Virus pas effacable small-gwm
borndead
-
DeNisCoOl Messages postés 2802 Date d'inscription Statut Membre Dernière intervention -
DeNisCoOl Messages postés 2802 Date d'inscription Statut Membre Dernière intervention -
salut j'ai des trouble avec small-gwm sur mon ordi voici quelque rapport est ce que quelqu'un peux maider
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\.DMP]
[HKEY_CLASSES_ROOT\.MST]
[HKEY_CLASSES_ROOT\.TMP]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cha]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cha\OpenWithList]
"a"="stbce.exe"
"MRUList"="a"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sat]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sat\OpenWithList]
"a"="stbce.exe"
"MRUList"="a"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TSK]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TSK\OpenWithList]
"a"="NOTEPAD.EXE"
"MRUList"="a"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\bmp]
"Application"="NeroPhotoSnapViewer.Files7.bmp"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\cut]
"Application"="NeroPhotoSnapViewer.Files7.cut"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\dds]
"Application"="NeroPhotoSnapViewer.Files7.dds"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\dib]
"Application"="NeroPhotoSnapViewer.Files7.dib"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\gif]
"Application"="NeroPhotoSnapViewer.Files7.gif"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\ico]
"Application"="NeroPhotoSnapViewer.Files7.ico"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\iff]
"Application"="NeroPhotoSnapViewer.Files7.iff"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\jfif]
"Application"="NeroPhotoSnapViewer.Files7.jfif"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\jif]
"Application"="NeroPhotoSnapViewer.Files7.jif"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\jng]
"Application"="NeroPhotoSnapViewer.Files7.jng"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\jpe]
"Application"="NeroPhotoSnapViewer.Files7.jpe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\jpeg]
"Application"="NeroPhotoSnapViewer.Files7.jpeg"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\jpg]
"Application"="NeroPhotoSnapViewer.Files7.jpg"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\koa]
"Application"="NeroPhotoSnapViewer.Files7.koa"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\lbm]
"Application"="NeroPhotoSnapViewer.Files7.lbm"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\ljp]
"Application"="NeroPhotoSnapViewer.Files7.ljp"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\mng]
"Application"="NeroPhotoSnapViewer.Files7.mng"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\pbm]
"Application"="NeroPhotoSnapViewer.Files7.pbm"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\pcd]
"Application"="NeroPhotoSnapViewer.Files7.pcd"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\pcx]
"Application"="NeroPhotoSnapViewer.Files7.pcx"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\png]
"Application"="NeroPhotoSnapViewer.Files7.png"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\ppm]
"Application"="NeroPhotoSnapViewer.Files7.ppm"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\psd]
"Application"="NeroPhotoSnapViewer.Files7.psd"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\tga]
"Application"="NeroPhotoSnapViewer.Files7.tga"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\tif]
"Application"="NeroPhotoSnapViewer.Files7.tif"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\tiff]
"Application"="NeroPhotoSnapViewer.Files7.tiff"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\wbm]
"Application"="NeroPhotoSnapViewer.Files7.wbm"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\wbmp]
"Application"="NeroPhotoSnapViewer.Files7.wbmp"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\wmf]
"Application"="NeroPhotoSnapViewer.Files7.wmf"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\wpg]
"Application"="NeroPhotoSnapViewer.Files7.wpg"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\xbm]
"Application"="NeroPhotoSnapViewer.Files7.xbm"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\NewTech Infosystems\\NTI CD & DVD-Maker 7\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\NewTech Infosystems\\NTI CD & DVD-Maker 7\\FileCD\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\NewTech Infosystems\\NTI Backup NOW! 4\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Documents and Settings\\Borndead\\Application Data\\Macromedia\\Flash Player\\macromedia.com\\support\\flashplayer\\sys\\#local\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Documents and Settings\\Borndead\\Application Data\\Macromedia\\Flash Player\\macromedia.com\\support\\flashplayer\\sys\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Documents and Settings\\Borndead\\Application Data\\Macromedia\\Flash Player\\macromedia.com\\support\\flashplayer\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Documents and Settings\\Borndead\\Application Data\\Macromedia\\Flash Player\\macromedia.com\\support\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Documents and Settings\\Borndead\\Application Data\\Macromedia\\Flash Player\\macromedia.com\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Acer\\Empowering Technology\\eLock\\Resources.Notebook\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Acer\\Empowering Technology\\eLock\\Resources.Desktop\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Acer\\Empowering Technology\\ePerformance\\Resources.Notebook\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Acer\\Empowering Technology\\ePerformance\\Resources.Desktop\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Acer\\Empowering Technology\\eSettings\\Applications\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Lavasoft\\Ad-Aware 2007\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Lavasoft\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\TuneUp Utilities 2007\\Utilities\\"="1"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\TuneUp Utilities 2007\\"="1"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{0496D9E8-224B-4AFA-8F37-23B98D52F1EB}]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
00,00,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{AC76BA86-7AD7-1033-7B44-A70000000000}]
"SlowInfoCache"=hex:28,02,00,00,01,00,00,00,00,cc,e5,03,00,00,00,00,00,60,c9,\
9b,4b,cb,c7,01,02,00,00,00,43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,\
61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,41,00,64,00,6f,00,62,\
00,65,00,5c,00,41,00,63,00,72,00,6f,00,62,00,61,00,74,00,20,00,37,00,2e,00,\
30,00,5c,00,52,00,65,00,61,00,64,00,65,00,72,00,5c,00,72,00,65,00,61,00,64,\
00,65,00,72,00,5f,00,73,00,6c,00,2e,00,65,00,78,00,65,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000
[HKEY_CURRENT_USER\Software\SightSpeed Inc]
[HKEY_LOCAL_MACHINE\Software\lameme]
[HKEY_LOCAL_MACHINE\Software\NewTech Infosystems]
[HKEY_LOCAL_MACHINE\Software\SightSpeed Inc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
@=""
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Lavasoft]
"Order"=hex:08,00,00,00,02,00,00,00,84,00,00,00,01,00,00,00,01,00,00,00,78,00,\
00,00,00,00,00,00,6a,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,58,00,31,\
00,00,00,00,00,f8,36,2f,7f,10,00,41,44,2d,41,57,41,7e,31,00,00,32,00,03,00,\
04,00,ef,be,f8,36,2f,7f,f8,36,00,20,14,00,00,00,41,00,64,00,2d,00,41,00,77,\
00,61,00,72,00,65,00,20,00,32,00,30,00,30,00,37,00,00,00,18,00,0e,00,00,00,\
0a,00,ef,be,00,00,00,00,18,00,00,00,00,00,00,00,00,00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Lavasoft\Ad-Aware 2007]
"Order"=hex:08,00,00,00,02,00,00,00,54,01,00,00,01,00,00,00,02,00,00,00,a8,00,\
00,00,00,00,00,00,9a,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,88,00,32,\
00,9a,02,00,00,f8,36,45,7f,20,00,52,41,43,43,4f,55,7e,32,2e,4c,4e,4b,00,00,\
5e,00,03,00,04,00,ef,be,f8,36,45,7f,fd,36,00,20,14,00,00,00,52,00,61,00,63,\
00,63,00,6f,00,75,00,72,00,63,00,69,00,20,00,28,00,33,00,29,00,20,00,76,00,\
65,00,72,00,73,00,20,00,41,00,64,00,2d,00,41,00,77,00,61,00,72,00,65,00,32,\
00,30,00,30,00,37,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,\
ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,a0,00,00,00,01,00,00,00,92,\
00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,80,00,32,00,fe,02,00,00,f8,36,\
12,80,20,00,52,41,43,43,4f,55,7e,33,2e,4c,4e,4b,00,00,56,00,03,00,04,00,ef,\
be,f8,36,12,80,fd,36,00,20,14,00,00,00,52,00,61,00,63,00,63,00,6f,00,75,00,\
72,00,63,00,69,00,20,00,76,00,65,00,72,00,73,00,20,00,41,00,64,00,2d,00,41,\
00,77,00,61,00,72,00,65,00,32,00,30,00,30,00,37,00,2e,00,6c,00,6e,00,6b,00,\
00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,\
00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Lavasoft\Ad-Aware 2007]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\TuneUp Utilities 2007]
"Order"=hex:08,00,00,00,02,00,00,00,f0,02,00,00,01,00,00,00,05,00,00,00,70,00,\
00,00,00,00,00,00,62,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,50,00,31,\
00,00,00,00,00,f5,36,98,94,10,00,55,54,49,4c,49,54,7e,31,00,00,2a,00,03,00,\
04,00,ef,be,f5,36,98,94,f5,36,00,20,14,00,00,00,55,00,74,00,69,00,6c,00,69,\
00,74,00,69,00,65,00,73,00,00,00,18,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,\
18,00,00,00,00,00,00,00,00,00,9a,00,00,00,01,00,00,00,8c,00,00,00,41,75,67,\
4d,02,00,00,00,01,00,00,00,7a,00,32,00,ee,02,00,00,f5,36,9b,94,20,00,54,55,\
4e,45,55,50,7e,32,2e,4c,4e,4b,00,00,50,00,03,00,04,00,ef,be,f5,36,9b,94,f8,\
36,00,20,14,00,00,00,54,00,75,00,6e,00,65,00,55,00,70,00,20,00,53,00,6f,00,\
66,00,74,00,77,00,61,00,72,00,65,00,20,00,57,00,65,00,62,00,20,00,73,00,69,\
00,74,00,65,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,\
00,00,00,00,1c,00,00,00,00,00,00,00,00,00,94,00,00,00,02,00,00,00,86,00,00,\
00,41,75,67,4d,02,00,00,00,01,00,00,00,74,00,32,00,f1,02,00,00,f5,36,9b,94,\
20,00,54,55,4e,45,55,50,7e,31,2e,4c,4e,4b,00,00,4a,00,03,00,04,00,ef,be,f5,\
36,9b,94,f8,36,00,20,14,00,00,00,54,00,75,00,6e,00,65,00,55,00,70,00,20,00,\
55,00,74,00,69,00,6c,00,69,00,74,00,69,00,65,00,73,00,20,00,32,00,30,00,30,\
00,37,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,\
00,00,1c,00,00,00,00,00,00,00,00,00,9e,00,00,00,03,00,00,00,90,00,00,00,41,\
75,67,4d,02,00,00,00,01,00,00,00,7e,00,32,00,a9,02,00,00,f5,36,9b,94,20,00,\
54,55,4e,45,55,50,7e,33,2e,4c,4e,4b,00,00,54,00,03,00,04,00,ef,be,f5,36,9b,\
94,f8,36,00,20,14,00,00,00,54,00,75,00,6e,00,65,00,55,00,70,00,20,00,55,00,\
74,00,69,00,6c,00,69,00,74,00,69,00,65,00,73,00,20,00,32,00,30,00,30,00,37,\
00,20,00,48,00,65,00,6c,00,70,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,\
00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,a8,00,00,00,04,\
00,00,00,9a,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,88,00,32,00,63,02,\
00,00,f5,36,9b,94,20,00,55,4e,49,4e,53,54,7e,31,2e,4c,4e,4b,00,00,5e,00,03,\
00,04,00,ef,be,f5,36,9b,94,f8,36,00,20,14,00,00,00,55,00,6e,00,69,00,6e,00,\
73,00,74,00,61,00,6c,00,6c,00,20,00,54,00,75,00,6e,00,65,00,55,00,70,00,20,\
00,55,00,74,00,69,00,6c,00,69,00,74,00,69,00,65,00,73,00,20,00,32,00,30,00,\
30,00,37,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,\
00,00,00,1c,00,00,00,00,00,00,00,00,00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Documents and Settings\\Borndead\\Local Settings\\Temporary Internet Files\\Content.IE5\\NUS4IARK\\ccsetup140[1].exe"="CCleaner Installer"
Logfile of HijackThis v1.99.1
Scan saved at 23:01:49, on 2007-07-31
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Acer\Empowering Technology\admServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\M-Audio\Install\EvoInst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\ElkCtrl.exe
C:\Acer\Empowering Technology\admtray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\lExplore.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Roxio\Media Experience\DMXLauncher.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\NOTEPAD.EXE
D:\programme\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [lnternet Update] lExplore.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\Media Experience\DMXLauncher.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunServices: [lnternet Update] lExplore.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - Startup: lExplorehelp.exe
O8 - Extra context menu item: &Sample Toolband Serach - res://C:\WINDOWS\system32\ToolBand.dll/MENUSEARCH.HTM
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WB - C:\Program Files\AlienGUIse\fastload.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: M-Audio Installer (EvoInstallerService) - Unknown owner - C:\Program Files\M-Audio\Install\EvoInst.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe (file missing)
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Fichiers communs\Sonic Shared\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Fichiers communs\Sonic Shared\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\.DMP]
[HKEY_CLASSES_ROOT\.MST]
[HKEY_CLASSES_ROOT\.TMP]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cha]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cha\OpenWithList]
"a"="stbce.exe"
"MRUList"="a"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sat]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sat\OpenWithList]
"a"="stbce.exe"
"MRUList"="a"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TSK]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TSK\OpenWithList]
"a"="NOTEPAD.EXE"
"MRUList"="a"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\bmp]
"Application"="NeroPhotoSnapViewer.Files7.bmp"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\cut]
"Application"="NeroPhotoSnapViewer.Files7.cut"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\dds]
"Application"="NeroPhotoSnapViewer.Files7.dds"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\dib]
"Application"="NeroPhotoSnapViewer.Files7.dib"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\gif]
"Application"="NeroPhotoSnapViewer.Files7.gif"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\ico]
"Application"="NeroPhotoSnapViewer.Files7.ico"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\iff]
"Application"="NeroPhotoSnapViewer.Files7.iff"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\jfif]
"Application"="NeroPhotoSnapViewer.Files7.jfif"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\jif]
"Application"="NeroPhotoSnapViewer.Files7.jif"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\jng]
"Application"="NeroPhotoSnapViewer.Files7.jng"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\jpe]
"Application"="NeroPhotoSnapViewer.Files7.jpe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\jpeg]
"Application"="NeroPhotoSnapViewer.Files7.jpeg"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\jpg]
"Application"="NeroPhotoSnapViewer.Files7.jpg"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\koa]
"Application"="NeroPhotoSnapViewer.Files7.koa"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\lbm]
"Application"="NeroPhotoSnapViewer.Files7.lbm"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\ljp]
"Application"="NeroPhotoSnapViewer.Files7.ljp"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\mng]
"Application"="NeroPhotoSnapViewer.Files7.mng"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\pbm]
"Application"="NeroPhotoSnapViewer.Files7.pbm"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\pcd]
"Application"="NeroPhotoSnapViewer.Files7.pcd"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\pcx]
"Application"="NeroPhotoSnapViewer.Files7.pcx"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\png]
"Application"="NeroPhotoSnapViewer.Files7.png"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\ppm]
"Application"="NeroPhotoSnapViewer.Files7.ppm"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\psd]
"Application"="NeroPhotoSnapViewer.Files7.psd"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\tga]
"Application"="NeroPhotoSnapViewer.Files7.tga"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\tif]
"Application"="NeroPhotoSnapViewer.Files7.tif"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\tiff]
"Application"="NeroPhotoSnapViewer.Files7.tiff"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\wbm]
"Application"="NeroPhotoSnapViewer.Files7.wbm"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\wbmp]
"Application"="NeroPhotoSnapViewer.Files7.wbmp"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\wmf]
"Application"="NeroPhotoSnapViewer.Files7.wmf"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\wpg]
"Application"="NeroPhotoSnapViewer.Files7.wpg"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\xbm]
"Application"="NeroPhotoSnapViewer.Files7.xbm"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\NewTech Infosystems\\NTI CD & DVD-Maker 7\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\NewTech Infosystems\\NTI CD & DVD-Maker 7\\FileCD\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\NewTech Infosystems\\NTI Backup NOW! 4\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Documents and Settings\\Borndead\\Application Data\\Macromedia\\Flash Player\\macromedia.com\\support\\flashplayer\\sys\\#local\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Documents and Settings\\Borndead\\Application Data\\Macromedia\\Flash Player\\macromedia.com\\support\\flashplayer\\sys\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Documents and Settings\\Borndead\\Application Data\\Macromedia\\Flash Player\\macromedia.com\\support\\flashplayer\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Documents and Settings\\Borndead\\Application Data\\Macromedia\\Flash Player\\macromedia.com\\support\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Documents and Settings\\Borndead\\Application Data\\Macromedia\\Flash Player\\macromedia.com\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Acer\\Empowering Technology\\eLock\\Resources.Notebook\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Acer\\Empowering Technology\\eLock\\Resources.Desktop\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Acer\\Empowering Technology\\ePerformance\\Resources.Notebook\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Acer\\Empowering Technology\\ePerformance\\Resources.Desktop\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Acer\\Empowering Technology\\eSettings\\Applications\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Lavasoft\\Ad-Aware 2007\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Lavasoft\\"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\TuneUp Utilities 2007\\Utilities\\"="1"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\TuneUp Utilities 2007\\"="1"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{0496D9E8-224B-4AFA-8F37-23B98D52F1EB}]
"SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00,\
00,00,00,00,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{AC76BA86-7AD7-1033-7B44-A70000000000}]
"SlowInfoCache"=hex:28,02,00,00,01,00,00,00,00,cc,e5,03,00,00,00,00,00,60,c9,\
9b,4b,cb,c7,01,02,00,00,00,43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,\
61,00,6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,5c,00,41,00,64,00,6f,00,62,\
00,65,00,5c,00,41,00,63,00,72,00,6f,00,62,00,61,00,74,00,20,00,37,00,2e,00,\
30,00,5c,00,52,00,65,00,61,00,64,00,65,00,72,00,5c,00,72,00,65,00,61,00,64,\
00,65,00,72,00,5f,00,73,00,6c,00,2e,00,65,00,78,00,65,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"Changed"=dword:00000000
[HKEY_CURRENT_USER\Software\SightSpeed Inc]
[HKEY_LOCAL_MACHINE\Software\lameme]
[HKEY_LOCAL_MACHINE\Software\NewTech Infosystems]
[HKEY_LOCAL_MACHINE\Software\SightSpeed Inc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
@=""
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Lavasoft]
"Order"=hex:08,00,00,00,02,00,00,00,84,00,00,00,01,00,00,00,01,00,00,00,78,00,\
00,00,00,00,00,00,6a,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,58,00,31,\
00,00,00,00,00,f8,36,2f,7f,10,00,41,44,2d,41,57,41,7e,31,00,00,32,00,03,00,\
04,00,ef,be,f8,36,2f,7f,f8,36,00,20,14,00,00,00,41,00,64,00,2d,00,41,00,77,\
00,61,00,72,00,65,00,20,00,32,00,30,00,30,00,37,00,00,00,18,00,0e,00,00,00,\
0a,00,ef,be,00,00,00,00,18,00,00,00,00,00,00,00,00,00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Lavasoft\Ad-Aware 2007]
"Order"=hex:08,00,00,00,02,00,00,00,54,01,00,00,01,00,00,00,02,00,00,00,a8,00,\
00,00,00,00,00,00,9a,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,88,00,32,\
00,9a,02,00,00,f8,36,45,7f,20,00,52,41,43,43,4f,55,7e,32,2e,4c,4e,4b,00,00,\
5e,00,03,00,04,00,ef,be,f8,36,45,7f,fd,36,00,20,14,00,00,00,52,00,61,00,63,\
00,63,00,6f,00,75,00,72,00,63,00,69,00,20,00,28,00,33,00,29,00,20,00,76,00,\
65,00,72,00,73,00,20,00,41,00,64,00,2d,00,41,00,77,00,61,00,72,00,65,00,32,\
00,30,00,30,00,37,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,\
ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,a0,00,00,00,01,00,00,00,92,\
00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,80,00,32,00,fe,02,00,00,f8,36,\
12,80,20,00,52,41,43,43,4f,55,7e,33,2e,4c,4e,4b,00,00,56,00,03,00,04,00,ef,\
be,f8,36,12,80,fd,36,00,20,14,00,00,00,52,00,61,00,63,00,63,00,6f,00,75,00,\
72,00,63,00,69,00,20,00,76,00,65,00,72,00,73,00,20,00,41,00,64,00,2d,00,41,\
00,77,00,61,00,72,00,65,00,32,00,30,00,30,00,37,00,2e,00,6c,00,6e,00,6b,00,\
00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,\
00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Lavasoft\Ad-Aware 2007]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\TuneUp Utilities 2007]
"Order"=hex:08,00,00,00,02,00,00,00,f0,02,00,00,01,00,00,00,05,00,00,00,70,00,\
00,00,00,00,00,00,62,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,50,00,31,\
00,00,00,00,00,f5,36,98,94,10,00,55,54,49,4c,49,54,7e,31,00,00,2a,00,03,00,\
04,00,ef,be,f5,36,98,94,f5,36,00,20,14,00,00,00,55,00,74,00,69,00,6c,00,69,\
00,74,00,69,00,65,00,73,00,00,00,18,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,\
18,00,00,00,00,00,00,00,00,00,9a,00,00,00,01,00,00,00,8c,00,00,00,41,75,67,\
4d,02,00,00,00,01,00,00,00,7a,00,32,00,ee,02,00,00,f5,36,9b,94,20,00,54,55,\
4e,45,55,50,7e,32,2e,4c,4e,4b,00,00,50,00,03,00,04,00,ef,be,f5,36,9b,94,f8,\
36,00,20,14,00,00,00,54,00,75,00,6e,00,65,00,55,00,70,00,20,00,53,00,6f,00,\
66,00,74,00,77,00,61,00,72,00,65,00,20,00,57,00,65,00,62,00,20,00,73,00,69,\
00,74,00,65,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,\
00,00,00,00,1c,00,00,00,00,00,00,00,00,00,94,00,00,00,02,00,00,00,86,00,00,\
00,41,75,67,4d,02,00,00,00,01,00,00,00,74,00,32,00,f1,02,00,00,f5,36,9b,94,\
20,00,54,55,4e,45,55,50,7e,31,2e,4c,4e,4b,00,00,4a,00,03,00,04,00,ef,be,f5,\
36,9b,94,f8,36,00,20,14,00,00,00,54,00,75,00,6e,00,65,00,55,00,70,00,20,00,\
55,00,74,00,69,00,6c,00,69,00,74,00,69,00,65,00,73,00,20,00,32,00,30,00,30,\
00,37,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,\
00,00,1c,00,00,00,00,00,00,00,00,00,9e,00,00,00,03,00,00,00,90,00,00,00,41,\
75,67,4d,02,00,00,00,01,00,00,00,7e,00,32,00,a9,02,00,00,f5,36,9b,94,20,00,\
54,55,4e,45,55,50,7e,33,2e,4c,4e,4b,00,00,54,00,03,00,04,00,ef,be,f5,36,9b,\
94,f8,36,00,20,14,00,00,00,54,00,75,00,6e,00,65,00,55,00,70,00,20,00,55,00,\
74,00,69,00,6c,00,69,00,74,00,69,00,65,00,73,00,20,00,32,00,30,00,30,00,37,\
00,20,00,48,00,65,00,6c,00,70,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,\
00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,a8,00,00,00,04,\
00,00,00,9a,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,88,00,32,00,63,02,\
00,00,f5,36,9b,94,20,00,55,4e,49,4e,53,54,7e,31,2e,4c,4e,4b,00,00,5e,00,03,\
00,04,00,ef,be,f5,36,9b,94,f8,36,00,20,14,00,00,00,55,00,6e,00,69,00,6e,00,\
73,00,74,00,61,00,6c,00,6c,00,20,00,54,00,75,00,6e,00,65,00,55,00,70,00,20,\
00,55,00,74,00,69,00,6c,00,69,00,74,00,69,00,65,00,73,00,20,00,32,00,30,00,\
30,00,37,00,2e,00,6c,00,6e,00,6b,00,00,00,1c,00,0e,00,00,00,0a,00,ef,be,00,\
00,00,00,1c,00,00,00,00,00,00,00,00,00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\\Documents and Settings\\Borndead\\Local Settings\\Temporary Internet Files\\Content.IE5\\NUS4IARK\\ccsetup140[1].exe"="CCleaner Installer"
Logfile of HijackThis v1.99.1
Scan saved at 23:01:49, on 2007-07-31
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Acer\Empowering Technology\admServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\M-Audio\Install\EvoInst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\ElkCtrl.exe
C:\Acer\Empowering Technology\admtray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\lExplore.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Roxio\Media Experience\DMXLauncher.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\NOTEPAD.EXE
D:\programme\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [lnternet Update] lExplore.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\Media Experience\DMXLauncher.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunServices: [lnternet Update] lExplore.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - Startup: lExplorehelp.exe
O8 - Extra context menu item: &Sample Toolband Serach - res://C:\WINDOWS\system32\ToolBand.dll/MENUSEARCH.HTM
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WB - C:\Program Files\AlienGUIse\fastload.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: M-Audio Installer (EvoInstallerService) - Unknown owner - C:\Program Files\M-Audio\Install\EvoInst.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe (file missing)
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Fichiers communs\Sonic Shared\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Fichiers communs\Sonic Shared\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
A voir également:
- Virus pas effacable small-gwm
- Damn small linux - Télécharger - Systèmes d'exploitation
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Undisclosed-recipients virus - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
2 réponses
Bonjour,
essayes ces liens scan en ligne gratuit, certains peuvent parfois effacer ce que Avast n'arrive pas à faire.
f-secure
http://support.f-secure.com/enu/home/ols.shtml
trendmicro
https://www.trendmicro.com/fr_fr/business.html
panda security ancien panda software:
https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
Je vois que tu utilises Avast et AVG et pour information je ne partages pas trop les idées du site de proposer ouvertement Avast et AVG comme AV virus gratuit, j'y mettrais un gros bemol.
Il laisse passer entre 3 et 5% des virus connus et beaucoup de virus inconnus.
Avira est bien meilleur avec moins de 1.5% et 84% de détection de virus inconnus contre moins de 10% pour Avast.
Il a un petit défaut, il déclenche parfois pour rien mais rarement je l'ai utilisé 3 mois il m'a parfaitement dépanné avant que je ne rachètes Kaspersky AV.
En cas de détection prendre le fichier et l'envoyer sur le site virustotal.com et en 2min tu es fixé.
J'espères que cela t'aidera.
Denis
essayes ces liens scan en ligne gratuit, certains peuvent parfois effacer ce que Avast n'arrive pas à faire.
f-secure
http://support.f-secure.com/enu/home/ols.shtml
trendmicro
https://www.trendmicro.com/fr_fr/business.html
panda security ancien panda software:
https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
Je vois que tu utilises Avast et AVG et pour information je ne partages pas trop les idées du site de proposer ouvertement Avast et AVG comme AV virus gratuit, j'y mettrais un gros bemol.
Il laisse passer entre 3 et 5% des virus connus et beaucoup de virus inconnus.
Avira est bien meilleur avec moins de 1.5% et 84% de détection de virus inconnus contre moins de 10% pour Avast.
Il a un petit défaut, il déclenche parfois pour rien mais rarement je l'ai utilisé 3 mois il m'a parfaitement dépanné avant que je ne rachètes Kaspersky AV.
En cas de détection prendre le fichier et l'envoyer sur le site virustotal.com et en 2min tu es fixé.
J'espères que cela t'aidera.
Denis
borndead
Messages postés
1
Date d'inscription
Statut
Membre
Dernière intervention
merci denis je vais essayer ce que tu m'as proposer
salut borndead,
toujours là? les scan ont marché?
des résultats sur ton cheval de troi small-gwm?pour ce qui est de ton HijackThis.
je ne suis pas un spécilaiste mais j'ai pris du temps pour tout regarder sauf les registre en haut de ton rapport mais je n'ai rien vu de suspect, juste plusieurs services inutile au démarrage:
Logitech, Adobe et Roxio, Nero.
tu peux les fixer je penses à moins de les utiliser très souvent.
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\Media Experience\DMXLauncher.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\Media Experience\DMXLauncher.exe"
bye bye
Denis
toujours là? les scan ont marché?
des résultats sur ton cheval de troi small-gwm?pour ce qui est de ton HijackThis.
je ne suis pas un spécilaiste mais j'ai pris du temps pour tout regarder sauf les registre en haut de ton rapport mais je n'ai rien vu de suspect, juste plusieurs services inutile au démarrage:
Logitech, Adobe et Roxio, Nero.
tu peux les fixer je penses à moins de les utiliser très souvent.
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\Media Experience\DMXLauncher.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\Media Experience\DMXLauncher.exe"
bye bye
Denis
