Se connecter / S'enregistrer
Votre question

Pub+ralentissement.

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
11 Août 2008 22:45:48

Bonjour,
Je vient pour des pubs qui s'ouvrent automatiquement et un ralentissement du pc, je post le rapport hijackthis :

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 22:45:30, on 11/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Real\Update_OB\rnathchk.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Problème\Hijack\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [FlashGet] "C:\Program Files\FlashGet\FlashGet.exe" /min
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKCU\..\Run: [Steam] K:\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Warkeys Update.lnk = C:\Program Files\Warkeys\update\Warkeys Update.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.ca...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O17 - HKLM\System\CCS\Services\Tcpip\..\{4AC48A29-33BA-4BA2-820C-247A0D090CA4}: NameServer = 85.255.116.151,85.255.112.20
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Service de planification Media Center (ehSched) - Unknown owner - C:\WINDOWS\eHome\ehSched.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Fax - Unknown owner - C:\WINDOWS\system32\fxssvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

--
End of file - 13654 bytes


Merci d'avance.

Autres pages sur : pub ralentissement

12 Août 2008 01:10:02

:hello:  Bonjour,

Je vais m'occuper de toi. Merci de prendre en compte que je suis bénévole, que j'ai une vie privée et que j'aide plusieurs internautes à la fois, donc merci d'être patient. Cependant, je ne lâche jamais un internaute tant que son PC n'est pas propre ;) 

1) Imprime ces instructions si nécessaire car il va y avoir un redémarrage de l'ordinateur.

Télécharge le FixWareout (LonnyRJones[/#f]) sur le Bureau.
**Si le lien ne fonctionne pas, clique [#ff0000]ici
**

Lance le fix (FixWareout.exe), clique sur Next puis Install.
Assure-toi que Run fixit soit bien activé puis clique sur Finish.
Le fix va commencer, suis les messages à l'écran. Il te sera demandé de redémarrer ton ordinateur, fais le. Ton système mettra un peu plus de temps au démarrage, c'est normal.

2) Tu as utilisé une mauvaise version d'hijackthis. Désinstalle-la.

Télécharge et installe la celle que je t'ai donnée dans mon lien ( à lire ! ).
Hijackthis
Une fois cela fait, poste-moi un nouveau rapport fait avec la version que je t'ai donnée.

;) 
12 Août 2008 22:09:11

Username "YANN" - 12/08/2008 21:46:09 [Fixwareout edited 9/01/2007]

~~~~~ Prerun check

HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{4AC48A29-33BA-4BA2-820C-247A0D090CA4}
"nameserver"="85.255.116.151,85.255.112.20" <Value cleared.

Cache de résolution DNS vidé.


System was rebooted successfully.

~~~~~ Postrun check
HKLM\SOFTWARE\~\Winlogon\ "System"=""
....
....
~~~~~ Misc files.
....
~~~~~ Checking for older varients.
....

~~~~~ Current runs (hklm hkcu "run" Keys Only)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"TkBellExe"="C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe -osboot"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_05\\bin\\jusched.exe\""
"SkyTel"="SkyTel.EXE"
"RTHDCPL"="RTHDCPL.EXE"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"PHIME2002ASync"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /SYNC"
"PHIME2002A"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /IMEName"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"ntiMUI"="c:\\Program Files\\NewTech Infosystems\\NTI CD & DVD-Maker 7\\ntiMUI.exe"
"NeroFilterCheck"="C:\\Program Files\\Fichiers communs\\Ahead\\Lib\\NeroCheck.exe"
"MSPY2002"="C:\\WINDOWS\\system32\\IME\\PINTLGNT\\ImScInst.exe /SYNC"
"LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE"
"LogitechVideo[inspector]"="C:\\Program Files\\Logitech\\Video\\InstallHelper.exe /inspect"
"LogitechCameraService(E)"="C:\\WINDOWS\\system32\\ElkCtrl.exe /automation"
"LogitechCameraAssistant"="C:\\Program Files\\Logitech\\Video\\CameraAssistant.exe"
"LaunchApp"="Alaunch"
"IMJPMIG8.1"="\"C:\\WINDOWS\\IME\\imjp8_1\\IMJPMIG.EXE\" /Spoil /RemAdvDef /Migration32"
"IMEKRMIG6.1"="C:\\WINDOWS\\ime\\imkr6_1\\IMEKRMIG.EXE"
"FlashGet"="\"C:\\Program Files\\FlashGet\\FlashGet.exe\" /min"
"eRecoveryService"="C:\\Acer\\Empowering Technology\\eRecovery\\eRAgent.exe"
"ehTray"="C:\\WINDOWS\\ehome\\ehtray.exe"
"eDataSecurity Loader"="C:\\Acer\\Empowering Technology\\eDataSecurity\\eDSloader.exe 1"
"Alcmtr"="ALCMTR.EXE"
"Acer Empowering Technology Monitor"="C:\\WINDOWS\\system32\\SysMonitor.exe"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="K:\\Steam\\Steam.exe -silent"
"msnmsgr"="\"C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe\" /background"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"LogitechSoftwareUpdate"="\"C:\\Program Files\\Logitech\\Video\\ManifestEngine.exe\" boot"
"DAEMON Tools Lite"="\"C:\\Program Files\\DAEMON Tools Lite\\daemon.exe\" -autorun"
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
....
Hosts file was reset, If you use a custom hosts file please replace it...
~~~~~ End report ~~~~~


J'ai posté le rapport de fixwareout ne sachant pas si tu en avais besoin ou non.

Puis le hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:06:37, on 12/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\rnathchk.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [FlashGet] "C:\Program Files\FlashGet\FlashGet.exe" /min
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKCU\..\Run: [Steam] K:\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Warkeys Update.lnk = C:\Program Files\Warkeys\update\Warkeys Update.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.ca...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

--
End of file - 12049 bytes



Voilà le tous, avec un gros remerciement pour ton aide, je comprend tout à fait ta position et donc je saurais être patient.

Ps : Par contre j'ai une autre question je ne sais pas si elle rentre dans le cadre mais, j'ouvre ma session, j'ai ma connection net, puis 5 min plus tard elle plante, je la relance puis je n'ai plus aucun probleme, mais ceci à chaque fois, y'a t'il une raison ? :p .
Contenus similaires
13 Août 2008 01:04:30

Re,

Je ne sais pas, possible, on va voir ;) 

Télécharge Deckard's System Scanner (DSS) (ou DSS) sur ton Bureau.
NB : Tu dois être connecté avec des droits d'Administrateur.
  • ferme toutes les applications et fenêtres
  • double-clique sur dss.exe pour le lancer et suis les instructions ci-dessous
    Attention, il est conseillé de stopper temporairement les logiciels résidents de protection (pare-feu, antivirus, etc.)
  • s'il s'agit d'une première utilisation ou d'une nouvelle version de DSS :
  • tu devras cliquer 2 fois sur le OK des boîtes de dialogue
    Attention, si tu tardes trop, la réponse Abandon sera automatiquement validée
  • quand le traitement est terminé (clique sur OK), deux fichiers texte s'affichent :
    main.txt <- ouvert en premier plan et en plein écran
    extra.txt <- ouvert en second plan et en fenêtré (regarde la barre des taches)
    S'il s'agit d'une utilisation supplémentaire de DSS :
  • tu n'auras pas de boîte de dialogue (pas de OK)
  • quand le traitement est terminé, un fichier texte s'affiche :
    main.txt <- ouvert en premier plan et en plein écran

  • copie (Ctrl+A puis Ctrl+C) et colle (Ctrl+V) le contenu de main.txt dans ton prochain post
  • copie de même le contenu de extra.txt dans ton prochain post, si tu as ce fichier (première utilisation)
  • n'oublie pas de réactiver les protections si elles ont été stoppées.



    Ce que fait DSS :
  • crée un point de restauration dans Windows XP et Vista
  • nettoie les fichiers temporaires, DPF-Downloaded Program Files et le Cache Internet, vide la Corbeille de tous les lecteurs
  • vérifie quelques zones importantes de ton système et établit un rapport pour examen par ton conseiller en sécurité. DSS lance automatiquement HijackThis pour toi; il va aussi créer un raccourci HijackThis sur ton Bureau si tu n'as pas déjà HijackThis d'installé.

    ;) 
    13 Août 2008 21:22:39

    Deckard's System Scanner v20071014.68
    Run by YANN on 2008-08-13 21:18:55
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------

    -- System Restore --------------------------------------------------------------

    Successfully created a Deckard's System Scanner Restore Point.


    -- Last 5 Restore Point(s) --
    22: 2008-08-13 19:18:59 UTC - RP459 - Deckard's System Scanner Restore Point
    21: 2008-08-13 06:03:34 UTC - RP458 - Software Distribution Service 3.0
    20: 2008-08-11 18:09:29 UTC - RP457 - Point de vérification système
    19: 2008-08-08 18:50:13 UTC - RP456 - Point de vérification système
    18: 2008-08-07 17:52:16 UTC - RP455 - Point de vérification système


    -- First Restore Point --
    1: 2008-07-18 18:33:15 UTC - RP438 - Point de vérification système


    Backed up registry hives.
    Performed disk cleanup.



    -- HijackThis (run as YANN.exe) ------------------------------------------------

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:20:40, on 13/08/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\rnathchk.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\WINDOWS\system32\ElkCtrl.exe
    C:\Program Files\Logitech\Video\CameraAssistant.exe
    C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\WINDOWS\system32\SysMonitor.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
    C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Documents and Settings\YANN\Bureau\dss.exe
    C:\PROGRA~1\TRENDM~1\HIJACK~1\YANN.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
    O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
    O4 - HKLM\..\Run: [FlashGet] "C:\Program Files\FlashGet\FlashGet.exe" /min
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
    O4 - HKCU\..\Run: [Steam] K:\Steam\Steam.exe -silent
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: Warkeys Update.lnk = C:\Program Files\Warkeys\update\Warkeys Update.exe
    O4 - Global Startup: Acer Empowering Technology.lnk = ?
    O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
    O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.ca...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

    --
    End of file - 12003 bytes

    -- File Associations -----------------------------------------------------------

    All associations okay.


    -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

    R0 UBHelper - c:\windows\system32\drivers\ubhelper.sys
    R1 PQNTDrv - c:\windows\system32\drivers\pqntdrv.sys <Not Verified; PowerQuest Corporation; PowerQuest product>
    R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.4.5.0) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.4.5.0>
    R3 int15.sys - c:\acer\empowering technology\erecovery\int15.sys
    R3 LVPrcMon (Logitech LVPrcMon Driver) - c:\windows\system32\drivers\lvprcmon.sys
    R3 NTIDrvr (Upper Class Filter Driver) - c:\windows\system32\drivers\ntidrvr.sys <Not Verified; NewTech Infosystems, Inc.; >
    R3 psdfilter - c:\windows\system32\drivers\psdfilter.sys <Not Verified; HiTRUST; >
    R3 psdvdisk - c:\windows\system32\drivers\psdvdisk.sys <Not Verified; HiTRUST; >
    R3 ZDPSp50 (ZDPSp50 NDIS Protocol Driver) - c:\windows\system32\drivers\zdpsp50.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>

    S3 ManyCam (ManyCam Virtual Webcam, WDM Video Capture Driver) - c:\windows\system32\drivers\manycam.sys (file missing)


    -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

    R2 AcerMemUsageCheckService (Memory Check Service) - c:\acer\empowering technology\eperformance\memcheck.exe <Not Verified; Acer Inc.; >

    S3 Boonty Games - "c:\program files\fichiers communs\boonty shared\service\boonty.exe" <Not Verified; BOONTY; Boonty Games>
    S3 iPod Service (Service de l'iPod) - "c:\program files\ipod\bin\ipodservice.exe" (file missing)
    S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe


    -- Device Manager: Disabled ----------------------------------------------------

    No disabled devices found.


    -- Files created between 2008-07-13 and 2008-08-13 -----------------------------

    2008-08-13 21:12:31 0 d-------- C:\WINDOWS\LastGood
    2008-08-12 21:45:25 0 d-------- C:\Program Files\Trend Micro
    2008-07-26 01:21:10 0 d-------- C:\Program Files\Microsoft Works
    2008-07-23 13:03:32 2829 --a------ C:\WINDOWS\War3Unin.pif
    2008-07-23 13:03:32 139264 --a------ C:\WINDOWS\War3Unin.exe <Not Verified; Blizzard Entertainment; Warcraft III Uninstaller>
    2008-07-23 13:03:32 81249 --a------ C:\WINDOWS\War3Unin.dat
    2008-07-23 12:58:14 0 d-------- C:\Program Files\Warcraft III
    2008-07-22 10:27:32 0 d-------- C:\Program Files\Warkeys
    2008-07-20 23:29:31 0 d-------- C:\Program Files\Xilisoft
    2008-07-20 23:10:25 356352 --a------ C:\WINDOWS\eSellerateEngine.dll <Not Verified; eSellerate Inc.; eSellerateEngine>
    2008-07-20 23:09:47 0 d-------- C:\Program Files\Deskshare
    2008-07-20 12:15:33 0 d-------- C:\Program Files\Microsoft Games
    2008-07-19 22:20:43 0 d-------- C:\Documents and Settings\All Users\Application Data\Azureus
    2008-07-19 22:20:38 0 d-------- C:\Documents and Settings\YANN\Application Data\Azureus
    2008-07-19 22:16:05 0 d-------- C:\Program Files\Azureus


    -- Find3M Report ---------------------------------------------------------------

    2008-08-13 21:11:34 0 d-------- C:\Program Files\FlashGet
    2008-08-11 22:45:08 0 d-------- C:\Documents and Settings\YANN\Application Data\U3
    2008-08-11 19:32:47 0 d-------- C:\Program Files\PokerStars
    2008-07-22 14:11:18 0 d-------- C:\Program Files\eMule
    2008-07-22 09:07:06 4383 --a------ C:\WINDOWS\mozver.dat
    2008-07-20 23:15:45 0 d-------- C:\Program Files\Fichiers communs
    2008-07-20 23:15:24 0 d-------- C:\Program Files\NCH Software
    2008-07-20 23:14:17 0 d-------- C:\Program Files\MP3 Player Utilities 3.57
    2008-07-19 21:24:21 0 d-------- C:\Program Files\Fichiers communs\Blizzard Entertainment
    2008-07-19 11:02:11 449740 --a------ C:\WINDOWS\system32\perfh00C.dat
    2008-07-19 11:02:11 65602 --a------ C:\WINDOWS\system32\perfc00C.dat
    2008-07-08 18:42:39 0 d-------- C:\Program Files\Sony
    2008-07-08 18:42:17 0 d-------- C:\Program Files\Common Files


    -- Registry Dump ---------------------------------------------------------------

    *Note* empty entries & legit default entries are not shown


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [16/05/2008 01:19]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [12/07/2006 00:19]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [11/05/2008 20:25]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 04:25]
    "SkyTel"="SkyTel.EXE" [16/05/2006 04:04 C:\WINDOWS\SkyTel.exe]
    "RTHDCPL"="RTHDCPL.EXE" [01/06/2006 02:48 C:\WINDOWS\RTHDCPL.exe]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [01/09/2006 15:57]
    "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [10/08/2004 22:00]
    "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [10/08/2004 22:00]
    "nwiz"="nwiz.exe" [12/07/2006 00:19 C:\WINDOWS\system32\nwiz.exe]
    "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [12/07/2006 00:19]
    "ntiMUI"="c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [11/05/2005 17:15]
    "NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [12/01/2006 17:40]
    "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [10/08/2004 22:00]
    "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [01/09/2005 14:04]
    "LogitechVideo[inspector]"="C:\Program Files\Logitech\Video\InstallHelper.exe" [07/09/2005 07:39]
    "LogitechCameraService(E)"="C:\WINDOWS\system32\ElkCtrl.exe" [01/11/2004 19:22]
    "LogitechCameraAssistant"="C:\Program Files\Logitech\Video\CameraAssistant.exe" [07/09/2005 07:33]
    "LaunchApp"="Alaunch" []
    "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [10/08/2004 22:00]
    "IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE" [10/08/2004 22:00]
    "FlashGet"="C:\Program Files\FlashGet\FlashGet.exe" [30/01/2007 05:11]
    "eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\eRAgent.exe" [01/06/2006 15:40]
    "ehTray"="C:\WINDOWS\ehome\ehtray.exe" [29/09/2005 15:01]
    "eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [17/03/2006 16:00]
    "Alcmtr"="ALCMTR.EXE" [03/05/2005 04:43 C:\WINDOWS\Alcmtr.exe]
    "Acer Empowering Technology Monitor"="C:\WINDOWS\system32\SysMonitor.exe" [18/04/2006 20:54]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Steam"="K:\Steam\Steam.exe" []
    "msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [18/10/2007 11:34]
    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [13/10/2004 18:24]
    "LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [18/01/2005 18:07]
    "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [01/04/2008 11:39]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [10/08/2004 22:00]

    C:\Documents and Settings\YANN\Menu D‚marrer\Programmes\D‚marrage\
    Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [16/03/2005 20:16:50]
    Warkeys Update.lnk - C:\Program Files\Warkeys\update\Warkeys Update.exe [03/08/2006 22:54:12]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [10/12/2006 14:43:55]
    Acer WLAN 11g USB Dongle.lnk - C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe [16/11/2005 20:25:14]
    Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [14/12/2004 04:44:06]
    NETGEAR WG111v2 Smart Wizard.lnk - C:\Program Files\NETGEAR\WG111v2\WG111v2.exe [17/05/2006 17:05:52]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme





    -- End of Deckard's System Scanner: finished at 2008-08-13 21:21:09 ------------



    Voila le main.txt
    Puis le extra.txt :


    Deckard's System Scanner v20071014.68
    Extra logfile - please post this as an attachment with your post.
    --------------------------------------------------------------------------------

    -- System Information ----------------------------------------------------------

    Microsoft Windows XP Professionnel (build 2600) SP 2.0
    Architecture: X86; Language: French

    CPU 0: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+
    CPU 1: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+
    Percentage of Memory in Use: 59%
    Physical Memory (total/avail): 767.48 MiB / 309.31 MiB
    Pagefile Memory (total/avail): 1874.62 MiB / 1311.19 MiB
    Virtual Memory (total/avail): 2047.88 MiB / 1931.46 MiB

    C: is Fixed (NTFS) - 48.83 GiB total, 10.2 GiB free.
    D: is Fixed (NTFS) - 113.76 GiB total, 21 GiB free.
    E: is CDROM (No Media)
    G: is Removable (No Media)
    H: is Removable (No Media)
    I: is Removable (No Media)
    J: is Removable (No Media)
    K: is Fixed (NTFS) - 64.45 GiB total, 34.56 GiB free.
    M: is CDROM (No Media)

    \\.\PHYSICALDRIVE0 - Hitachi HDT725025VLA380 - 232.88 GiB - 4 partitions
    \PARTITION0 - Unknown - 5.85 GiB
    \PARTITION1 (bootable) - Système de fichiers installable - 48.83 GiB - C:
    \PARTITION2 - Système de fichiers installable - 113.76 GiB - D:
    \PARTITION3 - Système de fichiers installable - 64.45 GiB - K:

    \\.\PHYSICALDRIVE2 - Generic USB CF Reader USB Device

    \\.\PHYSICALDRIVE4 - Generic USB MS Reader USB Device

    \\.\PHYSICALDRIVE1 - Generic USB SD Reader USB Device

    \\.\PHYSICALDRIVE3 - Generic USB SM Reader USB Device



    -- Security Center -------------------------------------------------------------

    AUOptions is scheduled to auto-install.
    Windows Internal Firewall is enabled.

    FirstRunDisabled is set.

    AV: avast! antivirus 4.8.1201 [VPS 080813-0] v4.8.1201 (ALWIL Software)

    [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
    "K:\\Warcraft III\\War3.exe"="K:\\Warcraft III\\War3.exe:*:Enabled:Warcraft III"
    "K:\\World of Warcraft\\WoW-1.12.0-frFR-downloader.exe"="K:\\World of Warcraft\\WoW-1.12.0-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
    "K:\\Warcraft III\\Warcraft III.exe"="K:\\Warcraft III\\Warcraft III.exe:*:Enabled:Warcraft III"
    "K:\\World of Warcraft\\WoW-1.12.x-to-2.0.1-frFR-patch-downloader.exe"="K:\\World of Warcraft\\WoW-1.12.x-to-2.0.1-frFR-patch-downloader.exe:*:Enabled:Blizzard Downloader"
    "J:\\Yann\\WoW-2.0.0.5991-frFR-Installer-downloader.exe"="J:\\Yann\\WoW-2.0.0.5991-frFR-Installer-downloader.exe:*:Enabled:Blizzard Downloader"
    "C:\\Program Files\\Real\\RealOne Player\\realplay.exe"="C:\\Program Files\\Real\\RealOne Player\\realplay.exe:*:Enabled:RealOne Player"
    "C:\\Program Files\\mIRC\\mirc.exe"="C:\\Program Files\\mIRC\\mirc.exe:*:Enabled:mIRC"
    "K:\\World of Warcraft\\Repair.exe"="K:\\World of Warcraft\\Repair.exe:*:Enabled:Blizzard Repair Utility"
    "K:\\Steam\\SteamApps\\bea31\\counter-strike\\hl.exe"="K:\\Steam\\SteamApps\\bea31\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher"
    "K:\\Steam2\\SteamApps\\bea31\\counter-strike\\hl.exe"="K:\\Steam2\\SteamApps\\bea31\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher"
    "C:\\Program Files\\FlashGet\\flashget.exe"="C:\\Program Files\\FlashGet\\flashget.exe:*:Enabled:Flashget"
    "K:\\Steam2\\SteamApps\\bea31\\condition zero\\hl.exe"="K:\\Steam2\\SteamApps\\bea31\\condition zero\\hl.exe:*:Enabled:Half-Life Launcher"
    "J:\\patch\\WoW-2.0.10.6448-to-2.0.12.6546-frFR-downloader.exe"="J:\\patch\\WoW-2.0.10.6448-to-2.0.12.6546-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
    "K:\\Cs source\\hl2.exe"="K:\\Cs source\\hl2.exe:*:Enabled:hl2"
    "K:\\Diablo II\\Game.exe"="K:\\Diablo II\\Game.exe:*:Enabled:D iablo II"
    "K:\\Unreal\\System\\UnrealTournament.exe"="K:\\Unreal\\System\\UnrealTournament.exe:*:Enabled:UnrealTournament"
    "C:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"="C:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe:*:Enabled:Nero Home"
    "K:\\Steam2\\SteamApps\\ichigo35\\condition zero\\hl.exe"="K:\\Steam2\\SteamApps\\ichigo35\\condition zero\\hl.exe:*:Enabled:Half-Life Launcher"
    "C:\\Program Files\\DAP\\DAP.exe"="C:\\Program Files\\DAP\\DAP.exe:*:Enabled:D ownload Accelerator Plus (DAP)"
    "C:\\Program Files\\eMule\\eMule.exe"="C:\\Program Files\\eMule\\eMule.exe:*:Enabled:eMule Plus"
    "K:\\Steam2\\Steam.exe"="K:\\Steam2\\Steam.exe:*:Enabled:Steam"
    "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
    "\\\\PARENT\\WARCRAFT III\\Warcraft III.exe"="\\\\PARENT\\WARCRAFT III\\Warcraft III.exe:*:Enabled:Warcraft III.exe"
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
    "C:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\age2_x1.icd"="C:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\age2_x1.icd:*:Enabled:Age of Empires II Expansion"
    "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"


    -- Environment Variables -------------------------------------------------------

    ALLUSERSPROFILE=C:\Documents and Settings\All Users
    APPDATA=C:\Documents and Settings\YANN\Application Data
    CLASSPATH=.;C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
    CLIENTNAME=Console
    CommonProgramFiles=C:\Program Files\Fichiers communs
    COMPUTERNAME=YANN
    ComSpec=C:\WINDOWS\system32\cmd.exe
    FP_NO_HOST_CHECK=NO
    HOMEDRIVE=C:
    HOMEPATH=\Documents and Settings\YANN
    LOGONSERVER=\\YANN
    NUMBER_OF_PROCESSORS=2
    OS=Windows_NT
    Path=C:\Program Files\Mozilla Firefox\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Fichiers communs\Adobe\AGL;C:\Program Files\QuickTime\QTSystem\;;C:\PROGRA~1\FICHIE~1\MUVEET~1\030625
    PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    PROCESSOR_ARCHITECTURE=x86
    PROCESSOR_IDENTIFIER=x86 Family 15 Model 75 Stepping 2, AuthenticAMD
    PROCESSOR_LEVEL=15
    PROCESSOR_REVISION=4b02
    ProgramFiles=C:\Program Files
    PROMPT=$P$G
    QTJAVA=C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
    SESSIONNAME=Console
    SystemDrive=C:
    SystemRoot=C:\WINDOWS
    TEMP=C:\DOCUME~1\YANN\LOCALS~1\Temp
    TMP=C:\DOCUME~1\YANN\LOCALS~1\Temp
    USERDOMAIN=YANN
    USERNAME=YANN
    USERPROFILE=C:\Documents and Settings\YANN
    windir=C:\WINDOWS


    -- User Profiles ---------------------------------------------------------------

    YANN (admin)
    Administrateur (admin)


    -- Add/Remove Programs ---------------------------------------------------------

    --> C:\Program Files\Fichiers communs\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0
    --> C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
    --> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
    --> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
    --> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
    --> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
    --> C:\WINDOWS\UNRecode.exe /UNINSTALL
    --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Acer eDataSecurity Management --> C:\Acer\Empowering Technology\eDataSecurity\eDStbmngr.exe UNINSTALL 1
    Acer eDataSecurity Management 2.0.3077 --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{4AD13F68-CADA-4C6B-9759-C33753F89908} /l1036
    Acer Empowering Technology --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x40c -removeonly
    Acer ePerformance Management --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7057702F-6D71-4F30-8000-9E72BC771887}\setup.exe" -l0x40c -removeonly
    Acer WLAN 11g USB Dongle --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{0CB98AC0-D691-4B21-AD3D-95982517021D} /l1036
    Ad-Aware SE Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
    Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
    Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}
    Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
    Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Help Center 1.0 --> MsiExec.exe /I{E9787678-119F-4D52-B551-6739B2B22101}
    Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-040C-2E257A25E34D}
    Adobe Reader 7.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
    Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
    Adobe Stock Photos 1.0 --> MsiExec.exe /I{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}
    Apple Software Update --> MsiExec.exe /I{A260B422-70E1-41E2-957D-F76FA21266D5}
    Archiveur WinRAR --> C:\Program Files\WinRAR\uninstall.exe
    Assistant de connexion Windows Live --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
    Audacity 1.2.6 --> "C:\Program Files\Audacity\unins000.exe"
    avast! Antivirus --> C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
    Blender (remove only) --> "C:\Program Files\Blender Foundation\Blender\uninstall.exe"
    CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
    Client Hack 1.9.2d --> C:\WINDOWS\iun6002.exe "K:\World of Warcraft\irunin.ini"
    commercial --> MsiExec.exe /I{38C65D12-79E3-49C0-B211-DE3BE0A7AB39}
    Condition Zero --> "K:\Steam2\steam.exe" steam://uninstall/80
    Correctif n° 2 pour Windows XP Édition Media Center 2005 --> C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
    Correctif pour Lecteur Windows Media 11 (KB939683) --> "C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB888795) --> "C:\WINDOWS\$NtUninstallKB888795$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB891593) --> "C:\WINDOWS\$NtUninstallKB891593$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB893357) --> "C:\WINDOWS\$NtUninstallKB893357$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB896256) --> "C:\WINDOWS\$NtUninstallKB896256$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB898444) --> "C:\WINDOWS\$NtUninstallKB898444$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB899337) --> "C:\WINDOWS\$NtUninstallKB899337$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB899510) --> "C:\WINDOWS\$NtUninstallKB899510$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB902841) --> "C:\WINDOWS\$NtUninstallKB902841$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB906569) --> "C:\WINDOWS\$NtUninstallKB906569$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB935448) --> "C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe"
    Correctif Windows XP - KB867282 --> C:\WINDOWS\$NtUninstallKB867282$\spuninst\spuninst.exe
    Correctif Windows XP - KB873333 --> C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
    Correctif Windows XP - KB873339 --> C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
    Correctif Windows XP - KB885250 --> C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
    Correctif Windows XP - KB885835 --> C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
    Correctif Windows XP - KB885836 --> C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
    Correctif Windows XP - KB886185 --> C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
    Correctif Windows XP - KB887472 --> C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
    Correctif Windows XP - KB888113 --> C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
    Correctif Windows XP - KB888239 --> C:\WINDOWS\$NtUninstallKB888239$\spuninst\spuninst.exe
    Correctif Windows XP - KB888302 --> C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
    Correctif Windows XP - KB890047 --> C:\WINDOWS\$NtUninstallKB890047$\spuninst\spuninst.exe
    Correctif Windows XP - KB890175 --> C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
    Correctif Windows XP - KB890859 --> "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
    Correctif Windows XP - KB890923 --> "C:\WINDOWS\$NtUninstallKB890923$\spuninst\spuninst.exe"
    Correctif Windows XP - KB891781 --> C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
    Correctif Windows XP - KB893086 --> "C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe"
    Correctif Windows XP - KB895961 --> "C:\WINDOWS\$NtUninstallKB895961$\spuninst\spuninst.exe"
    Counter-Strike Source --> K:\Cs source\Uninstal.exe
    dBpoweramp Music Converter --> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.dat
    Diablo II --> C:\WINDOWS\DIIUnin.exe C:\WINDOWS\DIIUnin.dat
    DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
    DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    FlashGet 1.81 --> C:\Program Files\FlashGet\uninst.exe
    GoldWave v5.22 --> "C:\Program Files\GoldWave\unstall.exe" "GoldWave v5.22" "C:\Program Files\GoldWave\unstall.log"
    GUILD WARS --> "K:\GUILD WARS\Gw.exe" -uninstall
    Guitar Pro 5.0 --> "C:\Program Files\Guitar Pro 5\unins000.exe"
    High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
    HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    J2SE Runtime Environment 5.0 Update 10 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
    J2SE Runtime Environment 5.0 Update 11 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
    J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
    Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
    Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
    Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
    K-Lite Codec Pack 2.71 Full --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"
    Kaspersky Online Scanner --> C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
    KC Softwares VideoInspector --> "C:\Program Files\KC Softwares\VideoInspector\unins000.exe"
    Keycraft (remove only) --> "C:\Program Files\Warcraft III\Keycraft\uninstall.exe"
    Kptic --> MsiExec.exe /X{4312AB5F-7C43-461E-B48B-EDFA6B9CD3D6}
    LiveUpdate 3.0 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
    Logiciel QuickCam de Logitech --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF1B5DF7-8DF5-4D38-BFF0-FDC7B7847C00}\setup.exe" -l0x40c
    Ludiclub.com --> C:\WINDOWS\system32\GKSUI20.EXE C:\Program Files\Ludiclub\UninstallE773.DAT
    MEDUSA - Subtitling Station (remove only) --> C:\Program Files\MEDUSA\uninst.exe
    Messenger Plus! 3 --> "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /Remove
    Messenger Plus! Live --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Microsoft Age of Empires II --> "C:\Program Files\Microsoft Games\Age of Empires II\UNINSTAL.EXE" /runtemp /uninstall
    Microsoft Age of Empires II : The Conquerors Expansion --> "C:\Program Files\Microsoft Games\Age of Empires II\UNINSTALX.EXE" /runtemp /addremove
    Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Office Access MUI (French) 2007 --> MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
    Microsoft Office Excel MUI (French) 2007 --> MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (French) 2007 --> MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (French) 2007 --> MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint Viewer 2003 --> MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
    Microsoft Office Professional 2007 --> MsiExec.exe /X{91120000-0014-0000-0000-0000000FF1CE}
    Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
    Microsoft Office Proof (Arabic) 2007 --> MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
    Microsoft Office Proof (Dutch) 2007 --> MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007 --> MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (French) 2007 --> MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (French) 2007 --> MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
    Microsoft Office Shared MUI (French) 2007 --> MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
    Microsoft Office Word MUI (French) 2007 --> MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
    Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    mIRC --> "C:\Program Files\mIRC\mirc.exe" -uninstall
    Mise à jour de sécurité pour Lecteur Windows Media (KB911564) --> "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565) --> "C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) --> "C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782) --> "C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) --> "C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB883939) --> "C:\WINDOWS\$NtUninstallKB883939$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB890046) --> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896422) --> "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896424) --> "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB899588) --> "C:\WINDOWS\$NtUninstallKB899588$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB899589) --> "C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB901190) --> "C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB903235) --> "C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB904706) --> "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB905915) --> "C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB911567) --> "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB912812) --> "C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB912919) --> "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB913433) --> C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB913433.inf
    Mise à jour de sécurité pour Windows XP (KB913446) --> "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB917422) --> "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB921398) --> "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB921503) --> "C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB922616) --> "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923694) --> "C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924191) --> "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB925454) --> "C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB925486) --> "C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB928090) --> "C:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB929969) --> "C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB931768) --> "C:\WINDOWS\$NtUninstallKB931768$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB933566) --> "C:\WINDOWS\$NtUninstallKB933566$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB933729) --> "C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB936021) --> "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB937143) --> "C:\WINDOWS\$NtUninstallKB937143$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB937894) --> "C:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938127) --> "C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938829) --> "C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB939653) --> "C:\WINDOWS\$NtUninstallKB939653$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941202) --> "C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941568) --> "C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941644) --> "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941693) --> "C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB942615) --> "C:\WINDOWS\$NtUninstallKB942615$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB943055) --> "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB943460) --> "C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB943485) --> "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB944338) --> "C:\WINDOWS\$NtUninstallKB944338$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB944533) --> "C:\WINDOWS\$NtUninstallKB944533$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB944653) --> "C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB945553) --> "C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946026) --> "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB947864) --> "C:\WINDOWS\$NtUninstallKB947864$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB948590) --> "C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB948881) --> "C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950749) --> "C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950759) --> "C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950760) --> "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762) --> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2) --> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698) --> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748) --> "C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour pour Lecteur Windows Media 10 (KB910393) --> "C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
    Mise à jour pour Lecteur Windows Media 10 (KB913800) --> "C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
    Mise à jour pour Lecteur Windows Media 10 (KB926251) --> "C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB896727) --> "C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB912945) --> "C:\WINDOWS\$NtUninstallKB912945$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB929338) --> "C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB931836) --> "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB933360) --> "C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB938828) --> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB942840) --> "C:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB946627) --> "C:\WINDOWS\$NtUninstallKB946627$\spuninst\spuninst.exe"
    Mozilla Firefox (1.5) --> C:\Program Files\Mozilla Firefox\uninstall\uninstall.exe /ua "1.5 (fr)"
    MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
    Nero 7 Ultra Edition --> MsiExec.exe /I{38E0C491-5230-4373-B62E-F1A6E94B1036}
    NETGEAR WG111v2 wireless USB 2.0 adapter --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{E0F252A6-DE85-4E93-A93B-DFC3537B3965}
    NTI Backup NOW! 4 --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{385979FE-DC4F-4140-8EAD-A59625000D72} /l1036 BUN4
    NTI CD & DVD-Maker --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7
    NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
    OCA Client history tool install --> "C:\WINDOWS\$UninstallOCA-X86Fre-ENU$\spuninst\spuninst.exe"
    Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) --> C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_C7A451815AD6A55564D6F47B5A12C61D8B4DCFD1\amdk8.inf
    Package de pilotes Windows - AMD System (04/06/2006 1.0.1.0) --> C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdaway_6BBB63755B7B133065E435E51557E416289081C4\amdaway.inf
    Pharaon --> C:\WINDOWS\IsUn040c.exe -fC:\SIERRA\Pharaon\Uninst.isu
    PHOTOfunSTUDIO -viewer- --> C:\Program Files\InstallShield Installation Information\{9A9DBEBC-C800-4776-A970-D76D6AA405B1}\Setup.exe -runfromtemp -l0x040cPackage -removeonly
    PokerStars --> "C:\Program Files\PokerStars\PokerStarsUninstall.exe" /u:p okerStars
    PowerDVD --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
    PowerQuest PartitionMagic 8.0 --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}
    Programme de gestion Camera de Logitech --> "C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT -l040c
    QuickTime --> MsiExec.exe /I{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}
    RealOne Player --> C:\Program Files\Fichiers communs\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0
    Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.exe" -l0x40c -removeonly
    Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for Excel 2007 (KB946974) --> msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E}
    Security Update for Microsoft Office Publisher 2007 (KB950114) --> msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
    Security Update for Microsoft Office system 2007 (KB951808) --> msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
    Security Update for Microsoft Office Word 2007 (KB950113) --> msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
    Security Update for Office 2007 (KB947801) --> msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}
    Security Update for Outlook 2007 (KB946983) --> msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {66B9496E-C0C3-4065-9868-85CCA92126C3}
    Skype 3.0 --> "C:\Program Files\Skype\Phone\unins000.exe"
    Skype Plugin Manager --> MsiExec.exe /I{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}
    Sonic Encoders --> MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
    Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    Starcraft --> C:\WINDOWS\scunin.exe C:\WINDOWS\scunin.dat
    Steam --> K:\Steam\UNWISE.EXE K:\Steam\INSTALL.LOG
    SUPER © Version 2007.bld.22 (Mar 14, 2007) --> C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
    Switch --> C:\Program Files\NCH Swift Sound\Switch\uninst.exe
    TeamSpeak 2 RC2 --> "C:\Program Files\Teamspeak2_RC2\unins000.exe"
    Update for Office 2007 (KB934391) --> msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5}
    Update for Office 2007 (KB946691) --> msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
    Update for Outlook 2007 Junk Email Filter (kb953463) --> msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {1B78D541-9FF1-4330-ADD8-CED14F0C1E8E}
    Version d'évaluation de Microsoft Office Professional 2007 --> "C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROR /dll OSETUP.DLL
    VideoLAN VLC media player 0.8.4a --> C:\Program Files\VideoLAN\VLC\uninstall.exe
    Warcraft III: All Products --> C:\WINDOWS\War3Unin.exe C:\WINDOWS\War3Unin.dat
    Warkeys 1.3.1.0b --> C:\Program Files\Warkeys\uninst.exe
    Windows Live installer --> MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Messenger --> MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
    Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows XP Media Center Edition 2005 KB908246 --> "C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
    Windows XP Media Center Edition 2005 KB925766 --> "C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
    World of Warcraft --> C:\Program Files\Fichiers communs\Blizzard Entertainment\World of Warcraft\Uninstall.exe
    Xilisoft MP4 Converter --> C:\Program Files\Xilisoft\MP4 Converter 3\Uninstall.exe
    Yahoo! Install Manager --> C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL


    -- Application Event Log -------------------------------------------------------

    Event Record #/Type26143 / Warning
    Event Submitted/Written: 08/13/2008 09:18:48 PM
    Event ID/Source: 4353 / EventSystem
    Event Description:
    Le système d'événements de COM+ a tenté de déclencher l'événement EventObjectChange::ChangedSubscription mais a reçu un code d'erreur. HRESULT : 80040201.

    Event Record #/Type26142 / Warning
    Event Submitted/Written: 08/13/2008 09:18:48 PM
    Event ID/Source: 4356 / EventSystem
    Event Description:
    Le système d'événements de COM+ n'a pas pu créer d'instance de l'abonné partition:{41E90F3E-56C1-4633-81C3-6E8BAC8BDD70}!new:{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}. CoGetObject a renvoyé HRESULT 80070424.

    Event Record #/Type26139 / Warning
    Event Submitted/Written: 08/13/2008 09:18:47 PM
    Event ID/Source: 4353 / EventSystem
    Event Description:
    Le système d'événements de COM+ a tenté de déclencher l'événement EventObjectChange::ChangedSubscription mais a reçu un code d'erreur. HRESULT : 80040201.

    Event Record #/Type26138 / Warning
    Event Submitted/Written: 08/13/2008 09:18:47 PM
    Event ID/Source: 4356 / EventSystem
    Event Description:
    Le système d'événements de COM+ n'a pas pu créer d'instance de l'abonné partition:{41E90F3E-56C1-4633-81C3-6E8BAC8BDD70}!new:{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}. CoGetObject a renvoyé HRESULT 80070424.

    Event Record #/Type26122 / Success
    Event Submitted/Written: 08/13/2008 09:11:55 PM
    Event ID/Source: 12001 / usnjsvc
    Event Description:
    The Messenger Sharing USN Journal Reader service started successfully.



    -- Security Event Log ----------------------------------------------------------

    No Errors/Warnings found.


    -- System Event Log ------------------------------------------------------------

    Event Record #/Type88390 / Error
    Event Submitted/Written: 08/13/2008 07:57:33 AM
    Event ID/Source: 1002 / Dhcp
    Event Description:
    Le bail de l'adresse IP 192.168.0.6 pour la carte réseau dont l'adresse réseau est 00184D422F18
    a été refusé par le serveur DHCP 192.168.0.1 (celui-ci a envoyé un message DHCPNACK).

    Event Record #/Type88387 / Warning
    Event Submitted/Written: 08/13/2008 07:57:29 AM
    Event ID/Source: 1003 / Dhcp
    Event Description:
    Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir
    du serveur DHCP) pour la carte réseau dont l'adresse réseau est 00184D422F18. Il s'est
    produit l'erreur suivante :
    %%1223.
    Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du
    serveur d'adresse réseau (DHCP).

    Event Record #/Type88384 / Warning
    Event Submitted/Written: 08/13/2008 07:57:18 AM
    Event ID/Source: 1003 / Dhcp
    Event Description:
    Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir
    du serveur DHCP) pour la carte réseau dont l'adresse réseau est 00184D422F18. Il s'est
    produit l'erreur suivante :
    %%1223.
    Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du
    serveur d'adresse réseau (DHCP).

    Event Record #/Type88380 / Warning
    Event Submitted/Written: 08/13/2008 07:57:08 AM
    Event ID/Source: 1003 / Dhcp
    Event Description:
    Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir
    du serveur DHCP) pour la carte réseau dont l'adresse réseau est 00184D422F18. Il s'est
    produit l'erreur suivante :
    %%1223.
    Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du
    serveur d'adresse réseau (DHCP).

    Event Record #/Type88377 / Warning
    Event Submitted/Written: 08/13/2008 07:56:58 AM
    Event ID/Source: 1003 / Dhcp
    Event Description:
    Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir
    du serveur DHCP) pour la carte réseau dont l'adr
    13 Août 2008 23:35:53

    Re,

    Télécharge Navilog (de Il-Mafioso)

    Enregistre-le sur ton Bureau.
    Installe-le en double cliquant sur navilog.exe.
    Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
    (Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)

    Une fois l'installation terminée, fais un clic droit sur le raccourci navilog1 puis choisis "Exécuter en tant qu'administrateur". ( Pour Vista)

    Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
    ! N'utilise pas l'option 2,3 et 4 sans notre accord !
    Patiente jusqu'à l'apparition de ce message :
    "*** Analyse Termine le ..... ***"
    Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste le rapport ici.

    Le rapport se trouve ici :C:\fixnavi.txt

    ;) 
    14 Août 2008 20:27:51

    Search Navipromo version 3.6.3 commencé le 14/08/2008 à 20:22:36,43

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!
    !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

    Outil exécuté depuis C:\Program Files\navilog1
    Session actuelle : "YANN"

    Mise à jour le 09.08.2008 à 18h00 par IL-MAFIOSO


    Microsoft Windows XP [version 5.1.2600]
    Internet Explorer : 6.0.2900.2180
    Système de fichiers : NTFS

    Recherche executé en mode normal

    *** Recherche Programmes installés ***


    *** Recherche dossiers dans "C:\WINDOWS" ***


    *** Recherche dossiers dans "C:\Program Files" ***


    *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


    *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


    *** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***


    *** Recherche dossiers dans "C:\Documents and Settings\YANN\applic~1" ***


    *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***


    *** Recherche dossiers dans "C:\Documents and Settings\YANN\locals~1\applic~1" ***


    *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***


    *** Recherche dossiers dans "C:\Documents and Settings\YANN\menudm~1\progra~1" ***

    ...\InternetGameBox trouvé !

    *** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***


    *** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
    pour + d'infos : http://www.gmer.net



    *** Recherche avec GenericNaviSearch ***
    !!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
    !!! A vérifier impérativement avant toute suppression manuelle !!!

    * Recherche dans "C:\WINDOWS\system32" *

    * Recherche dans "C:\Documents and Settings\YANN\locals~1\applic~1" *

    * Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *



    *** Recherche fichiers ***



    *** Recherche clés spécifiques dans le Registre ***


    *** Module de Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Recherche nouveaux fichiers Instant Access :


    2)Recherche Heuristique :

    * Dans "C:\WINDOWS\system32" :


    * Dans "C:\Documents and Settings\YANN\locals~1\applic~1" :


    * Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :


    3)Recherche Certificats :

    Certificat Egroup absent !
    Certificat Electronic-Group absent !
    Certificat Montorgueil absent !
    Certificat OOO-Favorit absent !
    Certificat Sunny-Day-Design-Ltd absent !

    4)Recherche fichiers connus :



    *** Analyse terminée le 14/08/2008 à 20:26:39,56 ***
    15 Août 2008 11:31:00

    Re,

    Double clique sur le raccourci de navilog1.
    Option 2 puis valide. (entrée)
    Laisse toi guider.
    Ton ordinateur va redémarrer, sinon fais le manuellement.

    Ton bureau va disparaître.

    Patiente jusqu'à l'apparition de ce message :
    "*** Nettoyage Termine le ..... ***"

    Appuie sur une touche comme demandé, le Bloc-notes va s'ouvrir.
    Sauvegarde le rapport.
    Referme le Bloc-notes. Ton bureau va maintenant réapparaître.

    Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
    Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
    Tapes explorer et valide. Cela te fera apparaitre ton bureau


    Démarrer -> panneau de configuration -> options internet
    Clique sur l'onglet "Contenu" puis onglet "Certificats" et si tu trouves ceci, en particulier dans "éditeurs approuvés" :

    Montorgueil ; VIP

    ~~> Supprime-les si présents ! (pas les autres) <~~

    Poste le rapport sauvegardé auparavant (C:\cleannavi.txt)
    Ainsi qu'un nouveau rapport Hijackthis.

    +++++++++++

    Les programmes suivants installent cette infection :

    * Favorit
    * Go-astro
    * GoRecord
    * HotTVPlayer
    * MailSkinner
    * Messenger Skinner
    * Instant Access
    * InternetGameBox
    * sudoplanet
    * Webmediaplayer : sauf celui provenant du site suivant > http://www.azertysite.new.fr/
    * Sur le site www.games-desktop.com (Ne pas aller dessus!)

    ;) 
    15 Août 2008 11:46:42

    Montorgueil ; VIP => je ne les ai pas trouvé.

    Clean Navipromo version 3.6.3 commencé le 15/08/2008 à 11:37:25,80

    Outil exécuté depuis C:\Program Files\navilog1
    Session actuelle : "YANN"

    Mise à jour le 09.08.2008 à 18h00 par IL-MAFIOSO


    Microsoft Windows XP [version 5.1.2600]
    Internet Explorer : 6.0.2900.2180
    Système de fichiers : NTFS

    Mode suppression automatique
    avec prise en charge résultats Catchme et GNS


    Nettoyage exécuté au redémarrage de l'ordinateur


    *** fsbl1.txt non trouvé ***
    (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)


    *** Suppression avec sauvegardes résultats GenericNaviSearch ***

    * Suppression dans "C:\WINDOWS\System32" *


    * Suppression dans "C:\Documents and Settings\YANN\locals~1\applic~1" *


    * Suppression dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *


    *** Suppression dossiers dans "C:\WINDOWS" ***


    *** Suppression dossiers dans "C:\Program Files" ***


    *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


    *** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\YANN\applic~1" ***


    *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\YANN\locals~1\applic~1" ***


    *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***


    *** Suppression dossiers dans "C:\Documents and Settings\YANN\menudm~1\progra~1" ***

    ...\InternetGamebox ...suppression...
    ...\InternetGamebox supprimé !


    *** Suppression dossiers dans "C:\DOCUME~1\ADMINI~1\menudm~1\progra~1" ***



    *** Suppression fichiers ***


    *** Suppression fichiers temporaires ***

    Nettoyage contenu C:\WINDOWS\Temp effectué !
    Nettoyage contenu C:\Documents and Settings\YANN\locals~1\Temp effectué !

    *** Traitement Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

    2)Recherche, création sauvegardes et suppression Heuristique :


    * Dans "C:\WINDOWS\system32" *


    * Dans "C:\Documents and Settings\YANN\locals~1\applic~1" *


    * Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *


    *** Sauvegarde du Registre vers dossier Safebackup ***

    sauvegarde du Registre réalisée avec succès !

    *** Nettoyage Registre ***

    Nettoyage Registre Ok


    *** Certificats ***

    Certificat Egroup absent !
    Certificat Electronic-Group absent !
    Certificat Montorgueil absent !
    Certificat OOO-Favorit absent !
    Certificat Sunny-Day-Design-Ltdt absent !

    *** Nettoyage terminé le 15/08/2008 à 11:40:56,50 ***

    Voici le cleanavi,
    Et maintenant le hijackthis :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:46:30, on 15/08/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\WINDOWS\system32\ElkCtrl.exe
    C:\Program Files\Logitech\Video\CameraAssistant.exe
    C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\WINDOWS\system32\SysMonitor.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\rnathchk.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
    O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
    O4 - HKLM\..\Run: [FlashGet] "C:\Program Files\FlashGet\FlashGet.exe" /min
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
    O4 - HKCU\..\Run: [Steam] K:\Steam\Steam.exe -silent
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: Warkeys Update.lnk = C:\Program Files\Warkeys\update\Warkeys Update.exe
    O4 - Global Startup: Acer Empowering Technology.lnk = ?
    O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
    O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.ca...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

    --
    End of file - 11927 bytes
    16 Août 2008 11:54:45

    :hello:  Bonjour,

    Vas dans le menu démarrer -> exécuter et tu tapes : services.msc

    Cherche le service suivant : Boonty Games
    Double clic dessus : dans le champ "Status du service" mets-le sur "arrêté".
    Dans le champ "Type de démarrage" mets-le sur "désactivé" puis "Appliquer" puis "ok".
    Quitte les services.
    Passe par hijackthis :" Misc Tools Section"=> "Delete an NT service" et tu rentre le nom du service dans la case: Boonty Games et tu cliques sur "ok".

    ***

    Cette manipulation est importante, il est nécessaire de la faire, sauf si tu tiens réellement à Avast!, dans ce cas-là fais-le moi savoir.

    Désinstalle via Ajout/Suppression de Programmes (si présents) :
  • Avast!

    Télécharge et exécute : http://www.avast.com/eng/avast-uninstall-utility.html

    Télécharge Ccleaner sur ton Bureau.

  • Clique sur "download the latest version"
  • Installe-le en laissant seulement les options suivantes cochées :
    - Ajouter un raccourci sur le Bureau
    - Contrôler automatiquement les mises à jour de CCleaner
  • Lance le Nettoyage
  • Clique sur Chercher des erreurs et sauvegarde si tu le souhaites.

    Aide : Comment utiliser CCleaner.

    ***************

    Télécharge AntiVir sur ton Bureau.

  • Double clique sur l'exécutable téléchargé pour lancer l'installation.
  • A la fin de l'installation, clique sur Finish.
  • Ouvre Antivir, assure-toi qu'il soit bien à jour !
  • Dans l'onglet Local Protection, choisis Scanner.
  • Active la recherche de rootkits via le + de rootkit search, puis dans manual selection, coche tout (tes partitions de disque dur).
  • Clique sur la loupe du milieu pour lancer le scan en tant qu'Administrateur.
  • Poste moi le rapport généré : Pour cela, clique sur l'onglet Overview, puis choisis Reports, tu trouveras son rapport..

    Note : Pour une éradication des menaces plus efficaces, lance le scan en mode sans échec.

    Pourquoi changer ? Avast vs Antivir.

    Aide : Comment installer et utiliser AntiVir.

    ;) 
    17 Août 2008 11:12:57

    Je ne peut pas poster le rapport car il est trop gros, je te l'envoie par mail ??
    19 Août 2008 18:24:57

    Bah j'l'ai mis mais apres j'sais pas quoi faire :) .
    20 Août 2008 00:50:51

    Bah tu me donnes le lien de téléchargement que je puisse le télécharger et l'analyser ;) 
    22 Août 2008 12:16:00

    Re,

    Poste un nouveau rapport HijackThis et dis-moi comment va le PC.

    Toujours des problèmes ?

    ;) 
    22 Août 2008 20:22:13

    toujours des ralentissements quand je veut supprimer quelque chose il met une heure avant d'ouvrir la fenetre si je veut réellement supprimer.
    Par contre plus de pub, ca j'te remercie.
    :) .

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:21:38, on 22/08/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\rnathchk.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\WINDOWS\system32\ElkCtrl.exe
    C:\Program Files\Logitech\Video\CameraAssistant.exe
    C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\WINDOWS\system32\SysMonitor.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
    C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Real\RealOne Player\realplay.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
    O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
    O4 - HKLM\..\Run: [FlashGet] "C:\Program Files\FlashGet\FlashGet.exe" /min
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [Steam] K:\Steam\Steam.exe -silent
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: Warkeys Update.lnk = C:\Program Files\Warkeys\update\Warkeys Update.exe
    O4 - Global Startup: Acer Empowering Technology.lnk = ?
    O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
    O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.ca...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

    --
    End of file - 11761 bytes
    23 Août 2008 00:51:25

    Re,

    On va regarder ça ;) 

    Je te conseille d'installer un parefeu pour renforcer la sécurité de ton PC, sauf si c'est déjà.

    Je te conseille de désinstaller Ad-aware, il n'est pas terrible, prends plutôt Spybot Search and Destroy à la place pour la protection résidente et MalwareByte's Anti-Malware pour les scans hebdomadaires.

    ***

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.
    Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

    Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
    AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM

    ;) 
    24 Août 2008 22:10:58

    Malwarebytes' Anti-Malware 1.25
    Version de la base de données: 1080
    Windows 5.1.2600 Service Pack 2

    14:48:57 24/08/2008
    mbam-log-08-24-2008 (14-48-57).txt

    Type de recherche: Examen complet (C:\|D:\|K:\|)
    Eléments examinés: 162413
    Temps écoulé: 1 hour(s), 11 minute(s), 9 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 1

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\WINDOWS\photos.zip (Backdoor.Bot) -> Quarantined and deleted successfully.


    25 Août 2008 12:42:48

    Re,

    Télécharge OTViewIt et sauvegarde-le sur ton bureau.
  • Ferme toutes les fenêtres et double-clique sur l'icône d'OTviewIT pour l'ouvrir.
  • Clique sur le bouton Run Scan et laisse le programme travailler sans l'interrompre.
  • Il va produire deux rapports, l'un nommé OTViewIt.txt, et un autre nommé Extras qui sera sauvegardé sur ton bureau. Merci de me poster les deux rapports dans ta prochaine réponse.
  • Un rapport par message ! Merci.

    ;) 
    25 Août 2008 19:56:23

    OTViewIt logfile created on: 25/08/2008 19:54:49 - Run 1
    OTViewIt by OldTimer - Version 1.0.0.11 Folder = C:\Documents and Settings\YANN\Bureau
    Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 6.0.2900.2180)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    767,48 Mb Total Physical Memory | 406,52 Mb Available Physical Memory | 52,97% Memory free
    1,83 Gb Paging File | 1,32 Gb Available in Paging File | 72,14% Paging File free
    Paging file location(s): C:\pagefile.sys 1152 2304;

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 48,83 Gb Total Space | 14,57 Gb Free Space | 29,83% Space Free | Partition Type: NTFS
    Drive D: | 113,76 Gb Total Space | 21,06 Gb Free Space | 18,51% Space Free | Partition Type: NTFS
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded
    Drive K: | 64,45 Gb Total Space | 34,86 Gb Free Space | 54,09% Space Free | Partition Type: NTFS

    Computer Name: YANN
    Current User Name: YANN
    Logged in as Administrator.
    Current Boot Mode: Normal
    Scan Mode: Current user

    ===== Processes - Non-Microsoft Only =====

    [09/01/2005 02:11 PM | 00,081,920 | ---- | M] (Logitech Inc.) - c:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcSrv.exe
    [06/12/2008 02:46 PM | 00,068,865 | ---- | M] (Avira GmbH) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    [05/11/2006 04:22 PM | 00,028,672 | ---- | M] (Acer Inc.) - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    [08/17/2008 10:28 AM | 00,149,761 | ---- | M] (Avira GmbH) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    [02/24/2008 06:15 PM | 00,312,880 | ---- | M] (GRISOFT s.r.o.) - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    [02/17/2006 03:26 PM | 00,073,728 | ---- | M] (Hewlett-Packard Company) - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    [07/12/2006 12:19 AM | 00,155,715 | ---- | M] (NVIDIA Corporation) - C:\WINDOWS\system32\nvsvc32.exe
    [08/03/2006 06:29 PM | 00,100,032 | ---- | M] (Symantec Corporation) - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    [05/11/2008 08:25 PM | 00,151,597 | ---- | M] (RealNetworks, Inc.) - C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    [02/22/2008 04:25 AM | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) - C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    [06/01/2006 02:48 AM | 16,208,384 | ---- | M] (Realtek Semiconductor Corp.) - C:\WINDOWS\RTHDCPL.exe
    [09/01/2006 03:57 PM | 00,282,624 | ---- | M] (Apple Computer, Inc.) - C:\Program Files\QuickTime\qttask.exe
    [09/01/2005 02:04 PM | 00,221,184 | ---- | M] (Logitech Inc.) - C:\WINDOWS\system32\LVCOMSX.EXE
    [11/01/2004 07:22 PM | 00,262,144 | ---- | M] (Logitech Inc.) - C:\WINDOWS\system32\ElkCtrl.exe
    [09/07/2005 07:33 AM | 00,434,176 | ---- | M] (Logitech Inc.) - C:\Program Files\Logitech\Video\CameraAssistant.exe
    [06/01/2006 03:40 PM | 00,413,696 | ---- | M] (Acer Inc.) - C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
    [03/17/2006 04:00 PM | 00,345,088 | ---- | M] (HiTRUST) - C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    [04/18/2006 08:54 PM | 00,049,152 | ---- | M] ( ) - C:\WINDOWS\system32\SysMonitor.exe
    [06/12/2008 02:28 PM | 00,266,497 | ---- | M] (Avira GmbH) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    [08/18/2008 06:41 PM | 01,832,272 | RHS- | M] (Safer Networking Limited) - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    [11/16/2005 08:25 PM | 00,745,472 | ---- | M] (X-Micro Technology Corp.) - C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
    [05/17/2006 05:05 PM | 02,297,856 | ---- | M] () - C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
    [05/11/2008 08:25 PM | 00,057,389 | ---- | M] (RealNetworks, Inc.) - C:\Program Files\Fichiers communs\Real\Update_OB\rnathchk.exe
    [08/25/2008 07:54 PM | 01,299,968 | ---- | M] (OldTimer Tools) - C:\Documents and Settings\YANN\Bureau\OTViewIt.exe

    ===== Win32 Services - Non-Microsoft Only =====

    (AcerMemUsageCheckService) Memory Check Service [Auto | Running]
    [05/11/2006 04:22 PM | 00,028,672 | ---- | M] (Acer Inc.) - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe

    (Adobe LM Service) Adobe LM Service [On_Demand | Stopped]
    [01/13/2007 08:16 PM | 00,072,704 | ---- | M] (Adobe Systems) - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

    (AntiVirScheduler) Avira AntiVir Personal - Free Antivirus Scheduler [Auto | Running]
    [06/12/2008 02:46 PM | 00,068,865 | ---- | M] (Avira GmbH) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

    (AntiVirService) Avira AntiVir Personal - Free Antivirus Guard [Auto | Running]
    [08/17/2008 10:28 AM | 00,149,761 | ---- | M] (Avira GmbH) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

    (AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Auto | Running]
    [02/24/2008 06:15 PM | 00,312,880 | ---- | M] (GRISOFT s.r.o.) - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

    (dmadmin) Service d'administration du Gestionnaire de disque logique [On_Demand | Stopped]
    [08/10/2004 10:00 PM | 00,225,280 | ---- | M] (Microsoft Corp., Veritas Software) - C:\WINDOWS\system32\dmadmin.exe

    (IDriverT) InstallDriver Table Manager [On_Demand | Stopped]
    [11/14/2005 02:06 AM | 00,069,632 | ---- | M] (Macrovision Corporation) - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe

    (iPod Service) Service de l'iPod [On_Demand | Stopped]
    File not found - C:\Program Files\iPod\bin\iPodService.exe

    (LightScribeService) LightScribeService Direct Disc Labeling Service [Auto | Running]
    [02/17/2006 03:26 PM | 00,073,728 | ---- | M] (Hewlett-Packard Company) - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

    (LiveUpdate) LiveUpdate [On_Demand | Stopped]
    [08/03/2006 06:29 PM | 02,119,360 | ---- | M] (Symantec Corporation) - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE

    (LVPrcSrv) Logitech Process Monitor [Auto | Running]
    [09/01/2005 02:11 PM | 00,081,920 | ---- | M] (Logitech Inc.) - c:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcSrv.exe

    (NBService) NBService [On_Demand | Stopped]
    [08/08/2006 10:15 PM | 00,208,896 | ---- | M] (Nero AG) - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

    (NVSvc) NVIDIA Display Driver Service [Auto | Running]
    [07/12/2006 12:19 AM | 00,155,715 | ---- | M] (NVIDIA Corporation) - C:\WINDOWS\system32\nvsvc32.exe

    (Planificateur LiveUpdate automatique) Planificateur LiveUpdate automatique [Auto | Running]
    [08/03/2006 06:29 PM | 00,100,032 | ---- | M] (Symantec Corporation) - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

    ===== Driver Services - Non-Microsoft Only =====

    (AegisP) AEGIS Protocol (IEEE 802.1x) v3.4.5.0 [Auto | Running]
    [12/31/2006 02:58 PM | 00,021,035 | ---- | M] (Meetinghouse Data Communications) - C:\WINDOWS\system32\drivers\AegisP.sys

    (AmdK8) Pilote de processeur AMD [System | Running]
    [06/18/2006 11:40 PM | 00,043,520 | ---- | M] (Advanced Micro Devices) - C:\WINDOWS\system32\drivers\AmdK8.sys

    (AVG Anti-Spyware Driver) AVG Anti-Spyware Driver [System | Running]
    [02/24/2008 06:15 PM | 00,011,000 | ---- | M] () - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys

    (AvgAsCln) AVG Anti-Spyware Clean Driver [System | Running]
    [09/05/2006 06:03 PM | 00,003,968 | ---- | M] (GRISOFT, s.r.o.) - C:\WINDOWS\system32\drivers\AvgAsCln.sys

    (avgio) avgio [System | Running]
    [02/27/2007 03:25 PM | 00,011,840 | ---- | M] (Avira GmbH) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys

    (avgntflt) avgntflt [On_Demand | Running]
    [05/20/2008 04:29 PM | 00,052,032 | ---- | M] (Avira GmbH) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys

    (avipbb) avipbb [System | Running]
    [06/27/2008 03:03 PM | 00,075,072 | ---- | M] (Avira GmbH) - C:\WINDOWS\system32\drivers\avipbb.sys

    (catchme) catchme [On_Demand | Stopped]
    File not found - C:\DOCUME~1\YANN\LOCALS~1\Temp\catchme.sys

    (dmboot) dmboot [Disabled | Stopped]
    [08/10/2004 10:00 PM | 00,800,256 | ---- | M] (Microsoft Corp., Veritas Software) - C:\WINDOWS\system32\drivers\dmboot.sys

    (dmio) Pilote de Gestionnaire de disque logique [Boot | Running]
    [08/10/2004 10:00 PM | 00,154,496 | ---- | M] (Microsoft Corp., Veritas Software) - C:\WINDOWS\system32\drivers\dmio.sys

    (dmload) dmload [Boot | Running]
    [08/10/2004 10:00 PM | 00,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\drivers\dmload.sys

    (eeCtrl) Symantec Eraser Control driver [System | Running]
    [02/06/2007 11:00 AM | 00,383,800 | ---- | M] (Symantec Corporation) - C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys

    (FilterService) UVC Filter Service [On_Demand | Stopped]
    [09/01/2005 09:27 PM | 00,014,080 | R--- | M] (Logitech Inc.) - C:\WINDOWS\system32\drivers\lvuvcflt.sys

    (hamachi) Hamachi Network Interface [On_Demand | Stopped]
    [01/15/2007 07:23 PM | 00,017,480 | ---- | M] (LogMeIn, Inc.) - C:\WINDOWS\system32\drivers\hamachi.sys

    (HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [On_Demand | Running]
    [01/07/2005 05:07 PM | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) - C:\WINDOWS\system32\drivers\Hdaudbus.sys

    (imagedrv) imagedrv [Boot | Running]
    [08/15/2005 01:08 PM | 00,005,888 | ---- | M] (Ahead Software AG) - C:\WINDOWS\system32\drivers\imagedrv.sys

    (imagesrv) imagesrv [Boot | Running]
    [08/15/2005 01:08 PM | 00,127,488 | ---- | M] (Ahead Software AG) - C:\WINDOWS\system32\drivers\imagesrv.sys

    (int15.sys) int15.sys [On_Demand | Running]
    [01/13/2005 03:46 PM | 00,069,632 | ---- | M] () - C:\Acer\Empowering Technology\eRecovery\int15.sys

    (IntcAzAudAddService) Service for Realtek HD Audio (WDM) [On_Demand | Running]
    [06/05/2006 10:09 PM | 04,284,928 | ---- | M] (Realtek Semiconductor Corp.) - C:\WINDOWS\system32\drivers\RtkHDAud.Sys

    (Lvckap) Logitech Kernel Audio Processing Filter Driver [On_Demand | Stopped]
    [09/01/2005 02:09 PM | 02,169,984 | ---- | M] () - C:\WINDOWS\system32\drivers\Lvckap.sys

    (lvmvdrv) Logitech Machine Vision Engine Loader [On_Demand | Stopped]
    [09/01/2005 02:11 PM | 01,912,064 | ---- | M] () - C:\WINDOWS\system32\drivers\LVMVdrv.sys

    (LVPrcMon) Logitech LVPrcMon Driver [On_Demand | Running]
    [09/01/2005 02:11 PM | 00,016,768 | ---- | M] () - C:\WINDOWS\system32\drivers\LVPrcMon.sys

    (LVUSBSta) Logitech USB Monitor Filter [On_Demand | Stopped]
    [09/01/2005 09:20 PM | 00,022,528 | R--- | M] (Logitech Inc.) - C:\WINDOWS\system32\drivers\LVUSBSta.sys

    (LVUVC) Logitech QuickCam Pro 5000(UVC) [On_Demand | Stopped]
    [09/01/2005 09:24 PM | 01,081,856 | R--- | M] (Logitech Inc.) - C:\WINDOWS\system32\drivers\lvuvc.sys

    (ManyCam) ManyCam Virtual Webcam, WDM Video Capture Driver [On_Demand | Stopped]
    File not found - C:\WINDOWS\System32\DRIVERS\ManyCam.sys

    (NTIDrvr) Upper Class Filter Driver [On_Demand | Running]
    [08/11/2006 07:52 PM | 00,006,144 | ---- | M] (NewTech Infosystems, Inc.) - C:\WINDOWS\system32\drivers\NTIDrvr.sys

    (nv) nv [On_Demand | Running]
    [07/12/2006 12:19 AM | 03,934,592 | ---- | M] (NVIDIA Corporation) - C:\WINDOWS\system32\drivers\nv4_mini.sys

    (nvatabus) nvatabus [Boot | Running]
    [06/28/2006 07:38 PM | 00,105,088 | ---- | M] (NVIDIA Corporation) - C:\WINDOWS\system32\drivers\nvatabus.sys

    (nvraid) NVIDIA nForce(tm) RAID Class Driver [Boot | Running]
    [06/28/2006 07:39 PM | 00,089,344 | ---- | M] (NVIDIA Corporation) - C:\WINDOWS\system32\drivers\nvraid.sys

    (PQNTDrv) PQNTDrv [System | Running]
    [09/16/2002 07:07 PM | 00,004,228 | ---- | M] (PowerQuest Corporation) - C:\WINDOWS\System32\drivers\PQNTDRV.sys

    (psdfilter) psdfilter [On_Demand | Running]
    [04/07/2006 09:17 PM | 00,012,288 | ---- | M] (HiTRUST) - C:\WINDOWS\system32\drivers\psdfilter.sys

    (psdvdisk) psdvdisk [On_Demand | Running]
    [03/08/2006 06:10 PM | 00,060,416 | ---- | M] (HiTRUST) - C:\WINDOWS\system32\drivers\psdvdisk.sys

    (Ptilink) Pilote de liaison parallèle directe [On_Demand | Running]
    [08/10/2004 10:00 PM | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) - C:\WINDOWS\system32\drivers\ptilink.sys

    (PxHelp20) PxHelp20 [Boot | Running]
    [08/16/2007 12:33 AM | 00,043,528 | ---- | M] (Sonic Solutions) - C:\WINDOWS\system32\drivers\pxhelp20.sys

    (RTLWUSB) NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver [On_Demand | Running]
    [03/27/2006 06:53 PM | 00,167,808 | ---- | M] (NETGEAR Inc.) - C:\WINDOWS\system32\drivers\wg111v2.sys

    (Secdrv) Secdrv [On_Demand | Stopped]
    [11/13/2007 12:25 PM | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) - C:\WINDOWS\system32\drivers\secdrv.sys

    (sptd) sptd [Boot | Running]
    [06/04/2008 08:42 PM | 00,717,296 | ---- | M] () - C:\WINDOWS\system32\drivers\sptd.sys

    (ssmdrv) ssmdrv [System | Running]
    [03/01/2007 10:34 AM | 00,028,352 | ---- | M] (Avira GmbH) - C:\WINDOWS\system32\drivers\ssmdrv.sys

    (UBHelper) UBHelper [Boot | Running]
    [12/17/2004 04:14 AM | 00,013,952 | ---- | M] () - C:\WINDOWS\System32\drivers\UBHelper.sys

    (yukonwxp) NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller [On_Demand | Running]
    [06/29/2006 10:53 AM | 00,244,864 | ---- | M] (Marvell) - C:\WINDOWS\system32\drivers\yk51x86.sys

    (ZD1211BU(ZyDAS)) ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS) [On_Demand | Stopped]
    [10/28/2005 11:38 AM | 00,402,432 | ---- | M] (ZyDAS Technology Corporation) - C:\WINDOWS\system32\drivers\ZD1211BU.sys

    (ZD1211U(ZyDAS)) ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS) [On_Demand | Stopped]
    [10/04/2005 03:38 PM | 00,280,064 | ---- | M] (ZyDAS Technology Corporation) - C:\WINDOWS\system32\drivers\ZD1211U.sys

    (ZDPSp50) ZDPSp50 NDIS Protocol Driver [On_Demand | Running]
    [10/25/2004 01:40 PM | 00,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) - C:\WINDOWS\system32\drivers\ZDPSp50.sys

    ===== Run Keys =====

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Acer Empowering Technology Monitor" = C:\WINDOWS\system32\SysMonitor.exe [04/18/2006 08:54 PM | 00,049,152 | ---- | M] ( )
    "Alcmtr" = ALCMTR.EXE [05/03/2005 04:43 AM | 00,069,632 | ---- | M] (Realtek Semiconductor Corp.)
    "avgnt" = "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min [06/12/2008 02:28 PM | 00,266,497 | ---- | M] (Avira GmbH)
    "eDataSecurity Loader" = C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1 [03/17/2006 04:00 PM | 00,345,088 | ---- | M] (HiTRUST)
    "eRecoveryService" = C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [06/01/2006 03:40 PM | 00,413,696 | ---- | M] (Acer Inc.)
    "FlashGet" = "C:\Program Files\FlashGet\FlashGet.exe" /min File not found
    "LaunchApp" = Alaunch [03/16/2006 06:56 AM | 00,524,288 | ---- | M] (Acer Inc.)
    "LogitechCameraAssistant" = C:\Program Files\Logitech\Video\CameraAssistant.exe [09/07/2005 07:33 AM | 00,434,176 | ---- | M] (Logitech Inc.)
    "LogitechCameraService(E)" = C:\WINDOWS\system32\ElkCtrl.exe /automation [11/01/2004 07:22 PM | 00,262,144 | ---- | M] (Logitech Inc.)
    "LogitechVideo[inspector]" = C:\Program Files\Logitech\Video\InstallHelper.exe /inspect [09/07/2005 07:39 AM | 00,073,728 | ---- | M] (Logitech Inc.)
    "LVCOMSX" = C:\WINDOWS\system32\LVCOMSX.EXE [09/01/2005 02:04 PM | 00,221,184 | ---- | M] (Logitech Inc.)
    "MSPY2002" = C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC [08/10/2004 10:00 PM | 00,059,392 | ---- | M] ()
    "NeroFilterCheck" = C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [01/12/2006 05:40 PM | 00,155,648 | ---- | M] (Nero AG)
    "ntiMUI" = c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [05/11/2005 05:15 PM | 00,045,056 | ---- | M] ()
    "NvCplDaemon" = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [07/12/2006 12:19 AM | 07,626,752 | ---- | M] (NVIDIA Corporation)
    "NvMediaCenter" = RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit [07/12/2006 12:19 AM | 00,086,016 | ---- | M] (NVIDIA Corporation)
    "nwiz" = nwiz.exe /install [07/12/2006 12:19 AM | 01,519,616 | ---- | M] ()
    "QuickTime Task" = "C:\Program Files\QuickTime\qttask.exe" -atboottime [09/01/2006 03:57 PM | 00,282,624 | ---- | M] (Apple Computer, Inc.)
    "RTHDCPL" = RTHDCPL.EXE [06/01/2006 02:48 AM | 16,208,384 | ---- | M] (Realtek Semiconductor Corp.)
    "SkyTel" = SkyTel.EXE [05/16/2006 04:04 AM | 02,879,488 | ---- | M] (Realtek Semiconductor Corp.)
    "SunJavaUpdateSched" = "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM | 00,144,784 | ---- | M] (Sun Microsystems, Inc.)
    "TkBellExe" = C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot [05/11/2008 08:25 PM | 00,151,597 | ---- | M] (RealNetworks, Inc.)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "load" = Reg Error: Value load does not exist or could not be read.
    "run" = Reg Error: Value run does not exist or could not be read.

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun [04/01/2008 11:39 AM | 00,486,856 | ---- | M] (DT Soft Ltd)
    "LogitechSoftwareUpdate" = "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot [01/18/2005 06:07 PM | 00,196,608 | ---- | M] (Logitech Inc.)
    "SpybotSD TeaTimer" = C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [08/18/2008 06:41 PM | 01,832,272 | RHS- | M] (Safer Networking Limited)
    "Steam" = K:\Steam\Steam.exe -silent File not found

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "load" =
    "run" = Reg Error: Value run does not exist or could not be read.

    ===== Startup Folders =====

    [All Users Startup Folder - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage]
    [06/01/2006 06:51 PM | 00,045,056 | ---- | M] (Acer Inc.) - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
    [11/16/2005 08:25 PM | 00,745,472 | ---- | M] (X-Micro Technology Corp.) - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
    [12/14/2004 04:44 AM | 00,029,696 | ---- | M] (Adobe Systems Incorporated) - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    [05/17/2006 05:05 PM | 02,297,856 | ---- | M] () - C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe

    [YANN Startup Folder - C:\Documents and Settings\YANN\Menu Démarrer\Programmes\Démarrage]
    [03/16/2005 08:16 PM | 00,113,664 | ---- | M] (Adobe Systems, Inc.) - C:\Documents and Settings\YANN\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    [08/03/2006 10:54 PM | 00,225,411 | ---- | M] () - C:\Documents and Settings\YANN\Menu Démarrer\Programmes\Démarrage\Warkeys Update.lnk = C:\Program Files\Warkeys\update\Warkeys Update.exe

    ===== BHO's =====

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
    HKLM CLSID: (Yahoo! Toolbar Helper) - File not found C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    HKLM CLSID: (AcroIEHlprObj Class) - [12/14/2004 01:56 AM | 00,063,136 | ---- | M] (Adobe Systems Incorporated) c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    HKLM CLSID: (Spybot-S&D IE Protection) - [08/14/2008 01:39 PM | 01,562,448 | ---- | M] (Safer Networking Limited) C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    HKLM CLSID: (SSVHelper Class) - [02/22/2008 04:25 AM | 00,509,328 | ---- | M] (Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
    HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened.

    ===== Toolbars =====

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
    "{5CBE3B7C-1E47-477e-A7DD-396DB0476E29}"
    HKLM CLSID: (Acer eDataSecurity Management) - [03/08/2006 11:44 PM | 00,106,496 | ---- | M] (HiTRUST) C:\WINDOWS\system32\eDStoolbar.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
    "{E0E899AB-F487-11D5-8D29-0050BA6940E3}"
    HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened.

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
    "{EF99BD32-C1FB-11D2-892F-0090271D4F88}"
    HKLM CLSID: (Yahoo! Toolbar avec bloqueur de fenêtres pop-up) - File not found C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]

    "{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}"
    HKLM CLSID: (Acer eDataSecurity Management) - [03/08/2006 11:44 PM | 00,106,496 | ---- | M] (HiTRUST) C:\WINDOWS\system32\eDStoolbar.dll

    "{C4069E3A-68F1-403E-B40E-20066696354B}"
    HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened.

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

    "{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}"
    HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened.

    "{C4069E3A-68F1-403E-B40E-20066696354B}"
    HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened.

    ===== Policies =====

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
    "dontdisplaylastusername" = 0
    "legalnoticecaption" =
    "legalnoticetext" =
    "shutdownwithoutlogon" = 1
    "undockwithoutlogon" = 1
    "InstallVisualStyle" = C:\WINDOWS\Resources\Themes\Royale\Royale.mss File not found
    "InstallTheme" = C:\WINDOWS\Resources\Themes\Royale.the File not found

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
    "NoDriveTypeAutoRun" = 145

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

    ===== Desktop Components =====

    ===== Shared Task Scheduler =====

    ===== AppInit_Dlls =====

    ===== Lsa Authentication Packages =====

    ===== Lsa Security Packages =====

    ===== Authorized Applications List =====

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "%windir%\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe [08/10/2004 10:00 PM | 00,142,336 | ---- | M] (Microsoft Corporation)
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe [10/18/2007 11:34 AM | 05,724,184 | ---- | M] (Microsoft Corporation)
    "C:\Program Files\Windows Live\Messenger\livecall.exe" = C:\Program Files\Windows Live\Messenger\livecall.exe [10/02/2007 05:18 PM | 00,304,488 | ---- | M] (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "%windir%\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe [08/10/2004 10:00 PM | 00,142,336 | ---- | M] (Microsoft Corporation)
    "C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe [10/13/2004 06:24 PM | 01,694,208 | ---- | M] (Microsoft Corporation)
    "K:\Warcraft III\War3.exe" = K:\Warcraft III\War3.exe File not found
    "K:\World of Warcraft\WoW-1.12.0-frFR-downloader.exe" = K:\World of Warcraft\WoW-1.12.0-frFR-downloader.exe File not found
    "K:\Warcraft III\Warcraft III.exe" = K:\Warcraft III\Warcraft III.exe File not found
    "K:\World of Warcraft\WoW-1.12.x-to-2.0.1-frFR-patch-downloader.exe" = K:\World of Warcraft\WoW-1.12.x-to-2.0.1-frFR-patch-downloader.exe File not found
    "J:\Yann\WoW-2.0.0.5991-frFR-Installer-downloader.exe" = J:\Yann\WoW-2.0.0.5991-frFR-Installer-downloader.exe File not found
    "C:\Program Files\Real\RealOne Player\realplay.exe" = C:\Program Files\Real\RealOne Player\realplay.exe [05/11/2008 08:26 PM | 00,204,845 | ---- | M] (RealNetworks, Inc.)
    "C:\Program Files\mIRC\mirc.exe" = C:\Program Files\mIRC\mirc.exe [07/28/2006 10:11 PM | 02,109,440 | ---- | M] (mIRC Co. Ltd.)
    "K:\World of Warcraft\Repair.exe" = K:\World of Warcraft\Repair.exe [01/26/2008 09:36 PM | 00,737,960 | ---- | M] (Blizzard Entertainment, Inc.)
    "K:\Steam\SteamApps\bea31\counter-strike\hl.exe" = K:\Steam\SteamApps\bea31\counter-strike\hl.exe File not found
    "K:\Steam2\SteamApps\bea31\counter-strike\hl.exe" = K:\Steam2\SteamApps\bea31\counter-strike\hl.exe [03/08/2008 12:23 PM | 00,081,920 | ---- | M] (Valve)
    "C:\Program Files\FlashGet\flashget.exe" = C:\Program Files\FlashGet\flashget.exe File not found
    "K:\Steam2\SteamApps\bea31\condition zero\hl.exe" = K:\Steam2\SteamApps\bea31\condition zero\hl.exe [03/03/2008 08:23 PM | 00,081,920 | ---- | M] (Valve)
    "J:\patch\WoW-2.0.10.6448-to-2.0.12.6546-frFR-downloader.exe" = J:\patch\WoW-2.0.10.6448-to-2.0.12.6546-frFR-downloader.exe File not found
    "K:\Cs source\hl2.exe" = K:\Cs source\hl2.exe [10/07/2004 08:46 PM | 00,077,896 | ---- | M] ()
    "K:\Diablo II\Game.exe" = K:\Diablo II\Game.exe [11/30/2001 06:00 AM | 00,448,675 | ---- | M] (Blizzard North)
    "K:\Unreal\System\UnrealTournament.exe" = K:\Unreal\System\UnrealTournament.exe [11/30/1999 01:19 AM | 00,233,472 | ---- | M] ()
    "C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe" = C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe [08/22/2006 10:52 AM | 00,147,456 | ---- | M] (Nero AG)
    "K:\Steam2\SteamApps\ichigo35\condition zero\hl.exe" = K:\Steam2\SteamApps\ichigo35\condition zero\hl.exe [08/02/2007 11:12 AM | 00,081,920 | ---- | M] (Valve)
    "C:\Program Files\DAP\DAP.exe" = C:\Program Files\DAP\DAP.exe File not found
    "C:\Program Files\eMule\eMule.exe" = C:\Program Files\eMule\eMule.exe File not found
    "K:\Steam2\Steam.exe" = K:\Steam2\Steam.exe [02/23/2008 06:34 PM | 01,266,936 | ---- | M] (Valve Corporation)
    "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe [12/18/2006 06:32 PM | 25,365,032 | ---- | M] (Skype Technologies S.A.)
    "\\PARENT\WARCRAFT III\Warcraft III.exe" = \\PARENT\WARCRAFT III\Warcraft III.exe:*:Enabled:Warcraft III.exe
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe [10/18/2007 11:34 AM | 05,724,184 | ---- | M] (Microsoft Corporation)
    "C:\Program Files\Windows Live\Messenger\livecall.exe" = C:\Program Files\Windows Live\Messenger\livecall.exe [10/02/2007 05:18 PM | 00,304,488 | ---- | M] (Microsoft Corporation)
    "C:\Program Files\Azureus\Azureus.exe" = C:\Program Files\Azureus\Azureus.exe File not found
    "C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.icd" = C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.icd [06/15/2001 11:37 PM | 02,699,309 | ---- | M] (Microsoft Corporation)

    ===== HKLM Winlogon Settings =====

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell]
    "Explorer.exe" - [06/13/2007 03:22 PM | 01,037,312 | ---- | M] (Microsoft Corporation) C:\WINDOWS\explorer.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit]
    "C:\WINDOWS\system32\userinit.exe" - [08/10/2004 10:00 PM | 00,025,088 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\userinit.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\GinaDLL]
    "RtlGina2.dll" - [05/03/2006 06:44 PM | 00,036,864 | ---- | M] () C:\WINDOWS\system32\RtlGina2.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost]
    "logonui.exe" - [08/10/2004 10:00 PM | 00,515,584 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\logonui.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet]
    "rundll32 shell32" - [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    "Control_RunDLL "sysdm.cpl"" - [08/10/2004 10:00 PM | 00,305,152 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\sysdm.cpl

    ===== User's Winlogon Settings =====

    ===== Winlogon Notify Settings =====

    ===== Safeboot Options =====

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot]
    "AlternateShell" = cmd.exe

    ===== Disabled MsConfig Items =====

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
    "key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    "item" =
    "hkey" = HKLM
    "command" =
    "inimapping" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state]
    "system.ini" = 0
    "win.ini" = 0
    "bootini" = 0
    "services" = 0
    "startup" = 0

    ===== DNS Name Servers =====

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{3CA6E947-61A5-4C2D-BEFD-93A01EBA1C7F}]
    Servers: | Description: Generic Marvell Yukon Chipset based Ethernet Controller

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{4AC48A29-33BA-4BA2-820C-247A0D090CA4}]
    Servers: | Description: NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{5E923D33-67D8-40FA-804F-F5C634A0A5C4}]
    Servers: | Description:

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{63AA936A-7509-4526-904A-0BB50D8BE0B8}]
    Servers: | Description: Carte réseau 1394

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{9ADEA1D5-3BCF-43B5-A393-4DA5964C2C21}]
    Servers: | Description: NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter

    ===== CDRom AutoRun Settings =====

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
    "AutoRun" = 1

    ===== Autorun Files on Drives =====

    AUTOEXEC.BAT [PATH=%PATH%;C:\PROGRA~1\FICHIE~1\MUVEET~1\030625 | ]
    [08/11/2006 07:52 PM | 00,000,050 | ---- | M] () C:\AUTOEXEC.BAT [ NTFS ]

    ===== MountPoints2 =====

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0023c7f9-54c6-11dc-ae0c-00184d422f18}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0023c7f9-54c6-11dc-ae0c-00184d422f18}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0023c7f9-54c6-11dc-ae0c-00184d422f18}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{05a0322c-046e-11dd-af98-00184d422f18}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{05a0322c-046e-11dd-af98-00184d422f18}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{05a0322c-046e-11dd-af98-00184d422f18}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{15175b4b-19ce-11dd-afba-00184d422f18}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{15175b4b-19ce-11dd-afba-00184d422f18}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{15175b4b-19ce-11dd-afba-00184d422f18}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{19873d26-f240-11db-ad1b-00184d422f18}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{19873d26-f240-11db-ad1b-00184d422f18}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{19873d26-f240-11db-ad1b-00184d422f18}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21b0c989-fd7a-11dc-af92-00184d422f18}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21b0c989-fd7a-11dc-af92-00184d422f18}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21b0c989-fd7a-11dc-af92-00184d422f18}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30923606-fa73-11dc-af8d-00184d422f18}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30923606-fa73-11dc-af8d-00184d422f18}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30923606-fa73-11dc-af8d-00184d422f18}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32603322-e446-11dc-af65-00184d422f18}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32603322-e446-11dc-af65-00184d422f18}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32603322-e446-11dc-af65-00184d422f18}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32603323-e446-11dc-af65-00184d422f18}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32603323-e446-11dc-af65-00184d422f18}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32603323-e446-11dc-af65-00184d422f18}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3a218b6b-e2c6-11dc-af63-00184d422f18}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3a218b6b-e2c6-11dc-af63-00184d422f18}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3a218b6b-e2c6-11dc-af63-00184d422f18}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3a9021bd-057a-11dd-af9b-00184d422f18}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3a9021bd-057a-11dd-af9b-00184d422f18}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3a9021bd-057a-11dd-af9b-00184d422f18}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4394a920-f751-11dc-af86-00184d422f18}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4394a920-f751-11dc-af86-00184d422f18}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4394a920-f751-11dc-af86-00184d422f18}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4532dfb4-eab2-11dc-af70-00184d422f18}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4532dfb4-eab2-11dc-af70-00184d422f18}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4532dfb4-eab2-11dc-af70-00184d422f18}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{49b483e8-1489-11dd-afad-001921514ac5}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{49b483e8-1489-11dd-afad-001921514ac5}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{49b483e8-1489-11dd-afad-001921514ac5}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{576a5f3a-0062-11dc-ad44-00184d422f18}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{576a5f3a-0062-11dc-ad44-00184d422f18}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{576a5f3a-0062-11dc-ad44-00184d422f18}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{79076e42-6437-11dc-ae33-00184d422f18}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{79076e42-6437-11dc-ae33-00184d422f18}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{79076e42-6437-11dc-ae33-00184d422f18}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7eb8e03c-41eb-11dc-adda-00184d422f18}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7eb8e03c-41eb-11dc-adda-00184d422f18}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7eb8e03c-41eb-11dc-adda-00184d422f18}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7eb8e03d-41eb-11dc-adda-00184d422f18}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7eb8e03d-41eb-11dc-adda-00184d422f18}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7eb8e03d-41eb-11dc-adda-00184d422f18}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7ffe0372-4269-11dc-addb-00184d422f18}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7ffe0372-4269-11dc-addb-00184d422f18}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7ffe0372-4269-11dc-addb-00184d422f18}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7ffe0373-4269-11dc-addb-00184d422f18}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7ffe0373-4269-11dc-addb-00184d422f18}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7ffe0373-4269-11dc-addb-00184d422f18}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{84cf2ee8-9157-11dc-aea4-001921514ac5}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{84cf2ee8-9157-11dc-aea4-001921514ac5}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{84cf2ee8-9157-11dc-aea4-001921514ac5}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9b9937b0-1be0-11dc-ad9d-00184d422f18}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9b9937b0-1be0-11dc-ad9d-00184d422f18}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9b9937b0-1be0-11dc-ad9d-00184d422f18}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b0a91bdd-44d0-11dc-ade1-001921514ac5}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b0a91bdd-44d0-11dc-ade1-001921514ac5}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b0a91bdd-44d0-11dc-ade1-001921514ac5}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b7d2ec7d-98b0-11db-b66a-001921514ac5}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b7d2ec7d-98b0-11db-b66a-001921514ac5}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b7d2ec7d-98b0-11db-b66a-001921514ac5}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c13637aa-af2f-11dc-aef6-00184d422f18}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c13637aa-af2f-11dc-aef6-00184d422f18}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c13637aa-af2f-11dc-aef6-00184d422f18}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c77cbdea-0ab7-11dc-ad66-00184d422f18}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c77cbdea-0ab7-11dc-ad66-00184d422f18}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c77cbdea-0ab7-11dc-ad66-00184d422f18}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c9f8087c-c763-11dc-af32-00184d422f18}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c9f8087c-c763-11dc-af32-00184d422f18}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c9f8087c-c763-11dc-af32-00184d422f18}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cf314c5a-21ad-11dd-afca-00184d422f18}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cf314c5a-21ad-11dd-afca-00184d422f18}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cf314c5a-21ad-11dd-afca-00184d422f18}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d751f6a2-c5b9-11db-acb7-00184d422f18}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d751f6a2-c5b9-11db-acb7-00184d422f18}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d751f6a2-c5b9-11db-acb7-00184d422f18}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{de0262d4-5fb1-11dd-b039-00184d422f18}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{de0262d4-5fb1-11dd-b039-00184d422f18}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{de0262d4-5fb1-11dd-b039-00184d422f18}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e76866b7-42bb-11dc-addc-001921514ac5}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e76866b7-42bb-11dc-addc-001921514ac5}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e76866b7-42bb-11dc-addc-001921514ac5}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd3aadec-4d03-11dd-b019-00184d422f18}\Shell]
    "" = None

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd3aadec-4d03-11dd-b019-00184d422f18}\Shell\Autoplay]
    "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/25/2007 06:43 PM | 08,516,608 | ---- | M] (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd3aadec-4d03-11dd-b019-00184d422f18}\Shell\Autoplay\DropTarget]
    "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931}

    ===== Hosts File =====

    HOSTS File = (23 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
    First 25 entries...
    127.0.0.1 localhost



    [Files/Folders - Created Within 30 days]
    [08/24/2008 10:24 PM | -HSD | C] - C:\Config.Msi
    [08/13/2008 09:18 PM | ---D | C] - C:\Deckard
    [08/12/2008 10:03 PM | ---D | C] - C:\fixwareout
    [08/25/2008 06:32 PM | 80,483,5328 | -HS- | M] () - C:\hiberfil.sys
    [05/09/2008 01:15 PM | 00,045,376 | ---- | M] (Avira GmbH) - C:\WINDOWS\System32\drivers\avgntdd.sys
    [01/21/2008 06:11 PM | 00,022,336 | ---- | M] (Avira GmbH) - C:\WINDOWS\System32\drivers\avgntmgr.sys
    [06/27/2008 03:03 PM | 00,075,072 | ---- | M] (Avira GmbH) - C:\WINDOWS\System32\drivers\avipbb.sys
    [08/17/2008 03:05 PM | 00,017,144 | ---- | M] (Malwarebytes Corporation) - C:\WINDOWS\System32\drivers\mbam.sys
    [08/17/2008 03:05 PM | 00,038,472 | ---- | M] (Malwarebytes Corporation) - C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [03/01/2007 10:34 AM | 00,028,352 | ---- | M] (Avira GmbH) - C:\WINDOWS\System32\drivers\ssmdrv.sys
    [08/13/2008 09:18 PM | ---D | C] - C:\WINDOWS\ERDNT
    [08/24/2008 10:25 PM | ---D | C] - C:\WINDOWS\SxsCaPendDel
    [08/16/2008 06:04 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Avira
    [08/24/2008 01:09 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [08/24/2008 01:09 PM | ---D | C] - C:\Documents and Settings\YANN\Application Data\Malwarebytes
    [08/24/2008 01:09 PM | 00,000,696 | ---- | M] () - C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
    [08/14/2008 08:21 PM | 00,000,630 | ---- | M] () - C:\Documents and Settings\All Users\Bureau\Navilog1.lnk
    [08/12/2008 09:45 PM | 00,001,734 | ---- | M] () - C:\Documents and Settings\YANN\Bureau\HijackThis.lnk
    [08/25/2008 07:54 PM | 01,299,968 | ---- | M] (OldTimer Tools) - C:\Documents and Settings\YANN\Bureau\OTViewIt.exe
    [08/24/2008 01:11 PM | 00,000,933 | ---- | M] () - C:\Documents and Settings\YANN\Bureau\Spybot - Search & Destroy.lnk
    [07/28/2008 07:29 PM | 00,000,016 | ---- | M] () - C:\Documents and Settings\YANN\Bureau\WarcraftIIIAutoRefresh_Config.dat
    [08/16/2008 06:04 PM | ---D | C] - C:\Program Files\Avira
    [08/24/2008 01:09 PM | ---D | C] - C:\Program Files\Malwarebytes' Anti-Malware
    [08/15/2008 11:40 AM | ---D | C] - C:\Program Files\Navilog1
    [08/24/2008 01:08 PM | ---D | C] - C:\Program Files\TeaTimer (Spybot - Search & Destroy)
    [08/12/2008 09:45 PM | ---D | C] - C:\Program Files\Trend Micro

    [Files/Folders - Modified Within 30 days]
    [08/25/2008 06:32 PM | -HSD | M] - C:\Config.Msi
    [08/13/2008 09:18 PM | ---D | M] - C:\Deckard
    [08/12/2008 10:03 PM | ---D | M] - C:\fixwareout
    [08/25/2008 06:32 PM | 80,483,5328 | -HS- | M] () - C:\hiberfil.sys
    [08/24/2008 10:24 PM | ---D | M] - C:\Program Files
    [08/25/2008 06:39 PM | ---D | M] - C:\WINDOWS
    [08/17/2008 03:05 PM | 00,017,144 | ---- | M] (Malwarebytes Corporation) - C:\WINDOWS\System32\drivers\mbam.sys
    [08/17/2008 03:05 PM | 00,038,472 | ---- | M] (Malwarebytes Corporation) - C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [08/25/2008 06:38 PM | ---D | M] - C:\WINDOWS\System32\CatRoot2
    [9 C:\WINDOWS\System32\*.tmp files]
    [08/17/2008 10:27 AM | 00,003,072 | ---- | M] () - C:\WINDOWS\System32\CONFIG.NT
    [08/16/2008 06:57 PM | RHSD | M] - C:\WINDOWS\System32\dllcache
    [08/24/2008 01:09 PM | ---D | M] - C:\WINDOWS\System32\drivers
    [08/25/2008 06:32 PM | 00,341,032 | ---- | M] () - C:\WINDOWS\System32\FNTCACHE.DAT
    [08/25/2008 06:34 PM | 00,073,451 | ---- | M] () - C:\WINDOWS\System32\nvapps.xml
    [08/25/2008 06:34 PM | 00,001,158 | ---- | M] () - C:\WINDOWS\System32\wpa.dbl
    [08/13/2008 10:09 PM | -H-D | M] - C:\WINDOWS\$hf_mig$
    [08/25/2008 06:33 PM | 00,002,048 | --S- | M] () - C:\WINDOWS\bootstat.dat
    [07/26/2008 10:38 PM | 00,003,566 | ---- | M] () - C:\WINDOWS\cdplayer.ini
    [08/16/2008 04:29 PM | ---D | M] - C:\WINDOWS\Debug
    [08/13/2008 09:20 PM | --SD | M] - C:\WINDOWS\Downloaded Program Files
    [08/13/2008 09:18 PM | ---D | M] - C:\WINDOWS\ERDNT
    [08/24/2008 10:23 PM | R-SD | M] - C:\WINDOWS\Fonts
    [08/18/2008 11:45 PM | -H-D | M] - C:\WINDOWS\inf
    [08/24/2008 10:25 PM | -HSD | M] - C:\WINDOWS\Installer
    [08/16/2008 04:29 PM | ---D | M] - C:\WINDOWS\Minidump
    [08/24/2008 10:34 PM | 00,000,116 | ---- | M] () - C:\WINDOWS\NeroDigital.ini
    [08/25/2008 07:54 PM | ---D | M] - C:\WINDOWS\Prefetch
    [08/25/2008 06:33 PM | ---D | M] - C:\WINDOWS\Registration
    [08/24/2008 02:49 PM | ---D | M] - C:\WINDOWS\security
    [08/25/2008 06:32 PM | ---D | M] - C:\WINDOWS\SxsCaPendDel
    [08/24/2008 10:24 PM | ---D | M] - C:\WINDOWS\system32
    [08/25/2008 06:36 PM | ---D | M] - C:\WINDOWS\temp
    [08/25/2008 06:38 PM | 00,000,949 | ---- | M] () - C:\WINDOWS\win.ini
    [08/24/2008 10:25 PM | ---D | M] - C:\WINDOWS\WinSxS
    [08/25/2008 06:33 PM | 00,000,006 | -H-- | M] () - C:\WINDOWS\tasks\SA.DAT
    [08/16/2008 06:04 PM | ---D | M] - C:\Documents and Settings\All Users\Application Data\Avira
    [08/24/2008 01:09 PM | ---D | M] - C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [08/24/2008 01:07 PM | --SD | M] - C:\Documents and Settings\All Users\Application Data\Microsoft
    [08/24/2008 10:24 PM | ---D | M] - C:\Documents and Settings\All Users\Application Data\Microsoft Help
    [08/24/2008 02:53 PM | ---D | M] - C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    [08/24/2008 01:07 PM | ---D | M] - C:\Documents and Settings\YANN\Application Data\Lavasoft
    [08/24/2008 01:09 PM | ---D | M] - C:\Documents and Settings\YANN\Application Data\Malwarebytes
    [08/15/2008 10:49 AM | ---D | M] - C:\Documents and Settings\YANN\Application Data\U3
    [08/25/2008 06:36 PM | ---D | M] - C:\Documents and Settings\YANN\Local Settings\Application Data\ApplicationHistory
    [08/19/2008 08:25 PM | 00,096,256 | ---- | M] () - C:\Documents and Settings\YANN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [08/25/2008 06:35 PM | 00,092,672 | ---- | M] () - C:\Documents and Settings\YANN\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    [08/17/2008 08:44 PM | 01,575,556 | -H-- | M] () - C:\Documents and Settings\YANN\Local Settings\Application Data\IconCache.db
    [07/26/2008 10:37 PM | ---D | M] - C:\Documents and Settings\YANN\Local Settings\Application Data\Microsoft
    [08/10/2008 08:32 PM | ---D | M] - C:\Documents and Settings\YANN\Mes documents\Fichier Word
    [08/11/2008 10:37 PM | R--D | M] - C:\Documents and Settings\YANN\Mes documents\Ma musique
    [08/01/2008 06:28 PM | RH-D | M] - C:\Documents and Settings\YANN\Mes documents\Mes archives de conversations
    [08/25/2008 07:01 PM | 00,000,579 | ---- | M] () - C:\Documents and Settings\YANN\Mes documents\Mes dossiers de partage.lnk
    [08/10/2008 08:41 PM | R--D | M] - C:\Documents and Settings\YANN\Mes documents\Mes images
    [08/24/2008 01:09 PM | 00,000,696 | ---- | M] () - C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
    [08/14/2008 08:21 PM | 00,000,630 | ---- | M] () - C:\Documents and Settings\All Users\Bureau\Navilog1.lnk
    [08/12/2008 09:45 PM | 00,001,734 | ---- | M] () - C:\Documents and Settings\YANN\Bureau\HijackThis.lnk
    [08/16/2008 04:46 PM | ---D | M] - C:\Documents and Settings\YANN\Bureau\Jeux
    [08/25/2008 07:54 PM | 01,299,968 | ---- | M] (OldTimer Tools) - C:\Documents and Settings\YANN\Bureau\OTViewIt.exe
    [08/24/2008 01:11 PM | 00,000,933 | ---- | M] () - C:\Documents and Settings\YANN\Bureau\Spybot - Search & Destroy.lnk
    [07/28/2008 07:29 PM | 00,000,016 | ---- | M] () - C:\Documents and Settings\YANN\Bureau\WarcraftIIIAutoRefresh_Config.dat
    [08/24/2008 10:24 PM | ---D | M] - C:\Program Files\Fichiers communs\Microsoft Shared
    [08/24/2008 10:17 PM | ---D | M] - C:\Program Files\Fichiers communs\System

    < End of report >
    25 Août 2008 19:57:06

    OTViewIt Extras logfile created on: 25/08/2008 19:54:49 - Run 1
    OTViewIt by OldTimer - Version 1.0.0.11 Folder = C:\Documents and Settings\YANN\Bureau
    Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 6.0.2900.2180)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    767,48 Mb Total Physical Memory | 406,52 Mb Available Physical Memory | 52,97% Memory free
    1,83 Gb Paging File | 1,32 Gb Available in Paging File | 72,14% Paging File free
    Paging file location(s): C:\pagefile.sys 1152 2304;

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 48,83 Gb Total Space | 14,57 Gb Free Space | 29,83% Space Free | Partition Type: NTFS
    Drive D: | 113,76 Gb Total Space | 21,06 Gb Free Space | 18,51% Space Free | Partition Type: NTFS
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded
    Drive K: | 64,45 Gb Total Space | 34,86 Gb Free Space | 54,09% Space Free | Partition Type: NTFS

    ===== File Associations =====

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .bat [@ = batfile] - File not found -
    .cmd [@ = cmdfile] - File not found -
    .com [@ = comfile] - File not found -
    .exe [@ = exefile] - File not found -
    .html [@ = FirefoxHTML] - [07/08/2008 07:12 PM | 07,191,149 | ---- | M] (Mozilla Corporation) - C:\Program Files\Mozilla Firefox\firefox.exe
    .pif [@ = piffile] - File not found -
    .scr [@ = scrfile] - File not found -

    ===== Uninstall List =====

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0CB98AC0-D691-4B21-AD3D-95982517021D}" = Acer WLAN 11g USB Dongle
    "{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}" = Security Update for CAPICOM (KB931906)
    "{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
    "{236BB7C4-4419-42FD-040C-2E257A25E34D}" = Adobe Photoshop CS2
    "{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
    "{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
    "{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
    "{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
    "{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
    "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
    "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
    "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{385979FE-DC4F-4140-8EAD-A59625000D72}" = NTI Backup NOW! 4
    "{38C65D12-79E3-49C0-B211-DE3BE0A7AB39}" = commercial
    "{38E0C491-5230-4373-B62E-F1A6E94B1036}" = Nero 7 Ultra Edition
    "{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}" = Skype Plugin Manager
    "{4312AB5F-7C43-461E-B48B-EDFA6B9CD3D6}" = Kptic
    "{4AD13F68-CADA-4C6B-9759-C33753F89908}" = Acer eDataSecurity Management
    "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
    "{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic
    "{7057702F-6D71-4F30-8000-9E72BC771887}" = Acer ePerformance Management
    "{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer
    "{90AF040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
    "{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
    "{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
    "{9A9DBEBC-C800-4776-A970-D76D6AA405B1}" = PHOTOfunSTUDIO -viewer-
    "{A260B422-70E1-41E2-957D-F76FA21266D5}" = Apple Software Update
    "{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
    "{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
    "{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}" = Assistant de connexion Windows Live
    "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
    "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
    "{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0
    "{BADF6744-3787-48F6-B8C9-4C4995401D65}" = Windows Live Messenger
    "{C04E32E0-0416-434D-AFB9-6969D703A9EF}" = MSXML 4.0 SP2 (KB936181)
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
    "{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
    "{D755C7A3-C03E-4460-8C00-AC6E55505FB5}" = LightScribe 1.4.74.1
    "{E0F252A6-DE85-4E93-A93B-DFC3537B3965}" = NETGEAR WG111v2 wireless USB 2.0 adapter
    "{E9787678-119F-4D52-B551-6739B2B22101}" = Adobe Help Center 1.0
    "{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}" = Adobe Stock Photos 1.0
    "{EF1B5DF7-8DF5-4D38-BFF0-FDC7B7847C00}" = Logiciel QuickCam de Logitech
    "{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}" = QuickTime
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}" = Windows Live installer
    "3BEF1AFDE8303306594E2ADA27520E6E700820AE" = Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
    "Adobe Flash Player Plugin" = Adobe Flash Player Plugin
    "Adobe Photoshop CS2 - {236BB7C4-4419-42FD-040C-2E257A25E34D}" = Adobe Photoshop CS2
    "Adobe Shockwave Player" = Adobe Shockwave Player
    "Age of Empires 2.0" = Microsoft Age of Empires II
    "Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II : The Conquerors Expansion
    "AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus
    "Audacity_is1" = Audacity 1.2.6
    "AVGAntiSpyware75" = AVG Anti-Spyware 7.5
    "Blender" = Blender (remove only)
    "CCleaner" = CCleaner (remove only)
    "Client_Fix_1.9.2" = Client Hack 1.9.2d
    "Counter-Strike Source" = Counter-Strike Source
    "dBpoweramp Music Converter" = dBpoweramp Music Converter
    "Diablo II" = Diablo II
    "F3B506E1FDAEA4DC6669B53B2D3F0B68FBA20C2D" = Package de pilotes Windows - AMD System (04/06/2006 1.0.1.0)
    "GoldWave v5.22" = GoldWave v5.22
    "Guild Wars" = GUILD WARS
    "HijackThis" = HijackThis 2.0.2
    "InstallShield_{0CB98AC0-D691-4B21-AD3D-95982517021D}" = Acer WLAN 11g USB Dongle
    "InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
    "InstallShield_{385979FE-DC4F-4140-8EAD-A59625000D72}" = NTI Backup NOW! 4
    "InstallShield_{4AD13F68-CADA-4C6B-9759-C33753F89908}" = Acer eDataSecurity Management 2.0.3077
    "InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0
    "InstallShield_{E0F252A6-DE85-4E93-A93B-DFC3537B3965}" = NETGEAR WG111v2 wireless USB 2.0 adapter
    "Kaspersky Online Scanner" = Kaspersky Online Scanner
    "KB867282" = Correctif Windows XP - KB867282
    "KB873333" = Correctif Windows XP - KB873333
    "KB873339" = Correctif Windows XP - KB873339
    "KB883939" = Mise à jour de sécurité pour Windows XP (KB883939)
    "KB885250" = Correctif Windows XP - KB885250
    "KB885835" = Correctif Windows XP - KB885835
    "KB885836" = Correctif Windows XP - KB885836
    "KB886185" = Correctif Windows XP - KB886185
    "KB887472" = Correctif Windows XP - KB887472
    "KB887998" = Microsoft .NET Framework 1.0 Hotfix (KB887998)
    "KB888111WXPSP2" = High Definition Audio Driver Package - KB888111
    "KB888113" = Correctif Windows XP - KB888113
    "KB888239" = Correctif Windows XP - KB888239
    "KB888302" = Correctif Windows XP - KB888302
    "KB888795" = Correctif pour Windows XP (KB888795)
    "KB890046" = Mise à jour de sécurité pour Windows XP (KB890046)
    "KB890047" = Correctif Windows XP - KB890047
    "KB890175" = Correctif Windows XP - KB890175
    "KB890859" = Correctif Windows XP - KB890859
    "KB890923" = Correctif Windows XP - KB890923
    "KB891593" = Correctif pour Windows XP (KB891593)
    "KB891781" = Correctif Windows XP - KB891781
    "KB893086" = Correctif Windows XP - KB893086
    "KB893357" = Correctif pour Windows XP (KB893357)
    "KB893756" = Mise à jour de sécurité pour Windows XP (KB893756)
    "KB893803v2" = Windows Installer 3.1 (KB893803)
    "KB894391" = Mise à jour pour Windows XP (KB894391)
    "KB895961" = Correctif Windows XP - KB895961
    "KB896256" = Correctif pour Windows XP (KB896256)
    "KB896358" = Mise à jour de sécurité pour Windows XP (KB896358)
    "KB896422" = Mise à jour de sécurité pour Windows XP (KB896422)
    "KB896423" = Mise à jour de sécurité pour Windows XP (KB896423)
    "KB896424" = Mise à jour de sécurité pour Windows XP (KB896424)
    "KB896428" = Mise à jour de sécurité pour Windows XP (KB896428)
    "KB896727" = Mise à jour pour Windows XP (KB896727)
    "KB898444" = Correctif pour Windows XP (KB898444)
    "KB898458" = Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)
    "KB898461" = Mise à jour pour Windows XP (KB898461)
    "KB899337" = Correctif pour Windows XP (KB899337)
    "KB899510" = Correctif pour Windows XP (KB899510)
    "KB899587" = Mise à jour de sécurité pour Windows XP (KB899587)
    "KB899588" = Mise à jour de sécurité pour Windows XP (KB899588)
    "KB899589" = Mise à jour de sécurité pour Windows XP (KB899589)
    "KB899591" = Mise à jour de sécurité pour Windows XP (KB899591)
    "KB900325" = Correctif n° 2 pour Windows XP Édition Media Center 2005
    "KB900485" = Mise à jour pour Windows XP (KB900485)
    "KB900725" = Mise à jour de sécurité pour Windows XP (KB900725)
    "KB901017" = Mise à jour de sécurité pour Windows XP (KB901017)
    "KB901190" = Mise à jour de sécurité pour Windows XP (KB901190)
    "KB901214" = Mise à jour de sécurité pour Windows XP (KB901214)
    "KB902400" = Mise à jour de sécurité pour Windows XP (KB902400)
    "KB902841" = Correctif pour Windows XP (KB902841)
    "KB903157" = Hotfix for Windows Media Player 10 (KB903157)
    "KB903235" = Mise à jour de sécurité pour Windows XP (KB903235)
    "KB904706" = Mise à jour de sécurité pour Windows XP (KB904706)
    "KB905414" = Mise à jour de sécurité pour Windows XP (KB905414)
    "KB905749" = Mise à jour de sécurité pour Windows XP (KB905749)
    "KB905915" = Mise à jour de sécurité pour Windows XP (KB905915)
    "KB906569" = Correctif pour Windows XP (KB906569)
    "KB908246" = Windows XP Media Center Edition 2005 KB908246
    "KB908519" = Mise à jour de sécurité pour Windows XP (KB908519)
    "KB908531" = Mise à jour de sécurité pour Windows XP (KB908531)
    "KB910393" = Mise à jour pour Lecteur Windows Media 10 (KB910393)
    "KB910437" = Mise à jour pour Windows XP (KB910437)
    "KB911280" = Mise à jour pour Windows XP (KB911280)
    "KB911562" = Mise à jour de sécurité pour Windows XP (KB911562)
    "KB911564" = Mise à jour de sécurité pour Lecteur Windows Media (KB911564)
    "KB911565" = Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)
    "KB911567" = Mise à jour de sécurité pour Windows XP (KB911567)
    "KB911927" = Mise à jour de sécurité pour Windows XP (KB911927)
    "KB912812" = Mise à jour de sécurité pour Windows XP (KB912812)
    "KB912919" = Mise à jour de sécurité pour Windows XP (KB912919)
    "KB912945" = Mise à jour pour Windows XP (KB912945)
    "KB913433" = Mise à jour de sécurité pour Windows XP (KB913433)
    "KB913446" = Mise à jour de sécurité pour Windows XP (KB913446)
    "KB913580" = Mise à jour de sécurité pour Windows XP (KB913580)
    "KB913800" = Mise à jour pour Lecteur Windows Media 10 (KB913800)
    "KB914388" = Mise à jour de sécurité pour Windows XP (KB914388)
    "KB914389" = Mise à jour de sécurité pour Windows XP (KB914389)
    "KB916595" = Mise à jour pour Windows XP (KB916595)
    "KB917344" = Mise à jour de sécurité pour Windows XP (KB917344)
    "KB917422" = Mise à jour de sécurité pour Windows XP (KB917422)
    "KB917734_WMP10" = Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)
    "KB917953" = Mise à jour de sécurité pour Windows XP (KB917953)
    "KB918118" = Mise à jour de sécurité pour Windows XP (KB918118)
    "KB918439" = Mise à jour de sécurité pour Windows XP (KB918439)
    "KB919007" = Mise à jour de sécurité pour Windows XP (KB919007)
    "KB920213" = Mise à jour de sécurité pour Windows XP (KB920213)
    "KB920670" = Mise à jour de sécurité pour Windows XP (KB920670)
    "KB920683" = Mise à jour de sécurité pour Windows XP (KB920683)
    "KB920685" = Mise à jour de sécurité pour Windows XP (KB920685)
    "KB920872" = Mise à jour pour Windows XP (KB920872)
    "KB921398" = Mise à jour de sécurité pour Windows XP (KB921398)
    "KB921503" = Mise à jour de sécurité pour Windows XP (KB921503)
    "KB922582" = Mise à jour pour Windows XP (KB922582)
    "KB922616" = Mise à jour de sécurité pour Windows XP (KB922616)
    "KB922819" = Mise à jour de sécurité pour Windows XP (KB922819)
    "KB923191" = Mise à jour de sécurité pour Windows XP (KB923191)
    "KB923414" = Mise à jour de sécurité pour Windows XP (KB923414)
    "KB923689" = Mise à jour de sécurité pour Windows XP (KB923689)
    "KB923694" = Mise à jour de sécurité pour Windows XP (KB923694)
    "KB923980" = Mise à jour de sécurité pour Windows XP (KB923980)
    "KB924191" = Mise à jour de sécurité pour Windows XP (KB924191)
    "KB924270" = Mise à jour de sécurité pour Windows XP (KB924270)
    "KB924496" = Mise à jour de sécurité pour Windows XP (KB924496)
    "KB924667" = Mise à jour de sécurité pour Windows XP (KB924667)
    "KB925398_WMP64" = Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)
    "KB925454" = Mise à jour de sécurité pour Windows XP (KB925454)
    "KB925486" = Mise à jour de sécurité pour Windows XP (KB925486)
    "KB925766" = Windows XP Media Center Edition 2005 KB925766
    "KB925902" = Mise à jour de sécurité pour Windows XP (KB925902)
    "KB926239" = Hotfix for Windows XP (KB926239)
    "KB926251" = Mise à jour pour Lecteur Windows Media 10 (KB926251)
    "KB926255" = Mise à jour de sécurité pour Windows XP (KB926255)
    "KB926436" = Mise à jour de sécurité pour Windows XP (KB926436)
    "KB927779" = Mise à jour de sécurité pour Windows XP (KB927779)
    "KB927802" = Mise à jour de sécurité pour Windows XP (KB927802)
    "KB927891" = Mise à jour pour Windows XP (KB927891)
    "KB928090" = Mise à jour de sécurité pour Windows XP (KB928090)
    "KB928255" = Mise à jour de sécurité pour Windows XP (KB928255)
    "KB928843" = Mise à jour de sécurité pour Windows XP (KB928843)
    "KB929123" = Mise à jour de sécurité pour Windows XP (KB929123)
    "KB929338" = Mise à jour pour Windows XP (KB929338)
    "KB929399" = Hotfix for Windows Media Format 11 SDK (KB929399)
    "KB929969" = Mise à jour de sécurité pour Windows XP (KB929969)
    "KB930178" = Mise à jour de sécurité pour Windows XP (KB930178)
    "KB930494" = Microsoft .NET Framework 1.0 Hotfix (KB930494)
    "KB930916" = Mise à jour pour Windows XP (KB930916)
    "KB931261" = Mise à jour de sécurité pour Windows XP (KB931261)
    "KB931768" = Mise à jour de sécurité pour Windows XP (KB931768)
    "KB931784" = Mise à jour de sécurité pour Windows XP (KB931784)
    "KB931836" = Mise à jour pour Windows XP (KB931836)
    "KB931906" = Security Update for CAPICOM (KB931906)
    "KB932168" = Mise à jour de sécurité pour Windows XP (KB932168)
    "KB933360" = Mise à jour pour Windows XP (KB933360)
    "KB933566" = Mise à jour de sécurité pour Windows XP (KB933566)
    "KB933729" = Mise à jour de sécurité pour Windows XP (KB933729)
    "KB935448" = Correctif pour Windows XP (KB935448)
    "KB935839" = Mise à jour de sécurité pour Windows XP (KB935839)
    "KB935840" = Mise à jour de sécurité pour Windows XP (KB935840)
    "KB936021" = Mise à jour de sécurité pour Windows XP (KB936021)
    "KB936782_WMP11" = Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)
    "KB937143" = Mise à jour de sécurité pour Windows XP (KB937143)
    "KB937894" = Mise à jour de sécurité pour Windows XP (KB937894)
    "KB938127" = Mise à jour de sécurité pour Windows XP (KB938127)
    "KB938828" = Mise à jour pour Windows XP (KB938828)
    "KB938829" = Mise à jour de sécurité pour Windows XP (KB938829)
    "KB939653" = Mise à jour de sécurité pour Windows XP (KB939653)
    "KB939683" = Correctif pour Lecteur Windows Media 11 (KB939683)
    "KB941202" = Mise à jour de sécurité pour Windows XP (KB941202)
    "KB941568" = Mise à jour de sécurité pour Windows XP (KB941568)
    "KB941569" = Mise à jour de sécurité pour Windows XP (KB941569)
    "KB941644" = Mise à jour de sécurité pour Windows XP (KB941644)
    "KB941693" = Mise à jour de sécurité pour Windows XP (KB941693)
    "KB942615" = Mise à jour de sécurité pour Windows XP (KB942615)
    "KB942763" = Mise à jour pour Windows XP (KB942763)
    "KB942840" = Mise à jour pour Windows XP (KB942840)
    "KB943055" = Mise à jour de sécurité pour Windows XP (KB943055)
    "KB943460" = Mise à jour de sécurité pour Windows XP (KB943460)
    "KB943485" = Mise à jour de sécurité pour Windows XP (KB943485)
    "KB944338" = Mise à jour de sécurité pour Windows XP (KB944338)
    "KB944533" = Mise à jour de sécurité pour Windows XP (KB944533)
    "KB944653" = Mise à jour de sécurité pour Windows XP (KB944653)
    "KB945553" = Mise à jour de sécurité pour Windows XP (KB945553)
    "KB946026" = Mise à jour de sécurité pour Windows XP (KB946026)
    "KB946627" = Mise à jour pour Windows XP (KB946627)
    "KB946648" = Mise à jour de sécurité pour Windows XP (KB946648)
    "KB947864" = Mise à jour de sécurité pour Windows XP (KB947864)
    "KB948590" = Mise à jour de sécurité pour Windows XP (KB948590)
    "KB948881" = Mise à jour de sécurité pour Windows XP (KB948881)
    "KB950749" = Mise à jour de sécurité pour Windows XP (KB950749)
    "KB950759" = Mise à jour de sécurité pour Windows XP (KB950759)
    "KB950760" = Mise à jour de sécurité pour Windows XP (KB950760)
    "KB950762" = Mise à jour de sécurité pour Windows XP (KB950762)
    "KB950974" = Mise à jour de sécurité pour Windows XP (KB950974)
    "KB951066" = Mise à jour de sécurité pour Windows XP (KB951066)
    "KB951072-v2" = Mise à jour pour Windows XP (KB951072-v2)
    "KB951376-v2" = Mise à jour de sécurité pour Windows XP (KB951376-v2)
    "KB951698" = Mise à jour de sécurité pour Windows XP (KB951698)
    "KB951748" = Mise à jour de sécurité pour Windows XP (KB951748)
    "KB952287" = Correctif pour Windows XP (KB952287)
    "KB952954" = Mise à jour de sécurité pour Windows XP (KB952954)
    "KB953838" = Mise à jour de sécurité pour Windows XP (KB953838)
    "KB953839" = Mise à jour de sécurité pour Windows XP (KB953839)
    "KC Softwares VideoInspector_is1" = KC Softwares VideoInspector
    "Keycraft" = Keycraft (remove only)
    "KLiteCodecPack_is1" = K-Lite Codec Pack 2.71 Full
    "LiveUpdate" = LiveUpdate 3.0 (Symantec Corporation)
    "Ludiclub.com" = Ludiclub.com
    "M928366" = Microsoft .NET Framework 1.1 Hotfix (KB928366)
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "MEDUSA" = MEDUSA - Subtitling Station (remove only)
    "Messenger Plus! Live" = Messenger Plus! Live
    "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
    "mIRC" = mIRC
    "Mozilla Firefox (1.5)" = Mozilla Firefox (1.5)
    "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
    "MsgPlus! Plugin" = Messenger Plus! 3
    "MSNINST" = MSN
    "Navilog1_is1" = Navilog1 3.6.3
    "NVIDIA Drivers" = NVIDIA Drivers
    "OcaHistoryUpd" = OCA Client history tool install
    "Pharaoh" = Pharaon
    "PokerStars" = PokerStars
    "QcDrv" = Programme de gestion Camera de Logitech
    "RealPlayer 6.0" = RealOne Player
    "ShockwaveFlash" = Adobe Flash Player 9 ActiveX
    "Skype_is1" = Skype 3.0
    "Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
    "Starcraft" = Starcraft
    "Steam" = Steam
    "SUPER ©" = SUPER © Version 2007.bld.22 (Mar 14, 2007)
    "Switch" = Switch
    "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
    "VLC media player" = VideoLAN VLC media player 0.8.4a
    "Warkeys" = Warkeys 1.3.1.0b
    "WgaNotify" = Windows Genuine Advantage Notifications (KB905474)
    "Windows Media Format Runtime" = Windows Media Format 11 runtime
    "Windows Media Player" = Lecteur Windows Media 11
    "WinRAR archiver" = Archiveur WinRAR
    "WMFDist11" = Windows Media Format 11 runtime
    "wmp11" = Windows Media Player 11
    "World of Warcraft" = World of Warcraft
    "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
    "Xilisoft MP4 Converter" = Xilisoft MP4 Converter
    "Yahoo! Toolbar" = Yahoo! Toolbar
    "YInstHelper" = Yahoo! Install Manager

    ===== Uninstall List =====

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Steam App 80" = Condition Zero
    "Warcraft III" = Warcraft III: All Products

    ===== Winsock2 Catalogs =====

    ===== Protocol Defaults =====


    ===== Protocol Defaults =====


    ===== Protocol Handlers =====

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
    ipp: [HKLM - No CLSID value]
    msdaipp: [HKLM - No CLSID value]

    skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKLM - IEProtocolHandler Class]
    [11/01/2006 04:21 PM | 01,783,384 | R--- | M] (Skype Technologies) C:\Program Files\Fichiers communs\Skype\Skype4COM.dll

    ===== Protocol Filters =====

    < End of report >
    25 Août 2008 22:19:59

    Re,

    1) Je te conseille d'installer un parefeu pour renforcer la sécurité de ton PC, sauf si c'est déjà.

    Je te conseille de désinstaller Ad-aware, il n'est pas terrible, prends plutôt Spybot Search and Destroy à la place pour la protection résidente et MalwareByte's Anti-Malware pour les scans hebdomadaires.

    2) Télécharge JavaRa.zip de Paul 'Prm753' McLain et Fred de Vries.
  • Décompresse le fichier sur le bureau (clic droit > Extraire tout)
  • Double-cliquer sur le répertoire JavaRa.
  • Puis double-cliquer sur le fichier JavaRa.exe (le exe peut ne pas s'afficher)
  • Clique sur Search For Updates.
  • Sélectionner Update Using jucheck.exe puis cliquer sur Search.
  • Autorise le processus à se connecter s'il le demande, cliquer sur Install et suivre les instructions d'installation qui prennent quelques minutes.
  • L'installation est terminée, revenez à l'écran de JavaRa et clique sur Remove Older Versions.
  • Clique sur Oui pour confirmer. Laisse travailler et cliquez ensuite sur Ok, puis une deuxième fois sur Ok.
  • Un rapport va s'ouvrir à copier-coller dans la prochaine réponse.
  • Fermer l'application
    Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log

    3) Téléchargez ATF Cleaner sur votre Bureau.

  • Faites un double clic sur ATF-Cleaner.exe pour lancer le programme.
  • Cliquez sur Select All situé en bas de la liste.
  • Cliquez sur le bouton Empty Selected.

    Si vous utilisez le navigateur Firefox, faites aussi ceci :
  • Cliquez sur Firefox en haut et choisissez Select All dans la liste.
  • Cliquez sur le bouton Empty Selected.
  • NOTE : Si vous désirez conserver vos mots de passe enregistrés, cliquez sur No dans le message d'avertissement.

    Si vous utilisez le navigateur Opera, faites aussi ceci :
  • Cliquez sur Opera en haut et choisissez Select All dans la liste.
  • Fermez TOUS les navigateurs Internet (très important).
  • Cliquez sur le bouton Empty Selected.
  • NOTE : Si vous désirez conserver vos mots de passe enregistrés, cliquez sur No dans le message d'avertissement.
    Cliquez sur Exit dans le menu principal pour fermer le programme.

    4) Poste un nouveau rapport HijackThis et dis-moi comment va le PC.

    Toujours des problèmes ?

    ;) 
    27 Août 2008 20:57:22

    JavaRa 1.11 Removal Log.

    Report follows after line.

    ------------------------------------

    The JavaRa removal process was started on Wed Aug 27 20:56:28 2008

    Found and removed: C:\Program Files\Java\jre1.5.0_06

    Found and removed: C:\Program Files\Java\jre1.5.0_10

    Found and removed: C:\Program Files\Java\jre1.5.0_11

    Found and removed: C:\Program Files\Java\jre1.6.0_01

    Found and removed: C:\Program Files\Java\jre1.6.0_02

    Found and removed: C:\Program Files\Java\jre1.6.0_03

    Found and removed: C:\Program Files\Java\jre1.6.0_05

    Found and removed: Software\JavaSoft\Java2D\1.5.0_06

    Found and removed: Software\JavaSoft\Java2D\1.5.0_10

    Found and removed: Software\JavaSoft\Java2D\1.5.0_11

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510006

    Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D511000

    Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D511001

    Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510006

    Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D511000

    Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D511001

    Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510006

    Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D511000

    Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D511001

    Found and removed: SOFTWARE\Classes\JavaPlugin.150_06

    Found and removed: SOFTWARE\Classes\JavaPlugin.150_10

    Found and removed: SOFTWARE\Classes\JavaPlugin.150_11

    Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0

    Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_06

    Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_10

    Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_11

    Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5

    Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_06

    Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_10

    Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_11

    Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510006

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D511000

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D511001

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510006

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D511000

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D511001

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150060}

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150100}

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150110}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

    Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}

    Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610001

    Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610002

    Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610003

    Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610005

    Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610001

    Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610002

    Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610003

    Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610005

    Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001

    Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002

    Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003

    Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005

    Found and removed: SOFTWARE\Classes\JavaPlugin.160_01

    Found and removed: SOFTWARE\Classes\JavaPlugin.160_02

    Found and removed: SOFTWARE\Classes\JavaPlugin.160_03

    Found and removed: SOFTWARE\Classes\JavaPlugin.160_05

    Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_01

    Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_02

    Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_03

    Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_05

    Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_01

    Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_02

    Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_03

    Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_05

    Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610001

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610002

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610003

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610005

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610001

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610002

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610003

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610005

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160010}

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160020}

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160030}

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160050}

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_06

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_10

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_11

    Found and removed: Software\Classes\JavaPlugin.160_01

    Found and removed: Software\Classes\JavaPlugin.160_02

    Found and removed: Software\Classes\JavaPlugin.160_03

    Found and removed: Software\Classes\JavaPlugin.160_05

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_06\

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_10\

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_11\

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\bin\

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\bin\

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\bin\

    Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\bin\

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_01

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_02

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_03

    Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_05

    Found and removed: Software\JavaSoft\Java2D\1.6.0_01

    Found and removed: Software\JavaSoft\Java2D\1.6.0_02

    Found and removed: Software\JavaSoft\Java2D\1.6.0_03

    Found and removed: Software\JavaSoft\Java2D\1.6.0_05

    Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_01

    Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_02

    Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_03

    Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_05

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

    Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

    JavaRa 1.11 Removal Log.

    Report follows after line.

    ------------------------------------

    The JavaRa removal process was started on Wed Aug 27 20:57:11 2008

    ------------------------------------

    Finished reporting.



    27 Août 2008 21:00:48

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:59:03, on 27/08/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\WINDOWS\system32\ElkCtrl.exe
    C:\Program Files\Logitech\Video\CameraAssistant.exe
    C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\WINDOWS\system32\SysMonitor.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
    C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
    C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avnotify.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\rnathchk.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
    O4 - HKLM\..\Run: [FlashGet] "C:\Program Files\FlashGet\FlashGet.exe" /min
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [Steam] K:\Steam\Steam.exe -silent
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: Warkeys Update.lnk = C:\Program Files\Warkeys\update\Warkeys Update.exe
    O4 - Global Startup: Acer Empowering Technology.lnk = ?
    O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.ca...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

    --
    End of file - 11582 bytes



    Toujours le même problème, quand j'veut supprimer quelque chose il met un moment avant de me demander si j'veut vraiment supprimer la premiere fois, une fois que j'ai supprimer quelque chose pour les suivantes c'est ouverture instantanée donc je comprend pas, c'est même pas des gros dossier...
    30 Août 2008 12:39:33

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:39:11, on 30/08/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\WINDOWS\system32\ElkCtrl.exe
    C:\Program Files\Logitech\Video\CameraAssistant.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\WINDOWS\system32\SysMonitor.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
    C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
    C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\rnathchk.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
    O4 - HKLM\..\Run: [FlashGet] "C:\Program Files\FlashGet\FlashGet.exe" /min
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [Steam] K:\Steam\Steam.exe -silent
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: Warkeys Update.lnk = C:\Program Files\Warkeys\update\Warkeys Update.exe
    O4 - Global Startup: Acer Empowering Technology.lnk = ?
    O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.ca...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)

    --
    End of file - 11374 bytes
    5 Septembre 2008 22:30:11

    Alo? Le probleme n'est pas réglé :( ...
    5 Septembre 2008 22:40:59

    bonsoir
    je remplace Egwene (absent temporairement)

    1

    Ouvre Spybot , clique sur l'onglet Mode et choisis Mode Avancé
    Ne tiens pas compte de l'avertissement
    En bas à gauche , clique sur Outils
    Toujours dans la colonne de gauche , clique sur Résident ( pas dans la fenêtre centrale )
    Et décoche l'option Resident "TeaTimer".......


    2
    ~Lance Hijackthis “Do a system scan only”.
    Coche les lignes qui suivent si encore présentes et uniquement celles-là.

    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)


    Clique sur Fix checked (en bas à gauche)

    3

    mets à jour Internet explorer

    4

    ~Fais une analyse antivirus en ligne sur le site de Kaspersky
    http://www.kaspersky.com/kos/eng/partner/default/kavweb...

    * Clique sur Accept
    * Une barre jaune va te demander si tu acceptes d'installer le Kavwebscan_Unicode.cab, installe l'Active X.
    * clique une nouvelle fois sur "Accept"
    * Les bases de mises à jour vont s'installer, patiente un moment
    * Clique sur Next.
    * Clique sur My Computer, le scan se met en route; attends la fin du scan sans fermer la fenêtre sinon il s'arrêtera.
    * Poste le rapport de scan.
    7 Septembre 2008 22:33:17

    --------------------------------------------------------------------------------
    KASPERSKY ONLINE SCANNER 7 REPORT
    Sunday, September 7, 2008
    Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
    Kaspersky Online Scanner 7 version: 7.0.25.0
    Program database last update: Sunday, September 07, 2008 16:13:46
    Records in database: 1200548
    --------------------------------------------------------------------------------

    Scan settings:
    Scan using the following database: extended
    Scan archives: yes
    Scan mail databases: yes

    Scan area - My Computer:
    C:\
    D:\
    E:\
    G:\
    H:\
    I:\
    J:\
    K:\
    M:\

    Scan statistics:
    Files scanned: 113773
    Threat name: 4
    Infected objects: 4
    Suspicious objects: 0
    Duration of the scan: 02:05:08


    File name / Threat name / Threats count
    C:\Program Files\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.62 1
    C:\Program Files\Mozilla Firefox\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1
    D:\Les installations\mirc616.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.616 1
    D:\Problème\clean\pskill.exe Infected: not-a-virus:RiskTool.Win32.PsKill.k 1

    The selected area was scanned.
    8 Septembre 2008 20:43:33

    bonsoir
    c'est ok

    Supprime tous les programmes installés pour la désinfection.


    Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.



    Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.

    Si tu en as assez d'être assailli de publicités durant ta navigation, installe Firefox sécurisé avec les extensions noscript et AdBlock Plus.

    ~Edite ton premier message (en cliquant sur la gomme) et marque [résolu] dans le titre.

    :hello: 
    8 Septembre 2008 21:44:08

    Le problème c'est que ce n'est pas ok... :( .
    Merci pour toute l'aide apporté.
    9 Septembre 2008 21:10:36

    bonsoir
    explique ce qui ne va pas.
    9 Septembre 2008 21:45:30

    Et bien j'ai de forts ralentissement.
    Lorsque je souhaite supprimer quelque chose, ou copier quelque chose, pour même parfois pour passer d'une fenetre à une autre voir sur les lecteurs multimedia, je met parfois jusqu'a 30sec alors qu'auparavant c'était casi instantannée...
    9 Septembre 2008 21:59:23

    re
    on vérifie quelque chose
    Désactive ton antivirus et tout autre type de protection.
    Télécharge ComboFix de sUBs :
    ComboFix.exe
    et sauvegarde le sur ton bureau et pas ailleurs!

    Double-clic sur ComboFix, Il va te poser une question, suis les invites puis attends que combofix ait terminé, il est possible que ton PC reboot, c’est normal, un rapport sera créé.Poste le rapport:C:\Combofix.txt
    clique dessus pour l'ouvrir, puis édition "sélectionner tout", édition "copier"

    viens sur le forum et édition "coller"

    ajoute un nouveau rapport Hijackthis.
    9 Septembre 2008 22:20:47

    Aucun rapport n'est produit pas Combofix :( 
    => Ah si mais sous le nom " Bug "


    PUSHD "C:\327882R2FWJFW\"

    IF NOT EXIST C:\WINDOWS\system32\cmd.exe GOTO Not_NT

    VER 1>temp00

    C:\WINDOWS\system32\FIND.exe "Microsoft Windows [Version 5.2.3790]" temp00 1>NULL

    IF NOT ERRORLEVEL 1 GOTO Not_NT

    C:\WINDOWS\system32\FIND.exe "Windows XP" temp00 1>NULL

    PV -o"%i\t%l" | SED "/\t.*\\nircmd\.inf$/!d; s///; s/./@pv -kfi &/" 1>temp00.bat

    CALL temp00.bat

    DEL temp00.bat temp00 2>NULL

    =============================================

    ALLUSERSPROFILE=C:\Documents and Settings\All Users
    APPDATA=C:\Documents and Settings\YANN\Application Data
    CFLDR=327882R2FWJFW
    CLASSPATH=.;C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
    CommonProgramFiles=C:\Program Files\Fichiers communs
    COMPUTERNAME=YANN
    ComSpec=C:\WINDOWS\system32\cmd.exe
    FP_NO_HOST_CHECK=NO
    HOMEDRIVE=C:
    HOMEPATH=\Documents and Settings\YANN
    KMD=CF31438.exe
    LOGONSERVER=\\YANN
    NUMBER_OF_PROCESSORS=2
    OS=Windows_NT
    Path=C:\327882R2FWJFW;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\PROGRA~1\FICHIE~1\MUVEET~1\030625
    PATHEXT=.cfexe;.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    PROCESSOR_ARCHITECTURE=x86
    PROCESSOR_IDENTIFIER=x86 Family 15 Model 75 Stepping 2, AuthenticAMD
    PROCESSOR_LEVEL=15
    PROCESSOR_REVISION=4b02
    ProgramFiles=C:\Program Files
    PROMPT=$
    QTJAVA=C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
    SESSIONNAME=Console
    sfxname=C:\Documents and Settings\YANN\Bureau\ComboFix.exe
    SYSTEM=C:\WINDOWS\system32
    SystemDrive=C:
    SystemRoot=C:\WINDOWS
    TEMP=C:\DOCUME~1\YANN\LOCALS~1\Temp
    TMP=C:\DOCUME~1\YANN\LOCALS~1\Temp
    USERDOMAIN=YANN
    USERNAME=YANN
    USERPROFILE=C:\Documents and Settings\YANN
    windir=C:\WINDOWS

    =============================================


    IF NOT DEFINED sfxname GOTO END

    IF /I "C:\327882R2FWJFW" NEQ "C:\327882R2FWJFW" GOTO Abort

    IF EXIST "C:\DOCUME~1\YANN\LOCALS~1\Temp\327882R2FWJFW327882R2FWJFW.log" DEL "C:\DOCUME~1\YANN\LOCALS~1\Temp\327882R2FWJFW327882R2FWJFW.log"
    SteelWerX Extended Configuration Access Control Lists
    Written by Bobbi Flekman 2006 (C)
    Ownerchange for "C:\WINDOWS\system32\cmd.exe" to Administrators group was successful

    COPY /Y "C:\WINDOWS\system32\cmd.exe" "C:\WINDOWS\system32\CF31438.exe"
    1 fichier(s) copi‚(s).

    (
    SET "FileName=ComboFix"
    SET "FilePath=C:\Documents and Settings\YANN\Bureau\"
    )

    SET FileName 1>FileName 2>NULL

    GREP -isqx "FileName=[-[:alnum:]@.]*" FileName || (
    Nircmd infobox "You cannot rename ComboFix as ComboFix~n~nPlease use another name, preferbaly made up of alphanumeric characters" ""
    GOTO END
    )

    DIR /AD/B C:\* | FINDSTR -IVX ComboFix 1>dirname00

    FINDSTR -LIXC:"ComboFix" dirname00 1>NULL && CALL :NameChk
    9 Septembre 2008 22:32:07

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:31:45, on 09/09/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\ehome\mcrdsvc.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\WINDOWS\system32\ElkCtrl.exe
    C:\Program Files\Logitech\Video\CameraAssistant.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\WINDOWS\system32\SysMonitor.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\rnathchk.exe
    C:\Program Files\Real\RealOne Player\RealPlay.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\cmd.exe
    C:\327882R2FWJFW\Findstr.cfexe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
    O4 - HKLM\..\Run: [FlashGet] "C:\Program Files\FlashGet\FlashGet.exe" /min
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [Steam] K:\Steam\Steam.exe -silent
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Warkeys Update.lnk = C:\Program Files\Warkeys\update\Warkeys Update.exe
    O4 - Global Startup: Acer Empowering Technology.lnk = ?
    O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.ca...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)

    --
    End of file - 11672 bytes
    10 Septembre 2008 18:38:43

    bonsoir
    supprime ta version de ComboFix

    assure toi que ton antivirus est désactivé puis recommence le téléchargement et repasse l'outil.
    10 Septembre 2008 18:55:02

    Toujours la même question, et toujours un ficher " bug " qui apparait ...
    10 Septembre 2008 18:59:03

    re
    on va faire autrement

  • Télécharge SystemScan de la team SuspectFile
  • double-clique dessus (Ignore les alertes de ton antivirus s'il y en a.)
  • Clique sur Unselect all
  • Coche uniquement ces cases:
    -Recent Files, days old 60 days
    et
    -hidden objects

  • Puis clique sur scan now, soit patient.
  • Une fois qu'il aura terminé, un rapport va s'ouvrir. Poste-le en entier.
    10 Septembre 2008 19:39:27

    SystemScan - www.suspectfile.com - ver. 3.5.5 (code: holifay & bReAkdOWn)

    Running on: Windows XP PROFESSIONAL Edition, Service Pack 2 (2600.5.1)
    System directory: C:\WINDOWS
    SystemScan file: C:\Documents and Settings\YANN\Bureau\sys60656.exe
    Running in: User mode
    Date: 10/09/2008
    Time: 19:36:21

    Output limited to:
    -Recent files
    -Hidden objects

    ===================== RECENT FILES =====================

    Showing files newer than 60 days

    ----- recent files in C:\
    20/07/2008 23:29:57 (DIR) 0 byte 52 days old -- Temp
    12/08/2008 22:03:37 (DIR) 0 byte 29 days old -- fixwareout
    13/08/2008 21:18:51 (DIR) 0 byte 28 days old -- Deckard
    10/09/2008 03:08:37 (DIR) 0 byte 0 days old -- Program Files
    10/09/2008 03:08:41 1207959552 byte 0 days old -- pagefile.sys
    10/09/2008 03:08:45 (DIR)804835328 byte 0 days old -- hiberfil.sys
    10/09/2008 13:58:03 (DIR) 0 byte 0 days old -- WINDOWS
    10/09/2008 18:52:39 (DIR) 0 byte 0 days old -- 327882R2FWJFW
    10/09/2008 18:52:39 3459 byte 0 days old -- Bug.txt

    ----- recent files in C:\WINDOWS\
    20/07/2008 23:10:25 356352 byte 52 days old -- eSellerateEngine.dll
    22/07/2008 09:07:06 4383 byte 50 days old -- mozver.dat
    23/07/2008 13:41:16 2829 byte 49 days old -- War3Unin.pif
    23/07/2008 13:41:16 139264 byte 49 days old -- War3Unin.exe
    23/07/2008 13:57:43 81249 byte 49 days old -- War3Unin.dat
    26/07/2008 22:38:04 3566 byte 46 days old -- cdplayer.ini
    13/08/2008 21:18:59 (DIR) 0 byte 28 days old -- ERDNT
    16/08/2008 16:29:44 (DIR) 0 byte 25 days old -- Minidump
    24/08/2008 14:49:15 166392 byte 17 days old -- ntbtlog.txt
    24/08/2008 14:49:32 (DIR) 0 byte 17 days old -- security
    24/08/2008 22:23:21 (DIR) 0 byte 17 days old -- Fonts
    25/08/2008 18:32:45 (DIR) 0 byte 16 days old -- SxsCaPendDel
    07/09/2008 12:43:09 (DIR) 0 byte 3 days old -- Debug
    07/09/2008 20:15:34 (DIR) 0 byte 3 days old -- $NtUninstallKB904942$
    07/09/2008 20:15:39 0 byte 3 days old -- setupact.log
    07/09/2008 20:15:39 0 byte 3 days old -- setuperr.log
    07/09/2008 20:15:44 15556 byte 3 days old -- KB904942.log
    07/09/2008 20:15:52 (DIR) 0 byte 3 days old -- $NtUninstallKB914440$
    07/09/2008 20:15:53 (DIR) 0 byte 3 days old -- network diagnostic
    07/09/2008 20:15:54 7435 byte 3 days old -- KB914440.log
    07/09/2008 20:19:21 (DIR) 0 byte 3 days old -- $NtUninstallKB915865$
    07/09/2008 20:20:00 8056 byte 3 days old -- KB915865.log
    07/09/2008 20:20:58 (DIR) 0 byte 3 days old -- $NtServicePackUninstallNLSDownlevelMapping$
    07/09/2008 20:21:16 9075 byte 3 days old -- NLSDownlevelMapping.log
    07/09/2008 20:21:37 (DIR) 0 byte 3 days old -- $NtServicePackUninstallIDNMitigationAPIs$
    07/09/2008 20:21:53 9308 byte 3 days old -- IDNMitigationAPIs.log
    07/09/2008 20:23:39 (DIR) 0 byte 3 days old -- ie7
    07/09/2008 20:24:09 (DIR) 0 byte 3 days old -- Media
    07/09/2008 20:24:21 (DIR) 0 byte 3 days old -- WBEM
    07/09/2008 20:24:41 60339 byte 3 days old -- ie7.log
    07/09/2008 20:26:26 (DIR) 0 byte 3 days old -- ie7updates
    07/09/2008 20:26:38 38514 byte 3 days old -- updspapi.log
    07/09/2008 20:27:00 76098 byte 3 days old -- KB953838-IE7.log
    07/09/2008 20:27:19 (DIR) 0 byte 3 days old -- msdownld.tmp
    07/09/2008 20:33:55 44803 byte 3 days old -- ie7_main.log
    08/09/2008 17:54:37 (DIR) 0 byte 2 days old -- Help
    08/09/2008 17:55:07 5883 byte 2 days old -- spupdsvc.log
    08/09/2008 22:24:41 (DIR) 0 byte 2 days old -- $NtUninstallKB932823-v3$
    08/09/2008 22:24:45 21714 byte 2 days old -- KB932823-v3.log
    08/09/2008 22:24:50 22409 byte 2 days old -- KB938127-IE7.log
    08/09/2008 22:24:54 12211 byte 2 days old -- KB938127-v2-IE7.log
    09/09/2008 16:22:37 (DIR) 0 byte 1 days old -- Installer
    09/09/2008 16:23:22 (DIR) 0 byte 1 days old -- Downloaded Program Files
    09/09/2008 16:24:59 2948 byte 1 days old -- OCA-X86Fre-ENU.-uninstall.log
    09/09/2008 18:54:11 57 byte 1 days old -- Bbt97.INI
    09/09/2008 21:25:19 48173 byte 1 days old -- setupapi.log
    09/09/2008 21:38:41 116 byte 1 days old -- NeroDigital.ini
    10/09/2008 03:00:29 (DIR) 0 byte 0 days old -- $NtUninstallKB954154_WM11$
    10/09/2008 03:00:33 6475 byte 0 days old -- KB954154.log
    10/09/2008 03:00:33 1374 byte 0 days old -- imsins.BAK
    10/09/2008 03:00:37 (DIR) 0 byte 0 days old -- $hf_mig$
    10/09/2008 03:00:53 (DIR) 0 byte 0 days old -- $NtUninstallKB938464$
    10/09/2008 03:00:54 24546 byte 0 days old -- msmqinst.log
    10/09/2008 03:00:54 (DIR) 0 byte 0 days old -- WinSxS
    10/09/2008 03:00:55 86214 byte 0 days old -- iis6.log
    10/09/2008 03:00:55 (DIR) 0 byte 0 days old -- inf
    10/09/2008 03:00:55 1374 byte 0 days old -- imsins.log
    10/09/2008 03:00:55 80063 byte 0 days old -- FaxSetup.log
    10/09/2008 03:00:55 36673 byte 0 days old -- tsoc.log
    10/09/2008 03:00:55 26852 byte 0 days old -- comsetup.log
    10/09/2008 03:00:55 4394 byte 0 days old -- ehOCGen.log
    10/09/2008 03:00:55 4043 byte 0 days old -- tabletoc.log
    10/09/2008 03:00:55 16223 byte 0 days old -- ntdtcsetup.log
    10/09/2008 03:00:55 11298 byte 0 days old -- KB938464.log
    10/09/2008 03:00:55 37908 byte 0 days old -- ocgen.log
    10/09/2008 03:00:55 4017 byte 0 days old -- msgsocm.log
    10/09/2008 03:00:55 5590 byte 0 days old -- MedCtrOC.log
    10/09/2008 03:00:55 14079 byte 0 days old -- netfxocm.log
    10/09/2008 03:00:55 8957 byte 0 days old -- plusoc.log
    10/09/2008 03:00:55 4446 byte 0 days old -- ocmsn.log
    10/09/2008 03:07:46 32532 byte 0 days old -- SchedLgU.Txt
    10/09/2008 03:08:49 2048 byte 0 days old -- bootstat.dat
    10/09/2008 03:09:14 50 byte 0 days old -- wiaservc.log
    10/09/2008 03:09:15 159 byte 0 days old -- wiadebug.log
    10/09/2008 03:09:21 (DIR) 0 byte 0 days old -- Registration
    10/09/2008 03:10:03 0 byte 0 days old -- 0.log
    10/09/2008 13:58:06 105502 byte 0 days old -- RTacDbg.txt
    10/09/2008 13:58:29 931 byte 0 days old -- win.ini
    10/09/2008 18:48:34 1265286 byte 0 days old -- WindowsUpdate.log
    10/09/2008 18:52:38 (DIR) 0 byte 0 days old -- system32
    10/09/2008 19:35:42 (DIR) 0 byte 0 days old -- Prefetch
    10/09/2008 19:35:45 (DIR) 0 byte 0 days old -- temp

    ----- recent files in C:\WINDOWS\Downloaded Program Files\

    ----- recent files in C:\WINDOWS\system\

    ----- recent files in C:\WINDOWS\system32\
    14/07/2008 13:09:18 62976 byte 58 days old -- tzchange.exe
    18/07/2008 13:50:44 23392 byte 54 days old -- nscompat.tlb
    18/07/2008 13:50:44 16832 byte 54 days old -- amcompat.tlb
    19/07/2008 11:02:11 65602 byte 53 days old -- perfc00C.dat
    19/07/2008 11:02:11 54416 byte 53 days old -- perfc009.dat
    19/07/2008 11:02:11 384732 byte 53 days old -- perfh009.dat
    19/07/2008 11:02:11 964218 byte 53 days old -- PerfStringBackup.INI
    19/07/2008 11:02:11 449740 byte 53 days old -- perfh00C.dat
    13/08/2008 22:09:00 606472 byte 28 days old -- TZLog.log
    17/08/2008 10:27:52 3072 byte 24 days old -- CONFIG.NT
    26/08/2008 22:28:12 16208504 byte 15 days old -- MRT.exe
    27/08/2008 20:56:15 6704 byte 14 days old -- jupdate-1.6.0_07-b06.log
    05/09/2008 17:38:17 17212 byte 5 days old -- SIntf32.dll
    05/09/2008 17:38:17 12067 byte 5 days old -- SIntf16.dll
    05/09/2008 17:38:17 21840 byte 5 days old -- SIntfNT.dll
    07/09/2008 20:24:26 (DIR) 0 byte 3 days old -- config
    07/09/2008 20:26:41 (DIR) 0 byte 3 days old -- fr-fr
    08/09/2008 22:24:53 (DIR) 0 byte 2 days old -- dllcache
    09/09/2008 16:24:01 (DIR) 0 byte 1 days old -- drivers
    10/09/2008 03:08:45 340240 byte 0 days old -- FNTCACHE.DAT
    10/09/2008 13:57:20 1158 byte 0 days old -- wpa.dbl
    10/09/2008 13:57:26 73451 byte 0 days old -- nvapps.xml
    10/09/2008 14:21:27 (DIR) 0 byte 0 days old -- CatRoot2

    ----- recent files in C:\WINDOWS\system32\drivers\

    ----- recent files in C:\WINDOWS\temp\
    30/08/2008 01:05:56 0 byte 11 days old -- T30DebugLogFile.txt
    10/09/2008 13:57:19 255 byte 0 days old -- WGAErrLog.txt
    10/09/2008 13:57:21 409 byte 0 days old -- WGANotify.settings

    ----- recent files in C:\Program Files\
    20/07/2008 12:15:33 (DIR) 0 byte 52 days old -- Microsoft Games
    20/07/2008 23:09:47 (DIR) 0 byte 52 days old -- Deskshare
    20/07/2008 23:14:17 (DIR) 0 byte 52 days old -- MP3 Player Utilities 3.57
    20/07/2008 23:15:24 (DIR) 0 byte 52 days old -- NCH Software
    20/07/2008 23:29:31 (DIR) 0 byte 52 days old -- Xilisoft
    22/07/2008 10:27:42 (DIR) 0 byte 50 days old -- Warkeys
    22/07/2008 14:11:18 (DIR) 0 byte 50 days old -- eMule
    22/07/2008 14:11:19 (DIR) 0 byte 50 days old -- Azureus
    12/08/2008 21:45:25 (DIR) 0 byte 29 days old -- Trend Micro
    13/08/2008 22:09:54 (DIR) 0 byte 28 days old -- Messenger
    16/08/2008 18:04:54 (DIR) 0 byte 25 days old -- Avira
    24/08/2008 13:08:57 (DIR) 0 byte 17 days old -- TeaTimer (Spybot - Search & Destroy)
    24/08/2008 13:14:18 (DIR) 0 byte 17 days old -- Spybot - Search & Destroy
    24/08/2008 22:23:59 (DIR) 0 byte 17 days old -- Fichiers communs
    24/08/2008 22:24:02 (DIR) 0 byte 17 days old -- Microsoft Office
    27/08/2008 20:56:41 (DIR) 0 byte 14 days old -- Java
    30/08/2008 20:16:43 (DIR) 0 byte 11 days old -- Unlocker
    04/09/2008 16:06:48 (DIR) 0 byte 6 days old -- Messenger Plus! Live
    08/09/2008 17:54:37 (DIR) 0 byte 2 days old -- Internet Explorer
    09/09/2008 16:01:20 (DIR) 0 byte 1 days old -- Google
    09/09/2008 16:22:32 (DIR) 0 byte 1 days old -- Adobe
    09/09/2008 16:24:20 (DIR) 0 byte 1 days old -- Navilog1
    09/09/2008 16:25:15 (DIR) 0 byte 1 days old -- InstallShield Installation Information
    10/09/2008 16:37:26 (DIR) 0 byte 0 days old -- Warcraft III
    10/09/2008 17:07:47 (DIR) 0 byte 0 days old -- FlashGet
    10/09/2008 18:57:57 (DIR) 0 byte 0 days old -- PokerStars
    10/09/2008 19:31:41 (DIR) 0 byte 0 days old -- Mozilla Firefox

    ----- recent files in C:\Program Files\Fichiers communs\
    19/07/2008 21:24:21 (DIR) 0 byte 53 days old -- Blizzard Entertainment
    24/08/2008 22:17:44 (DIR) 0 byte 17 days old -- System
    24/08/2008 22:24:02 (DIR) 0 byte 17 days old -- Microsoft Shared
    30/08/2008 11:56:20 (DIR) 0 byte 11 days old -- Symantec Shared
    09/09/2008 16:22:32 (DIR) 0 byte 1 days old -- Adobe

    ----- recent files in C:\Documents and Settings\YANN\Application Data\
    19/07/2008 23:06:27 (DIR) 0 byte 53 days old -- Azureus
    20/07/2008 23:14:19 (DIR) 0 byte 52 days old -- Microsoft
    24/08/2008 13:07:33 (DIR) 0 byte 17 days old -- Lavasoft
    24/08/2008 13:09:16 (DIR) 0 byte 17 days old -- Malwarebytes
    30/08/2008 20:07:28 (DIR) 0 byte 11 days old -- FMZilla
    31/08/2008 13:06:00 (DIR) 0 byte 10 days old -- Desktopicon
    09/09/2008 16:19:47 (DIR) 0 byte 1 days old -- Adobe
    09/09/2008 16:25:09 (DIR) 0 byte 1 days old -- Panasonic
    09/09/2008 22:19:18 (DIR) 0 byte 1 days old -- U3
    10/09/2008 18:49:13 (DIR) 0 byte 0 days old -- Mozilla

    ----- recent files in C:\DOCUME~1\YANN\LOCALS~1\Temp\
    30/08/2008 01:06:39 21343 byte 11 days old -- Danish.bin
    30/08/2008 01:06:39 22809 byte 11 days old -- Japanese.bin
    30/08/2008 01:06:39 19048 byte 11 days old -- Korean.bin
    30/08/2008 01:06:40 24173 byte 11 days old -- Dutch.bin
    30/08/2008 01:06:40 16913 byte 11 days old -- TradChin.bin
    30/08/2008 01:06:41 25665 byte 11 days old -- French.bin
    30/08/2008 01:06:41 24274 byte 11 days old -- German.bin
    30/08/2008 01:06:41 25824 byte 11 days old -- Italian.bin
    30/08/2008 01:06:42 26062 byte 11 days old -- Spanish.bin
    30/08/2008 01:06:42 24638 byte 11 days old -- Russian.bin
    30/08/2008 01:06:42 22684 byte 11 days old -- SWEDISH.bin
    30/08/2008 01:06:43 24654 byte 11 days old -- Portuguese.bin
    30/08/2008 01:06:44 21857 byte 11 days old -- English.bin
    30/08/2008 01:06:45 15534 byte 11 days old -- SimChin.bin
    30/08/2008 01:06:45 19506 byte 11 days old -- Arabic.bin
    30/08/2008 01:06:46 23467 byte 11 days old -- Greek.bin
    30/08/2008 01:06:46 20733 byte 11 days old -- Thai.bin
    30/08/2008 01:06:46 22606 byte 11 days old -- Polish.bin
    30/08/2008 01:06:46 23522 byte 11 days old -- Portuguese(Brazil).bin
    30/08/2008 01:06:47 22862 byte 11 days old -- Czech.bin
    30/08/2008 01:06:47 24446 byte 11 days old -- Hungarian.bin
    30/08/2008 01:06:47 21562 byte 11 days old -- Finnish.bin
    30/08/2008 01:06:47 18436 byte 11 days old -- Hebrew.bin
    30/08/2008 01:06:48 20608 byte 11 days old -- Norwegian.bin
    30/08/2008 01:06:48 20859 byte 11 days old -- Turkish.bin
    30/08/2008 11:55:08 (DIR) 0 byte 11 days old -- plugtmp
    30/08/2008 11:55:30 186148 byte 11 days old -- Sym2D.tmp
    30/08/2008 11:56:43 14871830 byte 11 days old -- SymNRT 8-30-2008 11h55m30s.log
    30/08/2008 11:59:38 16384 byte 11 days old -- ~DFD72.tmp
    30/08/2008 20:07:46 (DIR) 0 byte 11 days old -- plugtmp-1
    30/08/2008 23:47:49 16384 byte 11 days old -- ~DF8F09.tmp
    31/08/2008 14:02:30 (DIR) 0 byte 10 days old -- plugtmp-2
    31/08/2008 15:56:41 16384 byte 10 days old -- ~DFB697.tmp
    31/08/2008 21:37:50 16384 byte 10 days old -- ~DF9183.tmp
    01/09/2008 20:52:20 (DIR) 0 byte 9 days old -- plugtmp-3
    02/09/2008 14:45:58 (DIR) 0 byte 8 days old -- plugtmp-4
    02/09/2008 20:51:26 (DIR) 0 byte 8 days old -- plugtmp-5
    02/09/2008 21:25:32 16384 byte 8 days old -- ~DFB5EC.tmp
    04/09/2008 16:03:36 16384 byte 6 days old -- ~DFBD70.tmp
    04/09/2008 18:32:37 1764044 byte 6 days old -- mps_935b.tmp
    06/09/2008 09:25:38 16384 byte 4 days old -- ~DFE975.tmp
    06/09/2008 12:24:35 (DIR) 0 byte 4 days old -- plugtmp-6
    06/09/2008 19:34:07 16384 byte 4 days old -- ~DFB32B.tmp
    07/09/2008 19:18:37 (DIR) 0 byte 3 days old -- hsperfdata_YANN
    07/09/2008 19:18:41 416 byte 3 days old -- java_install_reg.log
    07/09/2008 19:19:03 (DIR) 0 byte 3 days old -- jkos-YANN
    07/09/2008 19:31:48 (DIR) 0 byte 3 days old -- KAV Updater update files
    08/09/2008 17:57:06 0 byte 2 days old -- gtb7.tmp
    08/09/2008 21:51:19 216 byte 2 days old -- ACB4.tmp
    08/09/2008 21:51:21 216 byte 2 days old -- ACB5.tmp
    08/09/2008 21:59:33 216 byte 2 days old -- ACB6.tmp
    08/09/2008 22:00:04 216 byte 2 days old -- ACB7.tmp
    08/09/2008 22:00:25 954 byte 2 days old -- ACBB.tmp
    08/09/2008 22:00:30 224 byte 2 days old -- ACBC.tmp
    08/09/2008 22:01:32 470 byte 2 days old -- ACC0.tmp
    08/09/2008 22:01:44 216 byte 2 days old -- ACC1.tmp
    09/09/2008 16:24:00 311296 byte 1 days old -- ~DFBC0A.tmp
    09/09/2008 16:25:19 (DIR) 0 byte 1 days old -- {DB5EB805-6A9A-479B-A937-87745918A558}
    09/09/2008 19:40:15 1968 byte 1 days old -- AC86.tmp
    09/09/2008 21:05:52 1764044 byte 1 days old -- mps_d04e.tmp
    09/09/2008 21:09:31 (DIR) 0 byte 1 days old -- Google Toolbar
    09/09/2008 21:13:22 39363 byte 1 days old -- U3Launcher.log
    09/09/2008 21:48:09 1452 byte 1 days old -- wmplog00.sqm
    09/09/2008 22:02:25 426 byte 1 days old -- IMTB7.xml
    09/09/2008 22:02:25 805416 byte 1 days old -- IMTB8.xml
    09/09/2008 22:02:25 2026 byte 1 days old -- IMTB6.xml
    10/09/2008 13:57:29 (DIR) 0 byte 0 days old -- WPDNSE
    10/09/2008 13:58:28 26252 byte 0 days old -- LVCOMSX.LOG
    10/09/2008 14:02:25 3811 byte 0 days old -- jusched.log
    10/09/2008 14:03:17 (DIR) 0 byte 0 days old -- ~nsu.tmp
    10/09/2008 18:37:26 512 byte 0 days old -- ~DF24B4.tmp
    10/09/2008 18:37:26 737280 byte 0 days old -- ~DF24A2.tmp
    10/09/2008 18:37:41 753664 byte 0 days old -- ~DF5C8C.tmp
    10/09/2008 18:37:41 512 byte 0 days old -- ~DF5C9E.tmp
    10/09/2008 18:42:48 (DIR) 0 byte 0 days old -- MessengerCache
    10/09/2008 19:31:05 (DIR) 0 byte 0 days old -- nsiC8.tmp
    10/09/2008 19:31:05 16384 byte 0 days old -- ~DFE71B.tmp
    10/09/2008 19:31:50 16384 byte 0 days old -- ~DF3D24.tmp
    10/09/2008 19:31:58 20500 byte 0 days old -- etilqs_11dj3QapLPckx4a5UKe9
    10/09/2008 19:35:55 (DIR) 0 byte 0 days old -- nsmCC.tmp
    10/09/2008 19:36:12 (DIR) 0 byte 0 days old -- nsbD2.tmp
    10/09/2008 19:36:12 16384 byte 0 days old -- ~DFE1F7.tmp
    10/09/2008 19:36:12 50 byte 0 days old -- systemscan.ini

    ===================== HIDDEN OBJECTS =====================


    scanning hidden processes ...

    scanning hidden services & system hive ...

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
    "s1"=dword:2df9c43f
    "s2"=dword:110480d0
    "h0"=dword:00000001

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
    "p0"="C:\Program Files\DAEMON Tools Lite\"
    "h0"=dword:00000000
    "khjeh"=hex:D f,35,de,96,11,83,e0,a7,12,57,20,73,4a,45,3a,ec,4d,9e,83,b4,ba,..

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
    "a0"=hex:20,01,00,00,5b,c5,5a,c2,d1,25,a5,b5,1f,c3,be,92,3d,31,0c,53,4d,..
    "khjeh"=hex:18,46,f7,55,e9,0e,ff,b7,3b,04,11,8e,1b,ae,af,b8,4b,88,91,84,76,..

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
    "khjeh"=hex:6b,1a,bd,ee,09,9f,f7,29,1a,26,da,67,79,38,28,35,c0,37,84,dd,3f,..
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
    "p0"="C:\Program Files\DAEMON Tools Lite\"
    "h0"=dword:00000000
    "khjeh"=hex:D f,35,de,96,11,83,e0,a7,12,57,20,73,4a,45,3a,ec,4d,9e,83,b4,ba,..

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
    "a0"=hex:20,01,00,00,5b,c5,5a,c2,d1,25,a5,b5,1f,c3,be,92,3d,31,0c,53,4d,..
    "khjeh"=hex:18,46,f7,55,e9,0e,ff,b7,3b,04,11,8e,1b,ae,af,b8,4b,88,91,84,76,..

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
    "khjeh"=hex:6b,1a,bd,ee,09,9f,f7,29,1a,26,da,67,79,38,28,35,c0,37,84,dd,3f,..

    scanning hidden registry entries ...

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\\xd8\x2022\x20ac|\xff\xff\xff\xff\22\x2022\x20ac|\xf9\x20229~\2]
    "C040110900063D11C8EF10054038389C"="C?\WINDOWS\system32\FM20ENU.DLL"

    scanning hidden files ...


    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 40


    ===================== RUSTOCK ROOTKIT DETECTION =====================


    #### NOTHING FOUND ####

    ==========================================
    Scan completed in 2,8 minutes
    End of report


    ~~~~~~~~~~~~~~~~~~~~~-----CREDITS-----~~~~~~~~~~~~~~~~~~~~~
    SystemScan uses some freeware tools that remain property of their authors:

    * SteelWerX Registry Console Tool, Who Am I (Bobby Flekman: www.xs4all.nl/~fstaal01) --> "Registry scan", "PC accounts "
    * dumphive (Markus Stephany)--> "Registry scan"
    * Listdlls (M.Russinovich, B.Cogswell: www.sysinternals.com) --> "Loaded modules"
    * Catchme & MBR Rootkit detector (gmer: www.gmer.net) --> "Hidden objects", "Alternate Data Streams" & "Master Boot Record"
    ---> NOTE: SystemScan integrates "The Avenger" from Swandog46 (http://swandog46.geekstogo.com) to allow you to remove malwares found in this log

    Thanks to all of them for their hard work

    11 Septembre 2008 21:40:46

    re

    Télécharge -AtfCleaner
    http://www.atribune.org/public-beta/ATF-Cleaner.exe

    Double-cliquer sur ATF-Cleaner.exe afin de lancer le programme.
    - Si vous utilisez IE
    Sous l'onglet Main, choisir : Select All
    Cliquer sur le bouton Empty Selected
    - Si vous utilisez le navigateur Firefox :
    Cliquer Firefox au haut et choisir : Select All
    Cliquer le bouton Empty Selected
    Note : Si vous voulez conserver les mots de passe sauvegardés, cliquer "No" à l'invite.
    - Si vous utilisez le navigateur Opera :
    Cliquer Opera au haut et choisir : Select All
    Cliquer le bouton Empty Selected
    Note : Si vous voulez conserver les mots de passe sauvegardés, cliquer "No" à l'invite.
    Cliquer Exit, du menu principal, afin de fermer le programme

    ++++++++++

    Télécharge Gmer.
    Dézippe le dans un dossier ou sur ton bureau.

    Déconnecte toi d'Internet puis et ferme tous les programmes.
    Double-clique sur Gmer.exe.

    IMPORTANT: Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.

    Clique sur l'onglet rootkit.
    A droite, coche tout.
    Clique maintenant sur Scan.

    Lorsque le scan est terminé, clique sur Copy.

    Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
    Le rapport doit alors apparaître.
    Enregistre le fichier sur ton bureau et copie/colle le contenu ici.


    12 Septembre 2008 21:55:32

    GMER 1.0.14.14536 - http://www.gmer.net
    Rootkit scan 2008-09-12 21:54:31
    Windows 5.1.2600 Service Pack 2


    ---- System - GMER 1.0.14 ----

    SSDT spoq.sys ZwCreateKey [0xF72870E0]
    SSDT F7B68284 ZwCreateThread
    SSDT spoq.sys ZwEnumerateKey [0xF72A5CA2]
    SSDT spoq.sys ZwEnumerateValueKey [0xF72A6030]
    SSDT spoq.sys ZwOpenKey [0xF72870C0]
    SSDT F7B68270 ZwOpenProcess
    SSDT F7B68275 ZwOpenThread
    SSDT spoq.sys ZwQueryKey [0xF72A6108]
    SSDT spoq.sys ZwQueryValueKey [0xF72A5F88]
    SSDT spoq.sys ZwSetValueKey [0xF72A619A]
    SSDT F7B6827F ZwTerminateProcess
    SSDT F7B6827A ZwWriteVirtualMemory

    INT 0x62 ? 835EDBF8
    INT 0x63 ? 8341ABF8
    INT 0x73 ? 835EDBF8
    INT 0xB4 ? 8341ABF8

    ---- Kernel code sections - GMER 1.0.14 ----

    ? spoq.sys Le fichier spécifié est introuvable. !
    .text USBPORT.SYS!DllUnload F6F9762C 5 Bytes JMP 8341A1D8
    .text a4ngzzso.SYS F6AC1384 1 Byte [ 20 ]
    .text a4ngzzso.SYS F6AC1386 35 Bytes [ 00, 68, 00, 00, 00, 00, 00, ... ]
    .text a4ngzzso.SYS F6AC13AA 24 Bytes [ 00, 00, 20, 00, 00, E0, 00, ... ]
    .text a4ngzzso.SYS F6AC13C4 3 Bytes [ 00, 00, 00 ]
    .text a4ngzzso.SYS F6AC13C9 1 Byte [ 00 ]
    .text ...

    ---- Kernel IAT/EAT - GMER 1.0.14 ----

    IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F7288040] spoq.sys
    IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F728813C] spoq.sys
    IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F72880BE] spoq.sys
    IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F72887FC] spoq.sys
    IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F72886D2] spoq.sys
    IAT \SystemRoot\System32\Drivers\a4ngzzso.SYS[HAL.dll!KfAcquireSpinLock] 0A64D90F
    IAT \SystemRoot\System32\Drivers\a4ngzzso.SYS[HAL.dll!READ_PORT_UCHAR] 046FD406
    IAT \SystemRoot\System32\Drivers\a4ngzzso.SYS[HAL.dll!KeGetCurrentIrql] 1672C31D
    IAT \SystemRoot\System32\Drivers\a4ngzzso.SYS[HAL.dll!KfRaiseIrql] 1879CE14
    IAT \SystemRoot\System32\Drivers\a4ngzzso.SYS[HAL.dll!KfLowerIrql] 3248ED2B
    IAT \SystemRoot\System32\Drivers\a4ngzzso.SYS[HAL.dll!HalGetInterruptVector] 3C43E022
    IAT \SystemRoot\System32\Drivers\a4ngzzso.SYS[HAL.dll!HalTranslateBusAddress] 2E5EF739
    IAT \SystemRoot\System32\Drivers\a4ngzzso.SYS[HAL.dll!KeStallExecutionProcessor] 2055FA30
    IAT \SystemRoot\System32\Drivers\a4ngzzso.SYS[HAL.dll!KfReleaseSpinLock] EC01B79A
    IAT \SystemRoot\System32\Drivers\a4ngzzso.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] E20ABA93
    IAT \SystemRoot\System32\Drivers\a4ngzzso.SYS[HAL.dll!READ_PORT_USHORT] F017AD88
    IAT \SystemRoot\System32\Drivers\a4ngzzso.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] FE1CA081
    IAT \SystemRoot\System32\Drivers\a4ngzzso.SYS[HAL.dll!WRITE_PORT_UCHAR] D42D83BE
    IAT \SystemRoot\System32\Drivers\a4ngzzso.SYS[WMILIB.SYS!WmiSystemControl] C83B99AC
    IAT \SystemRoot\System32\Drivers\a4ngzzso.SYS[WMILIB.SYS!WmiCompleteRequest] C63094A5
    IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F7298048] spoq.sys

    ---- User IAT/EAT - GMER 1.0.14 ----

    IAT C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe[272] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [01142DF0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe[272] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [01142C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe[272] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [01142C10] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe[272] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [01142C60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\ehome\ehtray.exe[612] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\ehome\ehtray.exe[612] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\ehome\ehtray.exe[612] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\ehome\ehtray.exe[612] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\system32\SysMonitor.exe[1364] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\system32\SysMonitor.exe[1364] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\system32\SysMonitor.exe[1364] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\system32\SysMonitor.exe[1364] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1596] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00BD2DF0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1596] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00BD2C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1596] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00BD2C10] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1596] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00BD2C60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\eHome\ehmsas.exe[2228] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\eHome\ehmsas.exe[2228] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\eHome\ehmsas.exe[2228] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\eHome\ehmsas.exe[2228] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\Explorer.EXE[2240] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\Explorer.EXE[2240] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\Explorer.EXE[2240] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\Explorer.EXE[2240] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Messenger\msmsgs.exe[2316] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Messenger\msmsgs.exe[2316] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Messenger\msmsgs.exe[2316] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Messenger\msmsgs.exe[2316] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Fichiers communs\Real\Update_OB\rnathchk.exe[2656] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Fichiers communs\Real\Update_OB\rnathchk.exe[2656] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Fichiers communs\Real\Update_OB\rnathchk.exe[2656] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Fichiers communs\Real\Update_OB\rnathchk.exe[2656] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\DAEMON Tools Lite\daemon.exe[2760] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\DAEMON Tools Lite\daemon.exe[2760] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\DAEMON Tools Lite\daemon.exe[2760] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\DAEMON Tools Lite\daemon.exe[2760] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\system32\ctfmon.exe[2864] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\system32\ctfmon.exe[2864] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\system32\ctfmon.exe[2864] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\system32\ctfmon.exe[2864] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe[2916] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe[2916] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe[2916] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe[2916] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe[3196] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe[3196] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe[3196] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe[3196] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe[3240] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00D92DF0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe[3240] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00D92C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe[3240] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00D92C10] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe[3240] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00D92C60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe[3344] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe[3344] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe[3344] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe[3344] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\NETGEAR\WG111v2\WG111v2.exe[3384] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [01212DF0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\NETGEAR\WG111v2\WG111v2.exe[3384] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [01212C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\NETGEAR\WG111v2\WG111v2.exe[3384] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [01212C10] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\NETGEAR\WG111v2\WG111v2.exe[3384] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [01212C60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[3420] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[3420] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[3420] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe[3420] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\RTHDCPL.EXE[3556] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\RTHDCPL.EXE[3556] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\RTHDCPL.EXE[3556] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\RTHDCPL.EXE[3556] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\QuickTime\qttask.exe[3576] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\QuickTime\qttask.exe[3576] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\QuickTime\qttask.exe[3576] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\QuickTime\qttask.exe[3576] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\system32\LVCOMSX.EXE[3804] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\system32\LVCOMSX.EXE[3804] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\system32\LVCOMSX.EXE[3804] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\system32\LVCOMSX.EXE[3804] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\system32\ElkCtrl.exe[3836] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\system32\ElkCtrl.exe[3836] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\system32\ElkCtrl.exe[3836] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\system32\ElkCtrl.exe[3836] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Logitech\Video\CameraAssistant.exe[3868] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00BE2DF0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Logitech\Video\CameraAssistant.exe[3868] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00BE2C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Logitech\Video\CameraAssistant.exe[3868] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00BE2C10] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Program Files\Logitech\Video\CameraAssistant.exe[3868] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00BE2C60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Acer\Empowering Technology\eRecovery\eRAgent.exe[4012] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00D72DF0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Acer\Empowering Technology\eRecovery\eRAgent.exe[4012] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00D72C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Acer\Empowering Technology\eRecovery\eRAgent.exe[4012] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00D72C10] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Acer\Empowering Technology\eRecovery\eRAgent.exe[4012] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00D72C60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Documents and Settings\YANN\Bureau\gmer.exe[7528] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [10002DF0] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Documents and Settings\YANN\Bureau\gmer.exe[7528] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [10002C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Documents and Settings\YANN\Bureau\gmer.exe[7528] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [10002C10] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
    IAT C:\Documents and Settings\YANN\Bureau\gmer.exe[7528] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [10002C60] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

    ---- Devices - GMER 1.0.14 ----

    Device \FileSystem\Ntfs \Ntfs 835EB1F8

    AttachedDevice \FileSystem\Ntfs \Ntfs psdfilter.sys (PSD Filter Driver/HiTRUST)

    Device \FileSystem\Fastfat \FatCdrom 82C271F8
    Device \Driver\USBSTOR \Device\0000008e 831AD500
    Device \Driver\usbohci \Device\USBPDO-0 834191F8
    Device \Driver\dmio \Device\DmControl\DmIoDaemon 8365E1F8
    Device \Driver\dmio \Device\DmControl\DmConfig 8365E1F8
    Device \Driver\dmio \Device\DmControl\DmPnP 8365E1F8
    Device \Driver\dmio \Device\DmControl\DmInfo 8365E1F8
    Device \Driver\usbehci \Device\USBPDO-1 834181F8
    Device \Driver\NetBT \Device\NetBT_Tcpip_{3CA6E947-61A5-4C2D-BEFD-93A01EBA1C7F} 8317E500
    Device \Driver\Ftdisk \Device\HarddiskVolume1 835EE1F8
    Device \Driver\sptd \Device\1213992398 spoq.sys
    Device \Driver\Ftdisk \Device\HarddiskVolume2 835EE1F8
    Device \Driver\Cdrom \Device\CdRom0 833DA1F8
    Device \Driver\Ftdisk \Device\HarddiskVolume3 835EE1F8
    Device \Driver\Cdrom \Device\CdRom1 833DA1F8
    Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 835ED1F8
    Device \Driver\atapi \Device\Ide\IdePort0 835ED1F8
    Device \Driver\atapi \Device\Ide\IdePort1 835ED1F8
    Device \Driver\atapi \Device\Ide\IdePort2 835ED1F8
    Device \Driver\atapi \Device\Ide\IdePort3 835ED1F8
    Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-e 835ED1F8
    Device \Driver\Ftdisk \Device\HarddiskVolume4 835EE1F8
    Device \Driver\NetBT \Device\NetBt_Wins_Export 8317E500
    Device \Driver\NetBT \Device\NetbiosSmb 8317E500
    Device \Driver\PCI_PNP8648 \Device\0000005c spoq.sys
    Device \Driver\USBSTOR \Device\00000089 831AD500
    Device \Driver\NetBT \Device\NetBT_Tcpip_{4AC48A29-33BA-4BA2-820C-247A0D090CA4} 8317E500
    Device \Driver\usbohci \Device\USBFDO-0 834191F8
    Device \Driver\usbehci \Device\USBFDO-1 834181F8
    Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8341D1F8
    Device \FileSystem\MRxSmb \Device\LanmanRedirector 8341D1F8
    Device \Driver\Ftdisk \Device\FtControl 835EE1F8
    Device \Driver\USBSTOR \Device\0000008b 831AD500
    Device \Driver\USBSTOR \Device\0000008c 831AD500
    Device \Driver\a4ngzzso \Device\Scsi\a4ngzzso1 8338F500
    Device \Driver\a4ngzzso \Device\Scsi\a4ngzzso1Port5Path0Target0Lun0 8338F500
    Device \Driver\imagedrv \Device\Scsi\imagedrv1 835EC1F8
    Device \Driver\USBSTOR \Device\0000008d 831AD500
    Device \FileSystem\Fastfat \Fat 82C271F8

    AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
    AttachedDevice \FileSystem\Fastfat \Fat psdfilter.sys (PSD Filter Driver/HiTRUST)

    Device \FileSystem\Cdfs \Cdfs 82CFD1F8

    ---- Registry - GMER 1.0.14 ----

    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xDF 0x35 0xDE 0x96 ...
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x18 0x46 0xF7 0x55 ...
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
    Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x6B 0x1A 0xBD 0xEE ...
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xDF 0x35 0xDE 0x96 ...
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x18 0x46 0xF7 0x55 ...
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
    Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x6B 0x1A 0xBD 0xEE ...
    Reg HKLM\SOFTWARE\Classes\Software\RealNetworks\Update\6.0\Preferences\ATH\LastCheck@ DEBBCA48

    ---- EOF - GMER 1.0.14 ----
    12 Septembre 2008 22:53:55

    re

    Rends toi sur ce lien : Virus Total
  • Clique sur Parcourir
  • Rends toi jusque sur ce fichier si tu le trouves :

    C:\WINDOWS\System32\Drivers\a4ngzzso.SYS

  • Clique sur Envoyer le fichier et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
  • Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
  • Lorsque l'analyse est terminée ("Situation actuelle: terminé"), clique sur Formaté
  • Une nouvelle fenêtre de ton navigateur va apparaître
  • Clique alors sur cette image :
  • Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
  • Enfin colle le résultat dans ta prochaine réponse.
    Note : Peu importe le résultat, il est important de me communiquer le résultat de toute l'analyse.
    Il est possible que tes outils de sécurité réagissent à l'envoi du fichier, en ce cas il te faudra ignorer les alertes.
    13 Septembre 2008 12:46:50

    Il ne trouve pas le fichier.....
    14 Septembre 2008 14:34:37

    re

    Télécharge IceSword de pjf_ sur ce lien http://mail2.ustc.edu.cn/~jfpan/download/IceSword120_en.zip


  • Dézippe le sur ton bureau.
  • Ouvre le dossier qui vient d'être créé
  • Double-clique sur IceSword
  • Dans la colonne de gauche, clique sur File
  • Clique sur la croix de Local Disk ( C: )
  • Clique sur la croix de Windows
  • Clique sur le dossier system32
  • Clique sur le dossier driver
  • Recherche le fichier suivant a4ngzzso.SYS
  • Une fois trouvé, clique-droit dessus, choisis Copie to...
  • Nomme le "Malware.sys" et enregistre le sur ton Bureau.
  • Ferme IceSword


    après, scan le fichier qui est sur ton bureau chez virus total et poste le rapport
    14 Septembre 2008 20:46:19

    Mais il n'y est pas ... :( .
    14 Septembre 2008 20:54:37

    re

    Citation :
    Pour afficher les dossiers et fichiers cachés du système:
    Panneau de configuration/Options des dossiers/onglet Affichage/cocher Afficher les fichiers et dossiers cachés, décocher Masquer les extensions de fichiers connus, décocher Masquer les fichiers protégés du Système.

    Les fichiers et dossiers cachés du système apparaissent alors dans l'explorateur Windows en transparence.

    14 Septembre 2008 21:06:21

    Toujours pas.
        • 1 / 2
        • 2
        • Dernier
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS