-11-11 10:13:50 ----D---- C:\WINDOWS\system32\CatRoot2
    2008-11-11 09:57:51 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2008-11-11 09:57:25 ----SHD---- C:\RECYCLER
    2008-11-11 09:57:25 ----D---- C:\Documents and Settings
    2008-11-11 09:55:20 ----D---- C:\Program Files\DAEMON Tools
    2008-11-10 22:30:27 ----HD---- C:\WINDOWS\msdownld.tmp
    2008-11-10 22:14:00 ----SHD---- C:\WINDOWS\Installer
    2008-11-10 22:14:00 ----HD---- C:\Config.Msi
    2008-11-10 22:08:37 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2008-11-10 22:07:31 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\Adobe
    2008-11-10 22:02:52 ----D---- C:\WINDOWS\system32\DirectX
    2008-11-10 21:36:50 ----D---- C:\Program Files\Fichiers communs\InstallShield
    2008-11-10 20:48:02 ----D---- C:\Program Files\Spybot - Search & Destroy
    2008-11-10 20:23:43 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\Azureus
    2008-11-10 18:15:12 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
    2008-11-09 22:03:34 ----D---- C:\WINDOWS\WinSxS
    2008-11-09 22:01:25 ----D---- C:\Program Files\Fichiers communs\Adobe
    2008-11-09 21:23:50 ----D---- C:\Program Files\VirtualDub
    2008-11-07 23:33:20 ----A---- C:\WINDOWS\NeroDigital.ini
    2008-11-07 08:21:10 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2008-11-05 01:36:53 ----D---- C:\WINDOWS\Help
    2008-11-04 14:19:09 ----D---- C:\Program Files\Mozilla Thunderbird
    2008-11-03 10:22:47 ----A---- C:\Documents and Settings\All Users\Application Data\vlc-0.9.4-win32.exe
    2008-10-30 21:31:51 ----RSD---- C:\WINDOWS\assembly
    2008-10-30 21:05:38 ----HD---- C:\Program Files\InstallShield Installation Information
    2008-10-26 08:23:47 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
    2008-10-23 22:28:17 ----HD---- C:\WINDOWS\$hf_mig$
    2008-10-22 17:10:50 ----D---- C:\Program Files\eMule
    2008-10-21 17:45:24 ----D---- C:\WINDOWS\Registration
    2008-10-20 15:14:36 ----D---- C:\WINDOWS\Debug
    2008-10-17 18:23:42 ----D---- C:\WINDOWS\system32\wbem
    2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuweb.dll
    2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuaueng.dll
    2008-10-16 14:12:22 ----A---- C:\WINDOWS\system32\wucltui.dll
    2008-10-16 14:12:20 ----A---- C:\WINDOWS\system32\wuapi.dll
    2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wups2.dll
    2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
    2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wuauclt.exe
    2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\cdm.dll
    2008-10-16 14:08:58 ----A---- C:\WINDOWS\system32\wups.dll
    2008-10-16 14:08:06 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
    2008-10-16 14:07:32 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
    2008-10-16 14:06:48 ----A---- C:\WINDOWS\system32\muweb.dll
    2008-10-16 14:06:48 ----A---- C:\WINDOWS\system32\mucltui.dll
    2008-10-16 14:06:40 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
    2008-10-16 11:58:44 ----D---- C:\Program Files\Internet Explorer
    2008-10-15 17:35:43 ----A---- C:\WINDOWS\system32\netapi32.dll

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-10-26 97928]
    R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-10-26 26824]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576]
    R1 SiSkp;SiSkp; C:\WINDOWS\system32\DRIVERS\srvkp.sys [2004-07-17 12160]
    R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-10-01 5632]
    R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]
    R2 ANIO;ANIO Service; \??\C:\WINDOWS\system32\ANIO.SYS []
    R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
    R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-10-22 279712]
    R2 enodpl;enodpl; C:\WINDOWS\System32\drivers\enodpl.sys [2003-03-02 7552]
    R2 ithsgt;ithsgt; C:\WINDOWS\system32\DRIVERS\ithsgt.sys [2006-08-06 162432]
    R2 lilsgt;lilsgt; C:\WINDOWS\system32\DRIVERS\lilsgt.sys [2006-08-06 12032]
    R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-10-22 25888]
    R2 STEC3;STEC3; \??\C:\WINDOWS\system32\STEC3.sys []
    R2 tandpl;tandpl; C:\WINDOWS\System32\drivers\tandpl.sys [2003-04-19 4736]
    R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-06-29 1268204]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-06-03 3100160]
    R3 CamDrL;Logitech QuickCam Pro 3000(CamDrl); C:\WINDOWS\system32\DRIVERS\Camdrl.sys [2004-10-08 326656]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-04-15 2564032]
    R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2004-10-08 22016]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2005-11-19 20096]
    R3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2005-12-12 19072]
    R3 RT73;D-Link USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\Dr71WU.sys [2006-12-21 429440]
    R3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\system32\DRIVERS\R8139n51.SYS [2002-10-04 46976]
    R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    S1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-13 41856]
    S1 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys []
    S3 aomoq8qw;aomoq8qw; C:\WINDOWS\system32\drivers\aomoq8qw.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2006-11-10 10345]
    S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-03-19 51088]
    S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-03-19 16496]
    S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-03-19 21744]
    S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-08-03 730653]
    S3 MBAMDrvService;MBAMDrvService; \??\C:\WINDOWS\system32\drivers\mbam.sys []
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 SiS315;SiS315; C:\WINDOWS\system32\DRIVERS\sisgrp.sys [2004-07-19 218112]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
    S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
    S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
    S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
    S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
    S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 SynasUSB;SynasUSB; C:\WINDOWS\system32\drivers\SynasUSB.sys []
    S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2004-05-05 142976]
    S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-06-03 552960]
    R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-10-26 231704]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
    R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
    R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2007-11-21 66872]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
    R3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
    R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S2 ANIWZCSdService;ANIWZCSd Service; C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe [2007-01-19 49152]
    S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-06-02 593920]
    S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-03-22 72704]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
    S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 268800]
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-12-02 654848]
    S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

    -----------------EOF-----------------

    Et le info.txt :

    info.txt logfile of random's system information tool 1.04 2008-11-11 12:59:47

    ======Uninstall list======

    -->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
    -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
    -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
    -->C:\WINDOWS\UNRecode.exe /UNINSTALL
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{39DA87A1-0B26-4562-A70C-2A6147366E47}\Setup.exe"
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F765BD0-B900-4EDE-A90B-61C8A9E95C42}\Setup.exe"
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAD59025-5B73-4E12-B789-0028C5A573C2}\Setup.exe"
    -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E06E4F4E-72D6-4497-BFFD-BCB43077C2F4}\setup.exe" -l0x40c -uninst
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Ad-Aware SE Plus-->C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Photoshop CS-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c
    Adobe Premiere Elements 4.0 Templates-->msiexec /I {F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}
    Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
    Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
    Agere Systems PCI Soft Modem-->agrsmdel
    ANIO Service-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}\Setup.exe"
    ANIWZCS2 Service-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4C590030-7469-453E-8589-D15DA9D03F52}\Setup.exe"
    Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    ASIO4ALL-->C:\Program Files\ASIO4ALL v2\uninstall.exe
    Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
    ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
    ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x5c3f
    ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:D ISPLAY -clean
    Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
    AusLogics Disk Defrag 1.1-->"C:\Program Files\AusLogics Disk Defrag\unins000.exe"
    AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
    Azureus Vuze-->C:\Program Files\Azureus\uninstall.exe
    Backburner-->MsiExec.exe /I{3D347E6D-5A03-4342-B5BA-6A771885F379}
    Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    Collab-->C:\Program Files\Image-Line\Collab\uninstall.exe
    Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Deckadance-->C:\Program Files\VstPlugins\Deckadance\uninstall.exe
    Desktop-->MsiExec.exe /I{CDEBF9E7-BCEB-43A7-986C-E66377C28ABC}
    Digidesign Pro Tools Documentation 7.3-->C:\Program Files\InstallShield Installation Information\{5369142A-CE72-4516-AF3D-36925016D32F}\setup.exe -runfromtemp -l0x0009 -removeonly
    Digidesign Shared Plug-Ins 7.3-->C:\Program Files\InstallShield Installation Information\{AFE354A5-640F-4A23-94C8-0B441E8967CA}\Setup.exe -runfromtemp -l0x0009 FromUninstall -removeonly
    DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    DivX-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    D-Link Wireless G DWA-110-->C:\Program Files\InstallShield Installation Information\{5F753314-628E-4C13-B8AE-BFA7FD514CBE}\setup.exe -runfromtemp -l0x040c -removeonly
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    Enhanced Multimedia Keyboard Solution-->C:\HP\KBD\Install.exe /u
    FL Studio 8-->C:\Program Files\Image-Line\FL Studio 8\uninstall.exe
    FlashFXP v3-->"C:\Program Files\FlashFXP\Uninstall.exe" "C:\Program Files\FlashFXP\install.log" -u
    Free Bomb Factory Plug-Ins 7.3-->C:\Program Files\InstallShield Installation Information\{82D48AB1-8E7F-4AA5-A5FA-47FA58A48110}\Setup.exe -runfromtemp -l0x0009 FromUninstall -removeonly
    Free Mp3 Wma Converter V 1.7.3-->"C:\Program Files\Free Audio Pack\unins000.exe"
    GdiplusUpgrade-->MsiExec.exe /I{5421155F-B033-49DB-9B33-8F80F233D4D5}
    Gothic III-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}\setup.exe" -l0x40c -removeonly
    Help and Support Additions-->C:\PROGRA~1\HELPAN~1\UNWISE.EXE C:\PROGRA~1\HELPAN~1\INSTALL.LOG
    High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
    HijackThis 2.0.2-->"C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\Rar$EX00.453\HijackThis.exe" /uninstall
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    HP Deskjet Preloaded Printer Drivers-->MsiExec.exe /X{F419D20A-7719-4639-8E30-C073A040D878}
    HP Image Zone 4.2-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
    HP Image Zone Plus 4.2-->C:\Program Files\HP\Digital Imaging\{5E1494D4-3562-4FFB-B35C-600F80F6934C}\setup\hpzscr01.exe -datfile hpdscr01.dat
    HP PSC & OfficeJet 4.2-->"C:\Program Files\HP\Digital Imaging\{A1062847-0846-427A-92A1-BB8251A91E91}\setup\hpzscr01.exe" -datfile hposcr04.dat
    HP Software Update-->MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
    IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe
    InterLok Driver Kit-->MsiExec.exe /X{A15B3CF2-7FB7-4102-BBC9-9680B7F0825F}
    iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
    Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Lame ACM MP3 Codec-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\WINDOWS\INF\LameACM.inf
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Logiciel QuickCam de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x40c
    Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
    Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG
    Logitech VideoCall-->C:\PROGRA~1\Logitech\VIDEOC~1\UNWISE.EXE C:\PROGRA~1\Logitech\VIDEOC~1\INSTALL.LOG
    Macromedia Extension Manager-->MsiExec.exe /I{3C8C9FB3-5FDF-40B4-B314-EAD722728C76}
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Media Player Classic fr-->"C:\Program Files\Media Player Classic\uninstall.exe"
    Messenger Plus! Live & Sponsor (CiD)-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    Mozilla Thunderbird (2.0.0.17)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
    MPEG4 Direct Maker-->C:\PROGRA~1\MPEG4D~1\UNWISE.EXE C:\PROGRA~1\MPEG4D~1\INSTALL.LOG
    MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
    Nero 7 Ultra Edition-->MsiExec.exe /X{CF097717-F174-4144-954A-FBC4BF301036}
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    Neuf - Kit de connexion-->C:\Program Files\Neuf\Kit\uninstall.exe
    Norton Personal Firewall-->MsiExec.exe /I{3BD0196C-6553-460c-A0C4-90D8AE5D60D2}
    Opera 9.26-->MsiExec.exe /X{FB706A00-C234-4716-AB1F-27DCB192C664}
    overland-->MsiExec.exe /I{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}
    Pack Vista Inspirat 2 1.0-->C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe
    PC-Doctor pour Windows-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F7CCFA3-D926-4882-B2A5-A0217ED25597}\Setup.exe"
    PoiZone-->C:\Program Files\Image-Line\PoiZone\uninstall.exe
    Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
    QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
    Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" REMOVE
    SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
    SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
    Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
    SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
    SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
    Samsung PC Studio 3 USB Driver Installer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -l0x40c -removeonly
    Samsung PC Studio 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -l0x40c -removeonly
    Samsung Samples Installer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AC15160-A49B-4A89-B181-D4619C025FFF}\setup.exe" -l0x40c -removeonly
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    SFR - Media Center-->C:\Program Files\SFR\Media Center\uninstall.exe
    Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
    SiS VGA Utilities-->Rundll32 SiSInst.dll,Uninstall VGA,R
    Skype™ 3.5-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
    Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
    Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe"
    Toxic Biohazard-->C:\Program Files\Image-Line\Toxic Biohazard\uninstall.exe
    UnZixWin Extractor-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\UnZixWin\ST6UNST.LOG"
    VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
    VirtualDub 1.6.9 Fr-->C:\Program Files\VirtualDub\UnInstall_VirtualDub.exe
    VLC media player 0.9.2-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    World of Warcraft-->C:\Program Files\Fichiers communs\Blizzard Entertainment\World of Warcraft\Uninstall.exe
    Wow Cartographe 1.07-->C:\Program Files\WowCartographe\uninst.exe

    =====HijackThis Backups=====

    O4 - HKLM\..\Run: [BMcbe15db5] Rundll32.exe "C:\WINDOWS\system32\emrmncav.dll",s
    O4 - HKLM\..\Run: [c8d26e29] rundll32.exe "C:\WINDOWS\system32\tqfakiun.dll",b

    ======Hosts File======

    127.0.0.1 localhost
    ::1 localhost
    91.121.124.125 eu.logon.worldofwarcraft.com
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com

    ======Security center information======

    AV: AVG Anti-Virus Free

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;c:\Python22;C:\Program Files\PC-Doctor for Windows\services;C:\Program Files\Fichiers communs\Autodesk Shared;C:\Program Files\backburner 2;C:\Program Files\Autodesk\backburner;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem;C:\Program Files\Fichiers communs\Adobe\AGL;C:\Program Files\Samsung\Samsung PC Studio 3;C:\Program Files\QuickTime\QTSystem\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 3 Stepping 4, GenuineIntel
    "PROCESSOR_REVISION"=0304
    "NUMBER_OF_PROCESSORS"=2
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

    -----------------EOF-----------------



    Merci :) 
    12 Novembre 2008 00:31:48

    Salut Phomos


    Important Désactive TeaTimer le résident de Spybot :

    - Démarre Spybot clique sur Mode coche Mode avancé
    - A gauche clique sur Outils ==> Résident

    - Décoche la case devant Résident "TeaTimer"



    - Quitte Spybot


    -----

    1) Relance HijackThis (clique droit -> lancer en tant qu'adminstrateur sous Vista), clique sur "do a system scan only", coche ces lignes ( si présentes ) :

    O1 - Hosts: 91.121.124.125 eu.logon.worldofwarcraft.com >> Ne fixe cette ligne que si ce n'est pas toi qui a mis cette ligne dans ton fichier host.
    O2 - BHO: {9713f01e-3b3c-71fa-2364-3a98bb4c5020} - {0205c4bb-89a3-4632-af17-c3b3e10f3179} - (no file)
    O2 - BHO: (no name) - {8EBA3594-FE81-4310-9730-29AFC428DA4D} - (no file)
    O4 - HKLM\..\Run: [c8d26e29] rundll32.exe "C:\WINDOWS\system32\tqfakiun.dll",b
    O4 - HKLM\..\Run: [BMcbe15db5] Rundll32.exe "C:\WINDOWS\system32\emrmncav.dll",s
    O20 - Winlogon Notify: jkkKebYq - jkkKebYq.dll (file missing)
    O20 - Winlogon Notify: mlJYpPIB - mlJYpPIB.dll (file missing)

    Ferme toutes les applications en cours (particulièrement ton navigateur Internet).
    Puis Fix Checked ! N.B : Il est très important de fermer toutes les applications en cours et de se déconnecter d'internet pour fixer avec hijackthis au risque d'interférer avec les résultats de la manip'.

    2) On va maintenant devoir modifier le registre. Modifier le registre peut se révéler être très dangereux, c'est pourquoi nous allons créer une sauvegarde du registre avant d'effectuer nos modifications. Ainsi, en cas de souci, il n'y aura qu'à restaurer.

    Merci de procéder EXACTEMENT comme décrit ci-dessous :

    Télécharge ERUNT
    ( ERUNT = Emergency Recovery Utility NT, c'est un programme gratuit qui te permet de conserver une sauvegarde complète de ta base de registre et de la restaurer quand cela s'avère nécessaire )

  • Installe ERUNT en suivant les instructions suivantes
    ( suis les directives d'installation par défaut, mais dis non quand on te demande d'ajouter ERUNT au startup folder ( dossier start up ), d'autant plus que si tu le souhaites tu pourras ajouter cette option ultérieurement )
  • Lance ERUNT ( soit en double-cliquant sur l'icône présente sur ton bureau soit en choisissant de lancer le programme en fin d'installation )
  • Choisis un emplacement pour la sauvegarde ( l'emplacement par défaut est : C:\WINDOWS\ERDNT ce qui est acceptable ).
  • Assure-toi que les deux premières cases suivantes soient bien cochées !!!
  • Clique sur OK
  • Clique sur YES pour créer le dossier de sauvegarde.
    http://www.geekstogo.com/blog/wp-content/uploads/2008/08/erunt.png

    3) Télécharge OTMoveIt3 (OldTimer). Sauvegarde-le sur ton Bureau.
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    :processes
    explorer.exe

    :services
    aomoq8qw

    :reg
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMcbe15db5]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c8d26e29]
    [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{611de187-7f1e-11db-9f00-00112f21d84e}]

    :files
    C:\WINDOWS\system32\xa3624828.exe
    C:\WINDOWS\system32\xa3624218.exe
    C:\WINDOWS\system32\xa3324250.exe
    C:\WINDOWS\system32\xa3322859.exe

    :commands
    [purity]
    [emptytemp]
    [start explorer]
    [reboot]


    Double clique sur OTMoveIt3.exe afin de le lancer.
    Colle (ou Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
    Clique maintenant sur le bouton MoveIt![/#f] puis ferme OTMoveIt3.

    [#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.[/#f]

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log

    Et poste-moi [#f0000e]un nouveau rapport RSIT
    dans ta prochaine réponse.


    @++
    12 Novembre 2008 18:57:47

    Bonjour :) 

    Voici les scans :

    ========== PROCESSES ==========
    Process explorer.exe killed successfully.
    ========== SERVICES/DRIVERS ==========
    Unable to stop service aomoq8qw .
    ========== REGISTRY ==========
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMcbe15db5\\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c8d26e29\\ deleted successfully.
    Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{611de187-7f1e-11db-9f00-00112f21d84e}\\ deleted successfully.
    ========== FILES ==========
    C:\WINDOWS\system32\xa3624828.exe moved successfully.
    C:\WINDOWS\system32\xa3624218.exe moved successfully.
    C:\WINDOWS\system32\xa3324250.exe moved successfully.
    C:\WINDOWS\system32\xa3322859.exe moved successfully.
    ========== COMMANDS ==========
    File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\etilqs_x4xTbEmfwAeGJpEeezmb scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\~DF2921.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\~DFC5C4.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\~DFC5E2.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\~DFDBB5.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\~DFDBC2.tmp scheduled to be deleted on reboot.
    User's Temp folder emptied.
    User's Temporary Internet Files folder emptied.
    User's Internet Explorer cache folder emptied.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
    Local Service Temp folder emptied.
    Local Service Temporary Internet Files folder emptied.
    Windows Temp folder emptied.
    Java cache emptied.
    File delete failed. C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\6cpvfagq.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\6cpvfagq.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\6cpvfagq.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\6cpvfagq.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\6cpvfagq.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\6cpvfagq.default\XUL.mfl scheduled to be deleted on reboot.
    FireFox cache emptied.
    Temp folders emptied.
    Explorer started successfully

    OTMoveIt3 by OldTimer - Version 1.0.7.0 log created on 11122008_185151

    Files moved on Reboot...
    File C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\etilqs_x4xTbEmfwAeGJpEeezmb not found!
    C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\~DF2921.tmp moved successfully.
    File C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\~DFC5C4.tmp not found!
    File C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\~DFC5E2.tmp not found!
    File C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\~DFDBB5.tmp not found!
    File C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\~DFDBC2.tmp not found!
    File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be moved on reboot.
    File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be moved on reboot.
    File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be moved on reboot.
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\6cpvfagq.default\Cache\_CACHE_001_ moved successfully.
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\6cpvfagq.default\Cache\_CACHE_002_ moved successfully.
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\6cpvfagq.default\Cache\_CACHE_003_ moved successfully.
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\6cpvfagq.default\Cache\_CACHE_MAP_ moved successfully.
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\6cpvfagq.default\urlclassifier3.sqlite moved successfully.
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla\Firefox\Profiles\6cpvfagq.default\XUL.mfl moved successfully.


    Le scan RSIT :


    Logfile of random's system information tool 1.04 (written by random/random)
    Run by HP_Propriétaire at 2008-11-12 18:57:26
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 20 GB (11%) free of 185 GB
    Total RAM: 1023 MB (49% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:57:45, on 12/11/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\WINDOWS\notepad.exe
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\system32\keyhook.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\ALCWZRD.EXE
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
    C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
    C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\PCHButton.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\Documents and Settings\HP_Propriétaire\Bureau\RSIT.exe
    C:\Program Files\trend micro\HP_Propriétaire.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWA-110] C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
    O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] "C:\Program Files\Neuf\Kit\WiFi\9wifi.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\PCHButton.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/Install...
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.1.2.76.ca...
    O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_P...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267....
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: avgrsstx.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

    --
    End of file - 10879 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\Nettoyage de disque.job
    C:\WINDOWS\tasks\Symantec NetDetect.job
    C:\WINDOWS\tasks\Synchroniser.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
    AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-10-26 455960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}]
    FlashFXP Helper for Internet Explorer - C:\PROGRA~1\FlashFXP\IEFlash.dll [2007-05-16 191096]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "hpsysdrv"=c:\windows\system\hpsysdrv.exe [1998-05-07 52736]
    "Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2004-04-14 233472]
    "SiS Windows KeyHook"=C:\WINDOWS\system32\keyhook.exe [2004-05-20 249856]
    "AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2004-06-29 88363]
    "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-04-06 90112]
    "AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2005-04-06 2805248]
    "LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2004-10-08 221184]
    "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]
    "KBD"=C:\HP\KBD\KBD.EXE [2005-02-02 61440]
    "HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
    "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
    "ANIWZCS2Service"=C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [2007-01-19 49152]
    "D-Link D-Link Wireless G DWA-110"=C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe [2007-05-04 1662976]
    "Autoconfigurateur WiFi Neuf"=C:\Program Files\Neuf\Kit\WiFi\9wifi.exe [2008-03-18 287984]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
    "AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-10-26 1234712]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
    "Acme.PCHButton"=C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\PCHButton.exe [2004-01-01 159744]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acme.PCHButton]
    C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe [2004-01-01 159744]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IziLock]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
    C:\Program Files\Logitech\Video\ManifestEngine.exe [2004-10-08 196608]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
    C:\Program Files\Logitech\Video\ISStart.exe [2004-10-08 458752]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
    C:\Program Files\Logitech\Video\LogiTray.exe [2004-10-08 217088]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
    C:\Program Files\Skype\Phone\Skype.exe [2007-09-13 22880040]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STYLEXP]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\webHancer Survey Companion]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
    C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [1999-11-04 113664]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
    C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe [2005-09-24 450560]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Propriétaire^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk]
    C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [1999-11-04 113664]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Propriétaire^Menu Démarrer^Programmes^Démarrage^DAEMON Tools.lnk]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Propriétaire^Menu Démarrer^Programmes^Démarrage^MSN Pictures Displayer.lnk]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Propriétaire^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.0.lnk]
    []

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="avgrsstx.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2008-06-03 139264]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    C:\WINDOWS\system32\igfxsrvc.dll [2004-08-03 344064]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveAutoRun"=FFFFFFFF
    "NoDriveTypeAutoRun"=36

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=
    "NoDrives"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:HP Software Update Client"
    "C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Messenger"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
    "C:\Program Files\Fichiers communs\Ahead\Nero Web\SetupX.exe"="C:\Program Files\Fichiers communs\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup"
    "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
    "C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "C:\Program Files\World of Warcraft\Repair.exe"="C:\Program Files\World of Warcraft\Repair.exe:*:Enabled:Blizzard Repair Utility"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console"
    "C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
    "C:\Program Files\SFR\Media Center\httpd\httpd.exe"="C:\Program Files\SFR\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.0/255.255.255.0:Enabled:Serveur de partage Media Center (Player SFR)"
    "C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Assistant Transfert de fichiers et de paramètres"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    ======File associations======

    .js - edit - C:\WINDOWS\system32\Notepad.exe %1
    .js - open - C:\WINDOWS\system32\WScript.exe "%1" %*

    ======List of files/folders created in the last 1 months======

    2008-11-12 18:57:26 ----D---- C:\Program Files\trend micro
    2008-11-12 18:51:51 ----D---- C:\_OTMoveIt
    2008-11-12 18:50:05 ----D---- C:\WINDOWS\ERDNT
    2008-11-12 18:49:18 ----D---- C:\Program Files\ERUNT
    2008-11-12 18:03:32 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
    2008-11-12 18:02:54 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
    2008-11-12 18:02:14 ----A---- C:\WINDOWS\imsins.BAK
    2008-11-12 18:02:10 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
    2008-11-11 15:40:05 ----D---- C:\Program Files\DAEMON Tools Lite
    2008-11-11 15:40:05 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\DAEMON Tools
    2008-11-11 15:38:48 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\Ubisoft
    2008-11-11 15:38:48 ----D---- C:\Documents and Settings\All Users\Application Data\Ubisoft
    2008-11-11 12:59:15 ----D---- C:\rsit
    2008-11-11 12:32:35 ----A---- C:\Documents and Settings\All Users\Application Data\vlc-0.9.6-win32.exe
    2008-11-10 22:13:51 ----A---- C:\WINDOWS\OEWABLog.txt
    2008-11-02 19:27:26 ----D---- C:\Program Files\Pcsx2_0.9.4
    2008-10-30 21:31:02 ----A---- C:\WINDOWS\system32\psisdecd.dll
    2008-10-30 21:30:59 ----A---- C:\WINDOWS\system32\dxdllreg.exe
    2008-10-30 21:15:11 ----D---- C:\Program Files\Microsoft Games
    2008-10-30 10:54:34 ----D---- C:\Program Files\UnZixWin
    2008-10-30 10:54:22 ----N---- C:\WINDOWS\Setup1.exe
    2008-10-30 10:54:16 ----A---- C:\WINDOWS\ST6UNST.EXE
    2008-10-29 12:03:28 ----A---- C:\WINDOWS\system32\DivXc32f.dll
    2008-10-29 12:03:28 ----A---- C:\WINDOWS\system32\DivXc32.dll
    2008-10-29 12:03:13 ----A---- C:\WINDOWS\system32\xvid.dll
    2008-10-29 12:02:40 ----D---- C:\Program Files\MPEG4 Direct Maker
    2008-10-28 16:19:14 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\XRay Engine
    2008-10-27 13:03:37 ----D---- C:\Program Files\SFR
    2008-10-27 10:16:34 ----HD---- C:\$AVG8.VAULT$
    2008-10-26 21:55:37 ----A---- C:\WINDOWS\system32\avgrsstx.dll
    2008-10-26 21:55:16 ----D---- C:\Program Files\AVG
    2008-10-26 21:55:15 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
    2008-10-24 15:03:05 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\SPORE
    2008-10-23 22:29:06 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
    2008-10-22 16:31:26 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
    2008-10-22 16:31:26 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
    2008-10-22 16:31:25 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
    2008-10-22 16:31:23 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
    2008-10-22 16:31:22 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
    2008-10-22 16:31:22 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
    2008-10-22 16:31:21 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
    2008-10-22 16:31:21 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
    2008-10-22 16:31:20 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
    2008-10-22 16:31:20 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
    2008-10-22 16:31:19 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
    2008-10-22 16:31:19 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
    2008-10-22 16:31:18 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
    2008-10-22 16:30:04 ----D---- C:\WINDOWS\Logs
    2008-10-16 11:59:09 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
    2008-10-16 11:59:03 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
    2008-10-16 11:58:56 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
    2008-10-16 11:57:00 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
    2008-10-16 11:56:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$

    ======List of files/folders modified in the last 1 months======

    2008-11-12 18:57:45 ----D---- C:\WINDOWS\Temp
    2008-11-12 18:57:26 ----AD---- C:\Program Files
    2008-11-12 18:55:47 ----D---- C:\WINDOWS\Prefetch
    2008-11-12 18:55:46 ----D---- C:\Program Files\Mozilla Firefox
    2008-11-12 18:53:08 ----A---- C:\WINDOWS\SchedLgU.Txt
    2008-11-12 18:51:51 ----D---- C:\WINDOWS\system32
    2008-11-12 18:50:05 ----D---- C:\WINDOWS
    2008-11-12 18:03:40 ----D---- C:\WINDOWS\Debug
    2008-11-12 18:03:35 ----HD---- C:\WINDOWS\inf
    2008-11-12 18:03:34 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2008-11-12 18:03:34 ----D---- C:\WINDOWS\system32\drivers
    2008-11-12 18:03:31 ----HD---- C:\WINDOWS\$hf_mig$
    2008-11-12 18:03:28 ----HD---- C:\Config.Msi
    2008-11-12 18:03:26 ----SHD---- C:\WINDOWS\Installer
    2008-11-12 18:01:24 ----D---- C:\WINDOWS\WinSxS
    2008-11-12 07:39:01 ----D---- C:\WINDOWS\system32\CatRoot2
    2008-11-12 07:35:35 ----D---- C:\Program Files\Fichiers communs\Blizzard Entertainment
    2008-11-11 22:38:18 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2008-11-11 22:26:21 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\Adobe
    2008-11-11 15:40:03 ----SHD---- C:\RECYCLER
    2008-11-11 15:38:43 ----HD---- C:\Program Files\InstallShield Installation Information
    2008-11-11 15:38:25 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\Azureus
    2008-11-11 15:38:16 ----D---- C:\WINDOWS\system32\DirectX
    2008-11-11 15:37:17 ----D---- C:\Program Files\Mozilla Thunderbird
    2008-11-11 15:32:50 ----D---- C:\Program Files\Fichiers communs\Adobe
    2008-11-11 15:32:34 ----D---- C:\Program Files\DAEMON Tools
    2008-11-11 15:32:32 ----D---- C:\Program Files\Spybot - Search & Destroy
    2008-11-11 15:32:23 ----HD---- C:\WINDOWS\msdownld.tmp
    2008-11-11 15:32:23 ----D---- C:\Program Files\Fichiers communs\InstallShield
    2008-11-11 15:32:09 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2008-11-11 15:30:39 ----D---- C:\WINDOWS\system32\Restore
    2008-11-11 14:44:00 ----A---- C:\WINDOWS\NeroDigital.ini
    2008-11-11 11:23:41 ----RASH---- C:\boot.ini
    2008-11-11 11:23:41 ----A---- C:\WINDOWS\win.ini
    2008-11-11 11:23:41 ----A---- C:\WINDOWS\system.ini
    2008-11-11 09:57:25 ----D---- C:\Documents and Settings
    2008-11-10 18:15:12 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
    2008-11-09 21:23:50 ----D---- C:\Program Files\VirtualDub
    2008-11-05 01:36:53 ----D---- C:\WINDOWS\Help
    2008-11-04 01:10:25 ----A---- C:\WINDOWS\system32\MRT.exe
    2008-11-03 10:22:47 ----A---- C:\Documents and Settings\All Users\Application Data\vlc-0.9.4-win32.exe
    2008-10-30 21:31:51 ----RSD---- C:\WINDOWS\assembly
    2008-10-26 08:23:47 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
    2008-10-22 17:10:50 ----D---- C:\Program Files\eMule
    2008-10-21 17:45:24 ----D---- C:\WINDOWS\Registration
    2008-10-17 18:23:42 ----D---- C:\WINDOWS\system32\wbem
    2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuweb.dll
    2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuaueng.dll
    2008-10-16 14:12:22 ----A---- C:\WINDOWS\system32\wucltui.dll
    2008-10-16 14:12:20 ----A---- C:\WINDOWS\system32\wuapi.dll
    2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wups2.dll
    2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
    2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wuauclt.exe
    2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\cdm.dll
    2008-10-16 14:08:58 ----A---- C:\WINDOWS\system32\wups.dll
    2008-10-16 14:08:06 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
    2008-10-16 14:07:32 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
    2008-10-16 14:06:48 ----A---- C:\WINDOWS\system32\muweb.dll
    2008-10-16 14:06:48 ----A---- C:\WINDOWS\system32\mucltui.dll
    2008-10-16 14:06:40 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
    2008-10-16 11:58:44 ----D---- C:\Program Files\Internet Explorer
    2008-10-15 17:35:43 ----A---- C:\WINDOWS\system32\netapi32.dll

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-10-26 97928]
    R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-10-26 26824]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576]
    R1 SiSkp;SiSkp; C:\WINDOWS\system32\DRIVERS\srvkp.sys [2004-07-17 12160]
    R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-10-01 5632]
    R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]
    R2 ANIO;ANIO Service; \??\C:\WINDOWS\system32\ANIO.SYS []
    R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
    R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-10-22 279712]
    R2 enodpl;enodpl; C:\WINDOWS\System32\drivers\enodpl.sys [2003-03-02 7552]
    R2 ithsgt;ithsgt; C:\WINDOWS\system32\DRIVERS\ithsgt.sys [2006-08-06 162432]
    R2 lilsgt;lilsgt; C:\WINDOWS\system32\DRIVERS\lilsgt.sys [2006-08-06 12032]
    R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-10-22 25888]
    R2 STEC3;STEC3; \??\C:\WINDOWS\system32\STEC3.sys []
    R2 tandpl;tandpl; C:\WINDOWS\System32\drivers\tandpl.sys [2003-04-19 4736]
    R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-06-29 1268204]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-06-03 3100160]
    R3 CamDrL;Logitech QuickCam Pro 3000(CamDrl); C:\WINDOWS\system32\DRIVERS\Camdrl.sys [2004-10-08 326656]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
    R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-04-15 2564032]
    R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2004-10-08 22016]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2005-11-19 20096]
    R3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2005-12-12 19072]
    R3 RT73;D-Link USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\Dr71WU.sys [2006-12-21 429440]
    R3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\system32\DRIVERS\R8139n51.SYS [2002-10-04 46976]
    R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    S1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-13 41856]
    S1 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2006-11-10 10345]
    S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-03-19 51088]
    S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-03-19 16496]
    S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-03-19 21744]
    S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-08-03 730653]
    S3 MBAMDrvService;MBAMDrvService; \??\C:\WINDOWS\system32\drivers\mbam.sys []
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 SiS315;SiS315; C:\WINDOWS\system32\DRIVERS\sisgrp.sys [2004-07-19 218112]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
    S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
    S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
    S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
    S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
    S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 SynasUSB;SynasUSB; C:\WINDOWS\system32\drivers\SynasUSB.sys []
    S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2004-05-05 142976]
    S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-06-03 552960]
    R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-10-26 231704]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
    R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
    R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2007-11-21 66872]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
    R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
    R3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
    S2 ANIWZCSdService;ANIWZCSd Service; C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe [2007-01-19 49152]
    S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-06-02 593920]
    S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-03-22 72704]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
    S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 268800]
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-12-02 654848]
    S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

    -----------------EOF-----------------


    Merci :) 
    13 Novembre 2008 04:07:16

    Salut Phomos


    Important : Désactive toute protection résidente ! (Antivirus, antispywares) :
    http://forum.pcastuces.com/desactiver_les_protections_r...


    Télécharge Lop S&D sur ton bureau ici :

    http://eric.71.mespages.googlepages.com/LopSD.exe


    - Double clique sur LopSD.exe qui est sur le bureau pour lancer l'installation

    - Double clique sur le raccourci Lop S&D créé sur ton Bureau

    - Sélectionne la langue souhaitée et choisis l'option 1 (Recherche)

    - Poste le rapport (C:\lopR.txt) dans ton prochain poste

    Note : Si le bureau ne réapparaît pas appuis sur Ctrl + Alt + Suppr , le gestionnaire des tâche apparaît. Dans le haut clique sur Fichier/Nouvelle tâche, tape explorer.exe et OK pour valider

    Tutoriel : http://www.malekal.com/tutorial_Lop_SD.php


    @++
    13 Novembre 2008 18:13:47

    --------------------\\ Lop S&D 4.2.4-9c XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
    BIOS : BIOS Date: 07/05/04 14:10:38 Ver: 08.00.10
    USER : HP_Propriétaire ( Administrator )
    BOOT : Normal boot
    Antivirus : AVG Anti-Virus Free 8.0 (Activated)
    C:\ (Local Disk) - NTFS - Total:181 Go (Free:19 Go)
    D:\ (Local Disk) - FAT32 - Total:5 Go (Free:0 Go)
    E:\ (CD or DVD)
    F:\ (CD or DVD)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (USB)

    "C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
    Option : [1] ( 13/11/2008|18:09 )

    --------------------\\ Listing folders in APPLIC~1

    [07/10/2008|09:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    [11/11/2008|22:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [22/03/2006|14:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
    [17/11/2007|20:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [07/07/2007|19:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [03/06/2007|13:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [19/06/2008|16:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ATI
    [15/02/2007|16:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
    [26/10/2008|21:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
    [31/03/2008|19:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESTsoft
    [03/04/2008|19:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FlashFXP
    [02/12/2007|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
    [13/11/2008|13:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [01/01/2004|15:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
    [03/02/2008|19:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [01/01/2004|17:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
    [07/10/2005|15:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Anti-Virus Personal Pro
    [31/10/2005|16:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia
    [22/03/2006|23:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
    [21/06/2008|18:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [13/08/2006|20:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [12/08/2008|16:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [01/01/2004|17:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
    [17/11/2007|20:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
    [12/08/2008|16:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PACE Anti-Piracy
    [17/03/2006|10:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
    [24/09/2005|17:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [07/09/2005|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Raxco
    [01/01/2004|14:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [18/10/2007|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
    [12/08/2008|17:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [03/09/2005|19:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [12/08/2008|19:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Syncrosoft
    [10/07/2008|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [11/11/2008|15:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ubisoft
    [28/06/2006|08:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [04/07/2007|09:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
    [06/03/2008|22:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

    [01/01/2004|17:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Apple Computer
    [01/01/2004|14:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [01/01/2004|17:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intervideo
    [01/01/2004|14:09] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [01/01/2004|18:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\SampleView
    [01/01/2004|15:07] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
    [01/01/2004|21:04] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec


    [26/01/2007|17:27] C:\DOCUME~1\HP_PRO~2\APPLIC~1\Macromedia

    [30/05/2006|13:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\.ABC
    [11/11/2008|22:26] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Adobe
    [19/01/2007|18:11] C:\DOCUME~1\HP_PRO~1\APPLIC~1\AdobeUM
    [03/03/2008|23:06] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Ahead
    [18/10/2005|18:28] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Apple Computer
    [02/12/2005|00:00] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Atari
    [08/08/2007|09:54] C:\DOCUME~1\HP_PRO~1\APPLIC~1\ATI
    [11/11/2008|15:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Azureus
    [17/11/2007|15:42] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Bioshock
    [10/12/2006|16:33] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Bitdefender
    [12/11/2007|20:03] C:\DOCUME~1\HP_PRO~1\APPLIC~1\BitTorrent
    [11/11/2008|15:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\DAEMON Tools
    [31/08/2008|22:04] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Deckadance
    [28/10/2007|23:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\dvdcss
    [28/05/2006|16:15] C:\DOCUME~1\HP_PRO~1\APPLIC~1\EAST Technologies
    [12/02/2006|19:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\ESTsoft
    [03/04/2008|19:19] C:\DOCUME~1\HP_PRO~1\APPLIC~1\FileZilla
    [24/09/2005|17:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\FotoWire
    [12/08/2008|11:01] C:\DOCUME~1\HP_PRO~1\APPLIC~1\gnupg
    [07/01/2006|18:16] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Google
    [09/09/2005|18:10] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Help
    [01/01/2004|14:06] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Identities
    [07/08/2008|20:51] C:\DOCUME~1\HP_PRO~1\APPLIC~1\InstallShield
    [29/08/2005|10:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Intervideo
    [29/11/2006|13:40] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Lavasoft
    [29/08/2005|10:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Leadertech
    [15/06/2006|23:00] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Lionhead Studios
    [12/10/2005|19:24] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Macromedia
    [21/06/2008|18:06] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Malwarebytes
    [20/04/2006|13:32] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Media Player Classic
    [06/11/2007|15:55] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft
    [29/03/2007|16:44] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Microsoft Web Folders
    [15/04/2006|15:18] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Motive
    [21/06/2008|17:24] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Mozilla
    [04/09/2005|17:29] C:\DOCUME~1\HP_PRO~1\APPLIC~1\MSNInstaller
    [08/11/2007|19:28] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Nero
    [27/06/2007|22:22] C:\DOCUME~1\HP_PRO~1\APPLIC~1\OpenOffice.org2
    [23/09/2006|08:58] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Opera
    [12/08/2008|16:06] C:\DOCUME~1\HP_PRO~1\APPLIC~1\PACE Anti-Piracy
    [11/01/2007|17:28] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Real
    [01/01/2004|18:12] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SampleView
    [16/01/2008|19:53] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Samsung
    [06/05/2007|17:03] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Screenshot Sender
    [04/04/2007|12:43] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SecuROM
    [03/12/2007|23:15] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Skype
    [29/08/2005|10:45] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sonic
    [06/06/2007|21:30] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SpaceTime 3D
    [25/10/2008|19:56] C:\DOCUME~1\HP_PRO~1\APPLIC~1\SPORE
    [12/08/2008|21:11] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Steinberg
    [20/02/2007|19:23] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Styler
    [01/01/2004|15:07] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Sun
    [01/01/2004|21:04] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Symantec
    [09/01/2006|16:30] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Syntrillium
    [13/11/2007|21:55] C:\DOCUME~1\HP_PRO~1\APPLIC~1\teamspeak2
    [07/09/2005|12:43] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Thunderbird
    [13/08/2008|08:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\TmpRecentIcons
    [11/11/2008|15:38] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Ubisoft
    [08/09/2005|08:36] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Visicom Media
    [21/09/2008|12:08] C:\DOCUME~1\HP_PRO~1\APPLIC~1\vlc
    [16/01/2008|22:01] C:\DOCUME~1\HP_PRO~1\APPLIC~1\Vso
    [20/04/2006|14:13] C:\DOCUME~1\HP_PRO~1\APPLIC~1\XnView
    [28/10/2008|16:19] C:\DOCUME~1\HP_PRO~1\APPLIC~1\XRay Engine


    [12/10/2005|21:22] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
    [26/10/2008|21:52] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [26/10/2008|21:52] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    --------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

    [08/11/2008 17:47][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [12/11/2008 19:00][--a------] C:\WINDOWS\tasks\Synchroniser.job
    [13/11/2008 07:51][--a------] C:\WINDOWS\tasks\Nettoyage de disque.job
    [05/08/2004 11:00][-rah-----] C:\WINDOWS\tasks\desktop.ini
    [03/09/2005 13:57][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job
    [13/11/2008 07:51][--ah-----] C:\WINDOWS\tasks\SA.DAT

    --------------------\\ Listing Folders in C:\Program Files

    [14/08/2008|11:24] C:\Program Files\Adobe
    [28/12/2006|16:29] C:\Program Files\Alwil Software
    [07/08/2008|20:52] C:\Program Files\ANI
    [07/10/2008|09:33] C:\Program Files\Apple Software Update
    [13/08/2008|11:04] C:\Program Files\ASIO4ALL v2
    [19/06/2008|16:16] C:\Program Files\ATI Technologies
    [13/08/2008|16:11] C:\Program Files\Audacity
    [23/07/2007|18:50] C:\Program Files\AusLogics Disk Defrag
    [26/10/2008|21:55] C:\Program Files\AVG
    [15/06/2007|19:05] C:\Program Files\AviSynth 2.5
    [12/12/2005|17:36] C:\Program Files\Axon Data
    [12/07/2008|22:02] C:\Program Files\Azureus
    [16/10/2005|09:16] C:\Program Files\backburner 2
    [12/11/2007|23:25] C:\Program Files\BitTorrent
    [07/10/2008|09:36] C:\Program Files\Bonjour
    [28/09/2008|20:30] C:\Program Files\Boonty
    [28/09/2008|20:36] C:\Program Files\BoontyGames
    [05/05/2008|22:43] C:\Program Files\Capturino 1.4
    [21/10/2006|08:42] C:\Program Files\CCleaner
    [10/03/2008|21:51] C:\Program Files\Codemasters
    [03/09/2005|14:27] C:\Program Files\Common Files
    [11/11/2008|15:32] C:\Program Files\DAEMON Tools
    [11/11/2008|15:40] C:\Program Files\DAEMON Tools Lite
    [21/03/2008|23:24] C:\Program Files\Desktop
    [12/08/2008|16:24] C:\Program Files\Digidesign
    [01/10/2005|18:18] C:\Program Files\Digital Flash Player
    [09/12/2007|18:10] C:\Program Files\directx
    [02/02/2008|17:14] C:\Program Files\DivX
    [07/08/2008|20:51] C:\Program Files\D-Link
    [03/09/2005|14:04] C:\Program Files\Easy Internet signup
    [22/06/2008|09:41] C:\Program Files\Elaborate Bytes
    [22/10/2008|17:10] C:\Program Files\eMule
    [12/11/2008|18:49] C:\Program Files\ERUNT
    [31/03/2008|19:37] C:\Program Files\ESTsoft
    [12/08/2008|21:06] C:\Program Files\Fichiers communs
    [03/04/2008|21:54] C:\Program Files\FlashFXP
    [13/08/2008|15:16] C:\Program Files\Free Audio Pack
    [23/06/2008|11:39] C:\Program Files\Gameforge4D
    [13/11/2008|13:08] C:\Program Files\Google
    [11/08/2008|20:54] C:\Program Files\Gothic III
    [01/01/2004|17:57] C:\Program Files\Help and Support Additions
    [01/01/2004|15:51] C:\Program Files\Hewlett-Packard
    [05/05/2008|22:48] C:\Program Files\Hijackthis Version Fran‡aise
    [19/08/2006|17:16] C:\Program Files\HP
    [31/08/2008|22:03] C:\Program Files\Image-Line
    [11/11/2008|15:38] C:\Program Files\InstallShield Installation Information
    [12/08/2008|16:08] C:\Program Files\InterLok
    [16/10/2008|11:58] C:\Program Files\Internet Explorer
    [07/10/2008|09:38] C:\Program Files\iPod
    [07/10/2008|09:39] C:\Program Files\iTunes
    [09/07/2008|09:32] C:\Program Files\Java
    [12/06/2008|09:28] C:\Program Files\KONAMI
    [29/11/2006|13:40] C:\Program Files\Lavasoft
    [06/09/2007|15:09] C:\Program Files\Logitech
    [30/06/2008|09:16] C:\Program Files\MAIET
    [11/11/2008|15:32] C:\Program Files\Malwarebytes' Anti-Malware
    [20/04/2006|13:32] C:\Program Files\Media Player Classic
    [15/08/2008|07:16] C:\Program Files\Messenger
    [11/09/2008|06:03] C:\Program Files\Messenger Plus! Live
    [04/07/2007|15:10] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [15/12/2005|19:00] C:\Program Files\microsoft frontpage
    [30/10/2008|21:15] C:\Program Files\Microsoft Games
    [31/03/2007|22:52] C:\Program Files\Microsoft Office
    [31/03/2007|22:52] C:\Program Files\Microsoft Visual Studio
    [04/07/2007|15:15] C:\Program Files\Microsoft Works
    [31/03/2007|22:52] C:\Program Files\Microsoft.NET
    [12/08/2008|17:17] C:\Program Files\Movie Maker
    [13/11/2008|18:07] C:\Program Files\Mozilla Firefox
    [11/11/2008|15:37] C:\Program Files\Mozilla Thunderbird
    [11/11/2008|15:38] C:\Program Files\MPEG4 Direct Maker
    [20/05/2008|22:32] C:\Program Files\msn
    [01/01/2004|14:03] C:\Program Files\MSN Gaming Zone
    [03/04/2008|07:50] C:\Program Files\MSN Messenger
    [15/08/2007|12:25] C:\Program Files\MSXML 4.0
    [03/12/2007|00:05] C:\Program Files\MSXML 6.0
    [17/11/2007|20:49] C:\Program Files\Nero
    [20/05/2008|22:28] C:\Program Files\NetMeeting
    [21/07/2008|18:23] C:\Program Files\Neuf
    [27/06/2007|22:34] C:\Program Files\OpenOffice.org 2.2
    [10/10/2008|13:03] C:\Program Files\Opera
    [12/08/2008|17:17] C:\Program Files\Outlook Express
    [13/08/2008|08:16] C:\Program Files\Outsim
    [25/08/2006|20:49] C:\Program Files\Overland
    [01/01/2004|17:58] C:\Program Files\PC-Doctor for Windows
    [11/11/2008|15:39] C:\Program Files\Pcsx2_0.9.4
    [07/10/2008|09:36] C:\Program Files\QuickTime
    [04/09/2005|18:50] C:\Program Files\Realtek
    [16/01/2008|10:54] C:\Program Files\Samsung
    [20/11/2007|12:11] C:\Program Files\Sega
    [27/10/2008|13:03] C:\Program Files\SFR
    [02/01/2004|06:00] C:\Program Files\SiS VGA Utilities V3.59e
    [18/10/2007|17:51] C:\Program Files\Skype
    [11/11/2008|15:32] C:\Program Files\Spybot - Search & Destroy
    [12/08/2008|19:55] C:\Program Files\Steinberg
    [05/09/2005|17:42] C:\Program Files\TGTSoft
    [20/02/2007|21:14] C:\Program Files\ToniArts
    [12/11/2008|18:57] C:\Program Files\trend micro
    [19/02/2008|19:48] C:\Program Files\TurnTool
    [01/01/2004|14:09] C:\Program Files\Uninstall Information
    [11/11/2008|15:38] C:\Program Files\UnZixWin
    [20/02/2007|18:58] C:\Program Files\UxTheme Multipatcher Fr
    [15/09/2008|21:19] C:\Program Files\VideoLAN
    [09/11/2008|21:23] C:\Program Files\VirtualDub
    [31/08/2008|22:02] C:\Program Files\VstPlugins
    [05/05/2008|22:46] C:\Program Files\WinAVI Video Converter
    [04/07/2007|09:48] C:\Program Files\Windows Live
    [18/04/2007|17:05] C:\Program Files\Windows Media Connect 2
    [20/05/2008|22:28] C:\Program Files\Windows Media Player
    [20/05/2008|22:28] C:\Program Files\Windows NT
    [12/08/2008|16:06] C:\Program Files\WindowsUpdate
    [19/06/2006|13:32] C:\Program Files\WinRAR
    [11/07/2008|20:53] C:\Program Files\World of Warcraft
    [11/07/2008|13:14] C:\Program Files\WowCartographe
    [01/01/2004|14:06] C:\Program Files\xerox

    --------------------\\ Listing Folders in C:\Program Files\Fichiers communs

    [11/11/2008|15:32] C:\Program Files\Fichiers communs\Adobe
    [22/03/2006|13:04] C:\Program Files\Fichiers communs\Adobe Systems Shared
    [17/11/2007|20:51] C:\Program Files\Fichiers communs\Ahead
    [07/10/2008|09:35] C:\Program Files\Fichiers communs\Apple
    [15/02/2007|16:32] C:\Program Files\Fichiers communs\Autodesk Shared
    [16/10/2006|18:37] C:\Program Files\Fichiers communs\AVSMedia
    [12/11/2008|07:35] C:\Program Files\Fichiers communs\Blizzard Entertainment
    [31/03/2007|22:52] C:\Program Files\Fichiers communs\DESIGNER
    [12/08/2008|16:22] C:\Program Files\Fichiers communs\Digidesign
    [27/09/2006|13:56] C:\Program Files\Fichiers communs\DirectX
    [24/09/2005|17:07] C:\Program Files\Fichiers communs\FotoWire
    [01/01/2004|15:41] C:\Program Files\Fichiers communs\Hewlett-Packard
    [28/10/2005|09:30] C:\Program Files\Fichiers communs\HP
    [11/11/2008|15:32] C:\Program Files\Fichiers communs\InstallShield
    [22/06/2008|19:10] C:\Program Files\Fichiers communs\Java
    [08/09/2005|07:44] C:\Program Files\Fichiers communs\Kaspersky Lab
    [16/10/2005|10:26] C:\Program Files\Fichiers communs\LHSPF
    [24/09/2005|17:06] C:\Program Files\Fichiers communs\Logitech
    [31/10/2005|16:41] C:\Program Files\Fichiers communs\Macromedia
    [02/12/2007|15:27] C:\Program Files\Fichiers communs\Macrovision Shared
    [16/10/2006|18:39] C:\Program Files\Fichiers communs\MAGIX Shared
    [12/08/2008|16:06] C:\Program Files\Fichiers communs\Microsoft Shared
    [03/09/2005|14:27] C:\Program Files\Fichiers communs\Motive
    [01/01/2004|14:04] C:\Program Files\Fichiers communs\MSSoap
    [01/01/2004|14:59] C:\Program Files\Fichiers communs\ODBC
    [12/08/2008|16:06] C:\Program Files\Fichiers communs\PACE Anti-Piracy
    [11/01/2007|17:28] C:\Program Files\Fichiers communs\Real
    [29/08/2005|18:15] C:\Program Files\Fichiers communs\Services
    [18/10/2007|17:51] C:\Program Files\Fichiers communs\Skype
    [11/12/2006|17:34] C:\Program Files\Fichiers communs\Softwin
    [01/01/2004|14:59] C:\Program Files\Fichiers communs\SpeechEngines
    [12/08/2008|21:06] C:\Program Files\Fichiers communs\Steinberg
    [03/09/2005|19:10] C:\Program Files\Fichiers communs\Symantec Shared
    [12/08/2008|16:06] C:\Program Files\Fichiers communs\System
    [16/10/2005|10:26] C:\Program Files\Fichiers communs\WexTech Shared
    [06/03/2008|22:24] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [21/03/2008|23:26] C:\Program Files\Fichiers communs\Wise Installation Wizard

    --------------------\\ Process

    ( 57 Processes )

    ... OK !

    --------------------\\ Searching with S_Lop

    No Lop folder found !

    --------------------\\ Searching for Lop Files - Folders

    C:\DOCUME~1\HP_PRO~1\Cookies\hp_propriétaire@advertising[1].txt

    --------------------\\ Searching within the Registry

    ..... OK !

    --------------------\\ Checking the Hosts file

    Hosts file CLEAN


    --------------------\\ Searching for hidden files with Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-11-13 18:11:14
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 110

    --------------------\\ Searching for other infections

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\(SUMOTorrent.com)_Malwarebytes_Anti-Malware-v1_22_Inc_Serial_Keygen-crd_Folder_ST1619566.torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\- Serial + Crack - Assassins Creed - CORE release.zip [mininova].torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\-=[SUMOTorrent.com]=-_Fallout_3_Crack_Only_Reloaded_ST1956775.torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\-~mininova.org~- Adobe Premiere Elements 4 DVD MultiLang + Working Keygen.torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\=mininova.org= Crimson.Skies.game.FRENCH.Incl.crack-Brioche.866442.torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\Adobe Premiere Elements v4 0 DVD Multilanguage Retail iso Incl Keygen -~mininova.org~-.torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\Adobe_Flash_CS3_French_with_Crack.3947387.TPB.torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\Alone_in_the_dark_5_Crack+Serial-[www.search-torrent.com].torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\Assassin's Creed 1.02 Crack - RAR.torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\Assassins Creed Crack.rar [mininova].torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\Assassin_'s Creed 1.02 Crack - Vitality ---[www.btscene.com]--- .torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\Assassin_creed_crack_update_1.02.4228673.TPB.torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\Assassin_s_Creed_1_02_Crack.torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\Bioshock [PCDVD + Crack][Spanish EN GE FR IT] mininova.org .torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\Cubase Studio 4 iso-no crack- [mininova].torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\Cubase_SX_3_Dongle_Crack.3308191.TPB.torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\Darkstar.One-RELOADED_(inc._no-dvd_crack).3516700.TPB.torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\Fable_FR_Crack.torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\fallout 3 crack nodvd et lanceur anglais[www.torrent411.com](4).torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\Fallout 3 Crack Only Reloaded [mininova].torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\fallout 3 crack[www.torrent411.com].torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\Fruity Loops Studio XXL With Crack (DJ DrEy) {H33T} [mininova](2).torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\Fruity+Loops+Studio+8.0+Full+Producers+Edition+With+Crack.torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\FruityLoops Studio 8.0 XXL Edition Personal Use Works Clean Serial Keygen [mininova].torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\Fruity_Loops_Studio_7_Full_+_Crack-[www.search-torrent.com].torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\GTA San Andreas full game pc with crack.torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\Les.Sims.2.-.Fr.-.4CD.-.Serial.+.Crack.rar ^mininova.org^'.torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\Mass_Effect-ViTALiTY_Crack-Keygen_ONLY-[www.search-torrent.com].torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\mininova.org Dark_Messiah_of_Might_And_Magic_crack_(_nocd_exe_).3545845.TPB.471295.torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\No Cd Crack For Pes 2008.SEEDPEER.torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\No-Cd Crack for PES 2008.rar [mininova].torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\STALKER Clear Sky 1.505 patch and crack All languages by Kosa53 [mininova](2).torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\TB-Assassins Creed-RELOADED - crack.only [mininova].torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\[isoHunt] Assassin's Creed 1.02 Crack - RAR.torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\[isoHunt] Domplayer crack.torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\[isoHunt] PowerISO_3.8.WinAll.Retail.Multilanguage.KeyGen_(-1S--1L).torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\[isoHunt] Stalker Clear Sky Keygen Serial FIXED - Play Online PC.torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\[isoHunt] [PC GAME DVD] - (MULTI) - Gran Theft Auto San Andreas Crack NoDVD - (Eng-Ita-Deu-Fra-Esp) - (By ed [smaragdtorrent.to].torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\[mininova.org] GTA San Andreas [ITA and Multi Language+Crack].iso.torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\_-mininova.org-_ Adobe Premiere Elements 4 DVD MultiLang + Keygen.torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\_Mass_Effect-ViTALiTY_Crack-Keygen_ONLY-[www.search-torrent.com].torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\_Pro.Evolution.Soccer.2008[PCDVD][Spanish-EN-FR-GE-IT-POR] + CRACK + KEYGEN (Gusnor) [mininova].torrent
    C:\DOCUME~1\HP_PRO~1\Application Data\Azureus\torrents\_[isoHunt] Stalker Clear Sky Keygen Serial FIXED - Play Online PC.torrent
    C:\DOCUME~1\HP_PRO~1\Mes documents\Ma Musique\juelz santana feat young jeezy - big mike-the big boy game 6 - crack.mp3
    C:\DOCUME~1\HP_PRO~1\Mes documents\Ma Musique\Jay-Z_-_Discography_1996-2003\Jay-Z-Vol._1._In_My_Lifetime-1997-EDM\12-jay-z-rap_game__crack_game-eDm.mp3
    C:\DOCUME~1\HP_PRO~1\Mes documents\Ma Musique\MegaBlast 4\Shock - Let's Get Crackin.mp3
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Applications\Adobe Flash CS4\crack
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Applications\Adobe Flash CS4\crack\ Waz.Adobe.CS4.path.exe
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Applications\Adobe Flash CS4\crack\Waz-activation.bat
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Applications\Adobe.Flash.Professionnel.CS3.v9.0\Crack
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Applications\Adobe.Flash.Professionnel.CS3.v9.0\Keygen
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Applications\Adobe.Flash.Professionnel.CS3.v9.0\Crack\Flash.exe
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Applications\Adobe.Flash.Professionnel.CS3.v9.0\Keygen\Adobe Flash Professional v9.0 CS3 KeyGen.exe
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Applications\FL Studio 7\crack.exe
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Jeux\Mass Effect Crack.Keygen
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Jeux\Anachronox\Anachronox v1.02 Build 46 Crack.rar
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Jeux\Fable Lost Chapters\[PC GAMES] Fable The.Lost.Chapter\CRACK
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Jeux\Fable Lost Chapters\[PC GAMES] Fable The.Lost.Chapter\CRACK\Fable.exe
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Jeux\Fallout 3\Crack
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Jeux\Fallout 3\Crack\NS-FO3_SR-poseden.mdf
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Jeux\Fallout 3\Crack\NS-FO3_SR-poseden.mds
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Jeux\Fallout 3\Crack\NS-FO3_SR-poseden.nfo
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Jeux\Mass Effect Crack.Keygen\keygen.exe
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Jeux\Mass Effect Crack.Keygen\MassEffect.exe
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Jeux\Mass Effect Crack.Keygen\Torrent downloaded from Demonoid.com.txt
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Jeux\Oblivion\Crack
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Jeux\Oblivion\Crack\Oblivion.exe
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Jeux\Oblivion\Crack\pwz.nfo
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Projets\Mes torrents\- Serial + Crack - Assassins Creed - CORE release.zip [mininova].torrent
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Projets\Mes torrents\Assassin's Creed 1.02 Crack - RAR.torrent
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Projets\Mes torrents\Assassins Creed Crack.rar [mininova].torrent
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Projets\Mes torrents\Assassin_'s Creed 1.02 Crack - Vitality ---[www.btscene.com]--- .torrent
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Projets\Mes torrents\Assassin_creed_crack_update_1.02.4228673.TPB.torrent
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Projets\Mes torrents\Assassin_s_Creed_1_02_Crack.torrent
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Projets\Mes torrents\mininova.org Dark_Messiah_of_Might_And_Magic_crack_(_nocd_exe_).3545845.TPB.471295.torrent
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Projets\Mes torrents\TB-Assassins Creed-RELOADED - crack.only [mininova].torrent
    C:\DOCUME~1\HP_PRO~1\Mes documents\Mes Projets\Mes torrents\[isoHunt] Assassin's Creed 1.02 Crack - RAR.torrent
    C:\DOCUME~1\HP_PRO~1\Recent\Fallout 3 Crack Only Reloaded [mininova].torrent.lnk
    C:\DOCUME~1\HP_PRO~1\Recent\fallout 3 crack.lnk
    C:\DOCUME~1\HP_PRO~1\Recent\fallout 3 crack[www.torrent411.com].torrent.lnk
    C:\DOCUME~1\ALLUSE~1\Documents\Fallout 3\Crack
    C:\DOCUME~1\ALLUSE~1\Documents\Fallout 3\Crack\NS-FO3_SR-poseden.mdf
    C:\DOCUME~1\ALLUSE~1\Documents\Fallout 3\Crack\NS-FO3_SR-poseden.mds
    C:\DOCUME~1\ALLUSE~1\Documents\Fallout 3\Crack\NS-FO3_SR-poseden.nfo


    [F:57][D:10]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp
    [F:61][D:1]-> C:\DOCUME~1\HP_PRO~1\Cookies
    [F:45][D:5]-> C:\DOCUME~1\HP_PRO~1\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 13/11/2008|18:12 - Option : [1]

    --------------------\\ Scan completed at 18:12:59


    Voici le scan :) 

    Merci.


    PS : bug apparemment sur le scan j'avais désactivé toute protection résidente :) 
    14 Novembre 2008 02:29:27

    Salut Phomos


    Je t'invite fortement a lire ceci : Le danger des cracks !


    Fais un scan en ligne ici http://webscanner.kaspersky.fr/ (A faire avec Internet Explorer)

    - Désactive ton Antivirus avant le scan
    - En bas à droite clique sur Démarrer Online-scanner dans la nouvelle fenêtre qui s'affiche clique sur J'accepte
    - Accepte les Contrôle ActivX

    - Choisis Poste de travail pour le scan. Celui-ci terminé clique sur Enregistrer rapport sous (Choisis fichier texte)
    - Poste le rapport

    - Pour t'aider à utiliser le scan en ligne http://www.infos-du-net.com/forum/267224-11-scan-ligne-...

    - Si tu as un probléme pour l'installation du Contrôle ActivX lis ceci http://www.inoculer.com/activex.php3


    NOTE : Si tu reçoit le message "La licence de Kaspersky On-line Scanner est périmée"
    Via Ajout/Suppression de programmes supprime Kaspersky Online Scanner et refaire l’installation.


    @++
    14 Novembre 2008 16:07:55

    Merci j'analyse, je posterai le scan :) 

    Pour les cracks, je suis testeur de Jv pour un site et mes jeux, que j'achète, tournent très souvent, donc j'utilise des cracks pour améliorer la rapidité d'exécution des jeux et éviter d'abimer mes cds :) 

    Mais je sais que c'est pas sans danger, jusque là j'avais jamais eu de soucis^^


    Encore merci l'ami :) 
    14 Novembre 2008 21:45:18

    -------------------------------------------------------------------------------
    KASPERSKY ON-LINE SCANNER REPORT
    Friday, November 14, 2008 9:43:09 PM
    Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 3 (Build 2600)
    Kaspersky On-line Scanner version : 5.0.84.2
    Dernière mise à jour de la base antivirus Kaspersky : 14/11/2008
    Enregistrements dans la base antivirus Kaspersky : 1242328
    -------------------------------------------------------------------------------

    Paramètres d'analyse:
    Analyser avec la base antivirus suivante: standard
    Analyser les archives: vrai
    Analyser les bases de messagerie: vrai

    Cible de l'analyse - Poste de travail:
    C:\
    D:\
    E:\
    F:\
    G:\
    H:\
    I:\
    J:\
    K:\

    Statistiques de l'analyse:
    Total d'objets analysés: 117365
    Nombre de virus trouvés: 1
    Nombre d'objets infectés: 2 / 0
    Nombre d'objets suspects: 0
    Durée de l'analyse: 04:47:55

    Nom de l'objet infecté / Nom du virus / Dernière action
    C:\autorun.inf\lpt3.This folder was created by Flash_Disinfector L'objet est verrouillé ignoré
    C:\Documents and Settings\All Users\Application Data\avg8\Log\avgcore.log L'objet est verrouillé ignoré
    C:\Documents and Settings\All Users\Application Data\avg8\Log\avglng.log L'objet est verrouillé ignoré
    C:\Documents and Settings\All Users\Application Data\avg8\Log\avgrs.log L'objet est verrouillé ignoré
    C:\Documents and Settings\All Users\Application Data\avg8\Log\avgsched.log L'objet est verrouillé ignoré
    C:\Documents and Settings\All Users\Application Data\avg8\Log\avgwd.log L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Application Data\Motive\Acme\plugin\log\pchbtn.log L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\6cpvfagq.default\cert8.db L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\6cpvfagq.default\content-prefs.sqlite L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\6cpvfagq.default\cookies.sqlite L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\6cpvfagq.default\downloads.sqlite L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\6cpvfagq.default\formhistory.sqlite L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\6cpvfagq.default\key3.db L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\6cpvfagq.default\parent.lock L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\6cpvfagq.default\permissions.sqlite L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\6cpvfagq.default\places.sqlite L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\6cpvfagq.default\places.sqlite-journal L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\6cpvfagq.default\search.sqlite L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Cookies\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Ahead\Nero Home\bl.db L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Ahead\Nero Home\is2.db L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Messenger\helios.n.co@gmail.com\SharingMetadata\Logs\Dfsr00005.log L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Messenger\helios.n.co@gmail.com\SharingMetadata\pending.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Messenger\helios.n.co@gmail.com\SharingMetadata\Working\database_8C8_D283_C8D2_6E86\dfsr.db L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Messenger\helios.n.co@gmail.com\SharingMetadata\Working\database_8C8_D283_C8D2_6E86\fsr.log L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Messenger\helios.n.co@gmail.com\SharingMetadata\Working\database_8C8_D283_C8D2_6E86\fsrtmp.log L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Messenger\helios.n.co@gmail.com\SharingMetadata\Working\database_8C8_D283_C8D2_6E86\tmp.edb L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Windows Live Contacts\helios.n.co@gmail.com\real\members.stg L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Windows Live Contacts\helios.n.co@gmail.com\shadow\members.stg L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Windows Live Contacts\isapass@hotmail.fr\real\members.stg L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Windows Live Contacts\isapass@hotmail.fr\shadow\members.stg L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Historique\History.IE5\MSHist012008111420081115\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\~DF3532.tmp L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\~DF353F.tmp L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\~DF3DBA.tmp L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\~DF4332.tmp L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\~DF434B.tmp L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\~DF7266.tmp L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\~DF7310.tmp L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\~DF8443.tmp L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Temp\~DF8465.tmp L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\Mes documents\Mes Applications\FruityLoops Studio 8.0\flstudio_8.0_install.exe/data0002 Infecté : Trojan.Win32.Agent.ynz ignoré
    C:\Documents and Settings\HP_Propriétaire\Mes documents\Mes Applications\FruityLoops Studio 8.0\flstudio_8.0_install.exe NSIS: infecté - 1 ignoré
    C:\Documents and Settings\HP_Propriétaire\NTUSER.DAT L'objet est verrouillé ignoré
    C:\Documents and Settings\HP_Propriétaire\ntuser.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService\Cookies\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
    C:\Program Files\HP\hpcoretech\hpcmerr.log L'objet est verrouillé ignoré
    C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
    C:\System Volume Information\_restore{86E11626-5203-4B6B-99A3-889F6E4C5699}\RP1468\change.log L'objet est verrouillé ignoré
    C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
    C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
    C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
    C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\ACEEvent.evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\drivers\sptd.sys L'objet est verrouillé ignoré
    C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
    C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
    C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
    C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
    D:\autorun.inf\lpt3.This folder was created by Flash_Disinfector L'objet est verrouillé ignoré

    Analyse terminée.



    Voici le rapport :) 

    Merci :) 
    15 Novembre 2008 16:48:22

    Up :) 
    18 Novembre 2008 03:49:15

    Salut Phomos


    Désolé du retard, télécharge SDFix par AndyManchesta sur le Bureau :

    http://downloads.andymanchesta.com/RemovalTools/SDFix.e...


    Double clic sur SDFix.exe sur le bureau et clic sur Install , choisi le bureau pour l’intallation et un dossier sera créer sur le bureau.


    Redémarre ton PC en mode sans échec :

    Au redémarrage de ton PC tapote sur la touche F8 ou F5 sur l'écran suivant déplace toi avec les flèches de direction et choisis Mode sans échec. Choisis ta session habituelle et non la session Administrateur.


    Ouvre le dossier SDFix sur le bureau et double clique sur RunThis.bat, appuie sur Y pour lancer le nettoyage.

    Il y aura redémarrage, quand Finished s’affichera appuie sur un touche pour terminer.

    Poste le rapport qui se trouve dans le dossier SDFix sous le nom de Report.txt dans ta prochaine réponse avec un nouveau rapport HijackThis.


    @++
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS