PC infecté par un ver

Merci pour tes conseils,

Voici le rapport qui est apparu mais comme je 'y connaît rien, peux-tu me dire s'il y a quelque chose d'inquiétant ?

Deckard's System Scanner v20071014.68
Run by acer1640 on 2008-07-20 15:03:29
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
56: 2008-07-20 13:03:34 UTC - RP413 - Deckard's System Scanner Restore Point
55: 2008-07-20 12:08:22 UTC - RP412 - Point de vérification système
54: 2008-07-16 09:46:37 UTC - RP411 - Installé Livebox
53: 2008-07-16 09:34:48 UTC - RP410 - Last known good configuration
52: 2008-07-16 09:34:43 UTC - RP409 - Supprimé Livebox


-- First Restore Point --
1: 2008-07-16 09:34:35 UTC - RP358 - Point de vérification système


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as acer1640.exe) --------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:04:42, on 20/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\acer\epm\epm-dm.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Antivirus 2009\av2009.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\acer1640\Bureau\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\acer1640.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?rls=ig&gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
O2 - BHO: {c2f05fde-d2e1-1908-cf84-db04c0b2c921} - {129c2b0c-40bd-48fc-8091-1e2dedf50f2c} - C:\WINDOWS\system32\bmxlar.dll
O2 - BHO: (no name) - {4F06B779-D0FD-4580-8C9B-6EAEB70F10AE} - C:\WINDOWS\system32\wvUoNfCU.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {914F7E0E-53B7-4A38-93C8-82A6E03E27CD} - C:\WINDOWS\system32\opnoOHbC.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BM313e2b3d] Rundll32.exe "C:\WINDOWS\system32\ftsawovr.dll",s
O4 - HKLM\..\Run: [320d18a1] rundll32.exe "C:\WINDOWS\system32\tvjhakxu.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [eMuleAutoStart] C:\eMule\emule.exe -AutoStart
O4 - HKCU\..\Run: [76442016358107028277210527140075] C:\Program Files\Antivirus 2009\av2009.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - https://tiragesphoto.fnac.com/
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.photoservice.com/telechargement/ImageUploader4.cab
O20 - Winlogon Notify: wvUoNfCU - wvUoNfCU.dll (file missing)
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\ALO SOFT\ALO CD BURNER\NMSAccessU.exe (file missing)
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

Voilà très certainement un rappor complémentaire :

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Édition familiale (build 2600) SP 2.0
Architecture: X86; Language: French

CPU 0: Intel(R) Pentium(R) M processor 1.70GHz
Percentage of Memory in Use: 58%
Physical Memory (total/avail): 1014.05 MiB / 417.05 MiB
Pagefile Memory (total/avail): 2440.1 MiB / 1816.11 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1927.27 MiB

C: is Fixed (FAT32) - 35.55 GiB total, 16.3 GiB free.
D: is Fixed (FAT32) - 36.03 GiB total, 24.58 GiB free.
E: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - WDC WD800UE-22HCT0 - 74.53 GiB - 3 partitions
\PARTITION0 - Unknown - 2.93 GiB
\PARTITION1 (bootable) - Unknown - 35.56 GiB - C:
\PARTITION2 - Unknown - 36.04 GiB - D:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.

AV: avast! antivirus 4.8.1227 [VPS 080720-0] v4.8.1227 (ALWIL Software)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe"="C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe"="C:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\BIN\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\BIN\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"C:\\eMule\\emule.exe"="C:\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Nero\\Nero8\\Nero Home\\NeroHome.exe"="C:\\Program Files\\Nero\\Nero8\\Nero Home\\NeroHome.exe:*:Enabled:Nero Home"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe"="C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Orange\\Connectivity\\ConnectivityManager.exe"="C:\\Program Files\\Orange\\Connectivity\\ConnectivityManager.exe:*:enabled:CSS"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\acer1640\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Fichiers communs
COMPUTERNAME=ACER-29569F1E48
ComSpec=C:\WINDOWS\system32\cmd.exe
DEFAULT_CA_NR=CA8
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\acer1640
LOGONSERVER=\\ACER-29569F1E48
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Intel\Wireless\Bin\;C:\Program Files\Fichiers communs\Teleca Shared;;C:\PROGRA~1\FICHIE~1\MUVEET~1\030625
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 13 Stepping 8, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0d08
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\acer1640\LOCALS~1\Temp
TMP=C:\DOCUME~1\acer1640\LOCALS~1\Temp
USERDOMAIN=ACER-29569F1E48
USERNAME=acer1640
USERPROFILE=C:\Documents and Settings\acer1640
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

acer1640 [I](admin)/I


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Acer Inc.\Acer French Guide Link\Uninst.isu"
--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{13E613EF-BB55-11D9-9D77-000129760D75}\setup.exe" -uninstall
--> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC4F90EC-B1DA-11D9-9D77-000129760D75}\setup.exe" -uninstall
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acer Arcade --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.exe" -uninstall
Acer eManager for Notebook --> C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{827289F5-B44F-4E49-9993-840741585A62}
Acer eNetManagement --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\Setup.exe" -l0x40c
Acer ePowerManagement --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\Setup.exe" -l0x40c
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Adobe® Photoshop® Album Edition Découverte 3.0 --> MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
Apple Software Update --> MsiExec.exe /I{74EC78BC-B379-4E29-9006-8F161DCAABA6}
Ask Toolbar --> rundll32 C:\PROGRA~1\AskTBar\bar\1.bin\AskTBar.dll,O
Assistant de connexion Windows Live --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
avast! Antivirus --> C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
BrowsingTool --> C:\Program Files\BrowsingTool\uninstall.exe
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Codeur Windows Media Série 9 --> msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Codeur Windows Media Série 9 --> MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Correctif pour Lecteur Windows Media 11 (KB939683) --> "C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB914440) --> "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB935448) --> "C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe"
Correctif Windows XP - KB873339 --> C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Correctif Windows XP - KB885835 --> C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Correctif Windows XP - KB885836 --> C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Correctif Windows XP - KB886185 --> C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Correctif Windows XP - KB887472 --> C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Correctif Windows XP - KB888302 --> C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Correctif Windows XP - KB890859 --> "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Correctif Windows XP - KB891781 --> C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Disc2Phone --> MsiExec.exe /X{1C75E8E0-29D5-4298-AE16-B8604FD9DDE4}
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
eMule --> "C:\eMule\Uninstall.exe"
FBrowsingAdvisor --> "C:\Program Files\FBrowsingAdvisor\unins000.exe"
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
HDAUDIO Soft Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_1025008F\HXFSETUP.EXE -U -IAcr008FK.inf
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Customer Participation Program 7.0 --> C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 7.0 --> C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential --> MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
HP Photosmart, Officejet and Deskjet 7.0.A --> C:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\setup\hpzscr01.exe -datfile hposcr11.dat
HP Software Update --> MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP Solution Center 7.0 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
Intel(R) Graphics Media Accelerator Driver for Mobile --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2792 PCI\VEN_8086&DEV_2592
Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
LimeWire 4.16.6 --> "C:\Program Files\LimeWire\uninstall.exe"
livebox --> C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe -runfromtemp -l0x040c -removeonly
mCore --> MsiExec.exe /I{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office 2000 Professional --> MsiExec.exe /I{0001040C-78E1-11D2-B60F-006097C998E7}
Microsoft Office 2000 SR-1 Disque 2 --> MsiExec.exe /I{0004040C-78E1-11D2-B60F-006097C998E7}
Microsoft Office 2000 SR-1 Small Business --> MsiExec.exe /I{0003040C-78E1-11D2-B60F-006097C998E7}
Microsoft Office PowerPoint Viewer 2007 (French) --> MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour de sécurité pour Lecteur Windows Media (KB911564) --> "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782) --> "C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) --> "C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734) --> "C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 9 (KB936782) --> "C:\WINDOWS\$NtUninstallKB936782_WMP9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB890046) --> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896424) --> "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901190) --> "C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB904706) --> "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911567) --> "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB912919) --> "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917422) --> "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918899) --> "C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920214) --> "C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921398) --> "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921503) --> "C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921883) --> "C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922616) --> "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922760) --> "C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923694) --> "C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924191) --> "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925486) --> "C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB933729) --> "C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB936021) --> "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938829) --> "C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941202) --> "C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941568) --> "C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941644) --> "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941693) --> "C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943055) --> "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943460) --> "C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943485) --> "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944653) --> "C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB945553) --> "C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946026) --> "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB948590) --> "C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB948881) --> "C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950749) --> "C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760) --> "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762) --> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2) --> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376) --> "C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698) --> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748) --> "C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB904942) --> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB914882) --> "C:\WINDOWS\$NtUninstallKB914882$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB929338) --> "C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB931836) --> "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB932823-v3) --> "C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB933360) --> "C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB936357) --> "C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB938828) --> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
mMHouse --> MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
mPfMgr --> MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mProSafe --> MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
mWlsSafe --> MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
Navigateur Orange --> C:\Program Files\Orange\Uninstall\Browser\Shell.exe MainUninstall.shl
NavigationEnhancer --> C:\Program Files\NavigationEnhancer\uninstall.exe
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Norton AntiVirus 2005 (Symantec Corporation) --> C:\Program Files\Fichiers communs\Symantec Shared\SymSetup\{C6F5B6CF-609C-428E-876F-CA83176C021B}.exe /X
NSIS Media Extension --> C:\Program Files\Fichiers communs\NSIS\uninst.exe
OCR Software by I.R.I.S 7.0 --> C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
OpenOffice.org Installer 1.0 --> MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
Orange - Logiciels Internet --> C:\Program Files\Orange\installation\core\Installgui.exe -u
PlayMP3z --> C:\Program Files\PlayMP3z\uninstall.exe
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
VCRedistSetup --> MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Windows Live installer --> MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger --> MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"


-- Application Event Log -------------------------------------------------------

Event Record #/Type2429 / Error
Event Submitted/Written: 07/20/2008 00:47:39 PM
Event ID/Source: 4609 / EventSystem
Event Description:
Le système d'événements de COM+ a détecté un code de renvoi erroné lors de son traitement interne. Le HRESULT est 8001010D à partir de la ligne 44 de d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp. Contactez les services du Support Technique Microsoft pour signaler cette erreur.

Event Record #/Type2420 / Error
Event Submitted/Written: 07/20/2008 11:57:29 AM
Event ID/Source: 1002 / Application Hang
Event Description:
Application bloquée iexplore.exe, version 7.0.6000.16674, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Event Record #/Type2415 / Error
Event Submitted/Written: 07/18/2008 09:05:59 AM
Event ID/Source: 4609 / EventSystem
Event Description:
Le système d'événements de COM+ a détecté un code de renvoi erroné lors de son traitement interne. Le HRESULT est 8001010D à partir de la ligne 44 de d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp. Contactez les services du Support Technique Microsoft pour signaler cette erreur.

Event Record #/Type2398 / Error
Event Submitted/Written: 07/16/2008 11:42:37 AM
Event ID/Source: 1000 / Application Error
Event Description:
Application défaillante launcher.exe, version 1.0.128.739, module défaillant pluginlnhpromptmanager2.dll, version 1.0.53.739, adresse de défaillance 0x0000bd5f.
Traitement de l'événement propre au support pour [launcher.exe!ws!]

Event Record #/Type2397 / Error
Event Submitted/Written: 07/16/2008 11:42:09 AM
Event ID/Source: 1000 / Application Error
Event Description:
Application défaillante launcher.exe, version 1.0.128.739, module défaillant pluginlnhpromptmanager2.dll, version 1.0.53.739, adresse de défaillance 0x0000bd5f.
Traitement de l'événement propre au support pour [launcher.exe!ws!]



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

No Errors/Warnings found.


-- End of Deckard's System Scanner: finished at 2008-07-20 15:06:04 ------------

Je ne voulais pas créer d'animosité entre vous, tous vos conseils sont précieux et à priori j'ai besoin de votre aide car mon PC n'est pas en bon état.

Ok,
Voilà, le rapport dont tu n'as demandé. Bon courage pour la lecture et encore merci de prendre du temps un dimanche PM :


ComboFix 08-07-19.1 - acer1640 2008-07-20 16:11:27.1 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.534 [GMT 2:00]
Endroit: C:\Documents and Settings\acer1640\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\acer1640\Application Data\Zango
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\1.sdf
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\1054344.sdf
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\1055978.sdf
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\1057642.sdf
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\1383356.sdf
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\1383771.sdf
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\1384147.sdf
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\1386004.sdf
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\1390720.sdf
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\1395297.sdf
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\1410255.sdf
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\2233591.sdf
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\2386467.sdf
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\2889382.sdf
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\3251993.sdf
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\3786291.sdf
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\3893245.sdf
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\3893714.sdf
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\3893730.sdf
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\7912.sdf
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\792895.sdf
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\805478.sdf
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\domains.txt
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000023840
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000024388
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000026569
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000027037
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000027621
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000028825
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000032954
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000032977
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000044868
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000051643
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000052008
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000052118
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000052645
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000052678
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000052938
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000053342
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000053523
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000053560
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000057934
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\1000064073
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\118874
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\13031
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\13546
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\16204
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\19475
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\20517
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\20570
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\22254
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\22272
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\27419
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\27503
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\29115
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\31537
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\32242
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\33695
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\33912
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\34123
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\34186
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\372500
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\376270
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\39232
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\398397
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\41999
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\427075
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\44228
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\44320
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\44878
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\451453
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\4546
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\463818
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\51495
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\52335
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\526389
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\531510
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\53310
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\546899
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\56815
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\56829
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\572023
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\576702
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\578150
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\57973
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\5828
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\583749
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\59344
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\600613
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\602763
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\61779
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\6280
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\639057
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\64646
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\650283
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\652325
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\6546
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\6612
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\66345
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\685568
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\696893
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\703600
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705063
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705169
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705194
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705206
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705211
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705238
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705243
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705280
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\705294
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\70611
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\708497
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\712427
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\737874
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\73804
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\753017
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\753276
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\77567
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\78920
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\82292
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\85381
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\86379
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\87385
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\89865
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\94407
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\95645
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\97499
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\TooltipXML\99739
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\dynamic\ustat\363b.dat
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\btntrans.idx
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\btntrans1.dat
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\buttondir.txt
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\components.cdf
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\cursors.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_1000.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_2000.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_3000.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_bar.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_bbar1.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_logos.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\d_icons_buttons_other.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\d_icons_weather.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\default.cdf
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\Default_511745-514279.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\Default_bidzC_ZT_IE-ca.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\Default_bidzC_ZT_IE-us.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\Default_categorize.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\Default_comparison.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\Default_explorer-Mails.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\Default_explorer-people.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\Default_favorites.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\Default_Games.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\Default_Hide.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\Default_hotbarcom.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\Default_Hotmail.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\Default_hsskin.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\Default_jemster.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\Default_jemsterie.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\Default_jemsteruk.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\Default_jobsearch.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\Default_Mails.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\Default_MobileSidewalk.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\Default_new.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\Default_premium.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\Default_reun.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\Default_ringtones.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\Default_SearchBoxTrapper.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\Default_searchfor.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\Default_searchgo.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\Default_weather.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\Default_yellowpages.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\email-def-511724-548964.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\email-def-511724-9595.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\email-t1-bg.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\icons2.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\ie_games_icon.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\ie_video.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\keywords.idx
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\keywords1.dat
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\layout.cdf
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\linkpathlegal.txt
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\progress.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\s_icons_buttons.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\sales_buttons.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\t2_bg.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\theweb.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\top7.cdf
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\Top7_theweb.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\tsd_bg.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\zango_btn.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\1\zango_ie_menu.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\btntrans.idx
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\btntrans1.dat
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\buttondir.txt
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\components.cdf
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\cursors.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_1000.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_2000.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_3000.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_bar.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_bbar1.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_logos.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_other.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\d_icons_weather.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\default.cdf
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\Default_511745-514279.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\Default_bidzC_ZT_IE-ca.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\Default_bidzC_ZT_IE-us.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\Default_categorize.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\Default_comparison.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\Default_explorer-Mails.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\Default_explorer-people.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\Default_favorites.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\Default_Games.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\Default_Hide.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\Default_hotbarcom.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\Default_Hotmail.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\Default_hsskin.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\Default_jemster.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\Default_jemsterie.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\Default_jemsteruk.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\Default_jobsearch.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\Default_Mails.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\Default_MobileSidewalk.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\Default_new.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\Default_premium.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\Default_reun.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\Default_ringtones.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\Default_SearchBoxTrapper.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\Default_searchfor.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\Default_searchgo.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\Default_weather.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\Default_yellowpages.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\email-def-511724-548964.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\email-def-511724-9595.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\email-t1-bg.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\icons2.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\ie_games_icon.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\ie_video.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\keywords.idx
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\keywords1.dat
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\layout.cdf
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\linkpathlegal.txt
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\progress.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\s_icons_buttons.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\sales_buttons.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\t2_bg.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\theweb.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\top7.cdf
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\Top7_theweb.mnu
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\tsd_bg.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\zango_btn.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\2\zango_ie_menu.res
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\BtnTrans.xip
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\BtnTrans1.xip
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\buttondir.xip
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\cursors.xip
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_1000.xip
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_2000.xip
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_3000.xip
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_bar.xip
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_bbar1.xip
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_logos.xip
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_other.xip
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_weather.xip
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\default.xip
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\email-t1-bg.xip
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\icons2.xip
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\ie_games_icon.xip
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\ie_video.xip
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\keywords.xip
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\keywords1.xip
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\layout.xip
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\linkpathlegal.xip
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\progress.xip
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\s_icons_buttons.xip
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\sales_buttons.xip
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\samplegroups2.txt
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\samplegroups2.xip
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\t2_bg.xip
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\top7.xip
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\tsd_bg.xip
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\zango_btn.xip
C:\Documents and Settings\acer1640\Application Data\Zango\v3.0\Zango\static\DownLoad\zango_ie_menu.xip
C:\Documents and Settings\acer1640\Menu Démarrer\Antivirus 2009
C:\Documents and Settings\acer1640\Menu Démarrer\Antivirus 2009\Antivirus 2009.lnk
C:\Documents and Settings\acer1640\Menu Démarrer\Antivirus 2009\Uninstall Antivirus 2009.lnk
C:\Documents and Settings\acer1640\Menu Démarrer\Programmes\PlayMP3z
C:\Documents and Settings\acer1640\Menu Démarrer\Programmes\PlayMP3z\Run PlayMP3z.lnk
C:\Documents and Settings\All Users\Application Data\ZangoSA
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSA.dat
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSA_kyf.dat
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSAAbout.mht
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSAau.dat
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSAEula.mht
C:\Program Files\Antivirus 2009
C:\Program Files\Antivirus 2009\av2009.exe
C:\Program Files\PlayMP3z
C:\Program Files\PlayMP3z\uninstall.exe
C:\Program Files\zango
C:\Program Files\zango\bin\10.0.370.0\copyright.txt
C:\Program Files\zango\bin\10.0.370.0\firefox\extensions\components\npclntax.xpt
C:\Program Files\zango\bin\10.0.370.0\firefox\extensions\install.rdf
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\bmxlar.dll
C:\WINDOWS\system32\CbHOonpo.ini
C:\WINDOWS\system32\CbHOonpo.ini2
C:\WINDOWS\system32\drivers\npf.sys
C:\WINDOWS\system32\ftsawovr.dll
C:\WINDOWS\system32\opnoOHbC.dll
C:\WINDOWS\system32\packet.dll
C:\WINDOWS\system32\pthreadVC.dll
C:\WINDOWS\system32\snksydrl.dll
C:\WINDOWS\system32\tvjhakxu.dll
C:\WINDOWS\system32\uxkahjvt.ini
C:\WINDOWS\system32\wpcap.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_NPF


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-20 to 2008-07-20 ))))))))))))))))))))))))))))))))))))
.

2008-07-20 15:26 . 2008-07-20 15:26 <REP> d-------- C:\Program Files\Avira
2008-07-20 15:26 . 2008-07-20 15:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-07-20 15:03 . 2008-07-20 15:03 <REP> d-------- C:\Deckard
2008-07-20 12:48 . 2008-07-20 12:48 0 --a------ C:\WINDOWS\BM313e2b3d.xml
2008-07-20 12:29 . 2008-07-20 12:29 25,888 --a------ C:\WINDOWS\system32\nnnoMEtR.dll
2008-07-20 12:28 . 2008-07-20 12:29 25,888 --a------ C:\WINDOWS\system32\rqRJCtRK.dll
2008-07-20 12:12 . 2008-07-20 12:12 <REP> d-------- C:\Program Files\Trend Micro
2008-07-20 11:43 . 2008-07-20 11:43 7,168 --ahs---- C:\WINDOWS\Thumbs.db
2008-07-20 11:43 . 2008-07-20 11:43 5,632 --ahs---- C:\WINDOWS\system32\Thumbs.db
2008-07-16 11:46 . 2008-07-16 11:46 <REP> d-------- C:\Program Files\Securitoo
2008-07-16 11:46 . 2008-07-16 11:46 <REP> d-------- C:\Documents and Settings\acer1640\Application Data\InstallShield
2008-07-16 11:24 . 2008-07-16 11:24 <REP> d-------- C:\Program Files\SAGEM
2008-07-10 18:56 . 2008-07-10 18:56 <REP> d-------- C:\Program Files\Sun
2008-07-02 20:47 . 2008-07-02 20:47 <REP> d--hs---- C:\FOUND.002
2008-06-20 13:10 . 2008-06-20 13:10 221 --a------ C:\WINDOWS\NCLogConfig.ini

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\dllcache\mswsock.dll
2008-06-20 17:41 148,992 ----a-w C:\WINDOWS\system32\dnsapi(2).dll
2008-06-20 17:41 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\dllcache\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-11 15:05 --------- d-----w C:\Program Files\AskTBar
2008-06-11 14:51 --------- d-----w C:\Program Files\ALO SOFT
2008-06-11 12:17 --------- d-----w C:\Program Files\Alwil Software
2008-05-30 23:22 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2008-05-30 23:22 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2008-05-30 23:22 815,104 ----a-w C:\WINDOWS\system32\divx_xx0a.dll
2008-05-30 23:22 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2008-05-30 23:22 683,520 ----a-w C:\WINDOWS\system32\DivX.dll
2008-05-30 23:22 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2008-05-30 23:22 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2008-05-30 23:22 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2008-05-30 23:22 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2008-05-22 22:22 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-05-22 22:22 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-05-22 22:20 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-05-22 22:20 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-05-22 22:19 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2008-05-22 22:19 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2008-05-22 22:19 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-05-22 22:18 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\dllcache\rmcast.sys
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
2008-04-23 20:16 3,591,680 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-04-22 07:41 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-04-22 07:41 625,664 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-04-22 07:39 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-04-20 05:07 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
2006-08-01 17:19 0 ----a-w C:\Documents and Settings\acer1640\Application Data\wklnhst.dat
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 05:00 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
"LightScribe Control Panel"="C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe" [2007-08-23 17:36 455968]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-11-19 18:21 68856]
"ccleaner"="C:\Program Files\CCleaner\CCleaner.exe" [2007-11-06 08:31 791792]
"eMuleAutoStart"="C:\eMule\emule.exe" [2007-05-13 15:57 5308416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-11 19:51 53248]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-10-08 14:44 98394]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-10-08 14:43 688218]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 05:00 208952]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 05:00 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 05:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 05:00 455168]
"PCMService"="C:\Program Files\Acer\Acer Arcade\PCMService.exe" [2005-08-31 19:59 147456]
"EPM-DM"="c:\acer\epm\epm-dm.exe" [2005-08-11 19:21 200704]
"ePowerManagement"="C:\Acer\ePM\ePM.exe" [2005-03-15 10:03 2893824]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 02:41 49152]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-06-08 11:02 94208]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-06-08 10:59 77824]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2005-06-08 11:03 114688]
"SystrayORAHSS"="C:\Program Files\Orange\Systray\SystrayApp.exe" [2007-09-25 20:08 94208]
"ORAHSSSessionManager"="C:\Program Files\Orange\SessionManager\SessionManager.exe" [2007-09-25 19:10 102400]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 14:28 266497]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 17:07 61952 C:\WINDOWS\system32\HdAShCut.exe]
"RTHDCPL"="RTHDCPL.EXE" [2005-08-09 15:17 14743552 C:\WINDOWS\RTHDCPL.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 05:00 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.mkdmp3enc"= C:\PROGRA~1\Acer\ACERAR~1\Kernel\Burner\MKDMP3Enc.ACM

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqnrs08.exe"=
"C:\\eMule\\emule.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Orange\\Connectivity\\ConnectivityManager.exe"=

R2 EpmPsd;Acer EPM Power Scheme Driver;C:\WINDOWS\system32\drivers\epm-psd.sys [2004-07-19 13:10]
R2 EpmShd;Acer EPM System Hardware Driver;C:\WINDOWS\system32\drivers\epm-shd.sys [2005-04-07 18:08]
R2 osaio;osaio;C:\WINDOWS\system32\drivers\osaio.sys [2005-06-30 16:58]
R2 osanbm;osanbm;C:\WINDOWS\system32\drivers\osanbm.sys [2005-01-14 15:57]
S2 NMSAccessU;NMSAccessU;C:\Program Files\ALO SOFT\ALO CD BURNER\NMSAccessU.exe []
S3 archbus;NEC WMC USB_BJ1 Composite Device driver (WDM);C:\WINDOWS\system32\DRIVERS\archbus.sys [2005-08-30 12:17]
S3 archmdfl;NEC WMC USB_BJ1 Modem Filter;C:\WINDOWS\system32\DRIVERS\archmdfl.sys [2005-08-30 12:17]
S3 archmdm;NEC WMC USB_BJ1 Port Drivers;C:\WINDOWS\system32\DRIVERS\archmdm.sys [2005-08-30 12:17]
S3 archobex;NEC WMC USB_BJ1 OBEX Interface Drivers (WDM);C:\WINDOWS\system32\DRIVERS\archobex.sys [2005-08-30 12:17]
S3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 17:23]
S3 s125bus;Sony Ericsson Device 125 driver (WDM);C:\WINDOWS\system32\DRIVERS\s125bus.sys [2007-04-24 11:33]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\s125mdfl.sys [2007-04-24 11:33]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\s125mdm.sys [2007-04-24 11:33]
S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\s125mgmt.sys [2007-04-24 11:33]
S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\s125obex.sys [2007-04-24 11:33]
S3 se44bus;Sony Ericsson Device 068 driver (WDM);C:\WINDOWS\system32\DRIVERS\se44bus.sys [2006-11-30 14:58]
S3 se44mdfl;Sony Ericsson Device 068 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se44mdfl.sys [2006-11-30 14:58]
S3 se44mdm;Sony Ericsson Device 068 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se44mdm.sys [2006-11-30 14:58]
S3 se44mgmt;Sony Ericsson Device 068 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\se44mgmt.sys [2006-11-30 14:58]
S3 se44nd5;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (NDIS);C:\WINDOWS\system32\DRIVERS\se44nd5.sys [2006-11-30 14:58]
S3 se44obex;Sony Ericsson Device 068 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\se44obex.sys [2006-11-30 14:58]
S3 se44unic;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (WDM);C:\WINDOWS\system32\DRIVERS\se44unic.sys [2006-11-30 14:58]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - F:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b28551a4-aa35-11dc-9e07-0013ce93d3f9}]
\Shell\AutoRun\command - F:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ee74d244-7014-11dc-9da5-0013ce93d3f9}]
\Shell\AutoRun\command - F:\InstallTomTomHOME.exe

*Newly Created Service* - SSMDRV

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Fichiers communs\LightScribe\LSRunOnce.exe"
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-07-15 06:50:42 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-09-19 07:04:38 C:\WINDOWS\Tasks\MP Scheduled Quick Scan.job"
- C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MpCmdRun.exe%Scan -RestrictPrivileges -ScanType 1
.
- - - - ORPHANS REMOVED - - - -

BHO-{4F06B779-D0FD-4580-8C9B-6EAEB70F10AE} - C:\WINDOWS\system32\wvUoNfCU.dll
ShellIconOverlayIdentifiers-{9D1F87E7-4D72-41AB-9D57-D101A08F20E5} - C:\WINDOWS\System32\dspvfx.dll
HKLM-Run-Adobe Photo Downloader - C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
HKLM-Run-320d18a1 - C:\WINDOWS\system32\tvjhakxu.dll
HKLM-Run-BM313e2b3d - C:\WINDOWS\system32\ftsawovr.dll
HKU-Default-Run-Picasa Media Detector - C:\Program Files\Picasa2\PicasaMediaDetector.exe
ShellExecuteHooks-{483910AC-20E0-42A6-B6F5-3902EEF878D0} - (no file)
ShellExecuteHooks-{4F06B779-D0FD-4580-8C9B-6EAEB70F10AE} - C:\WINDOWS\system32\wvUoNfCU.dll
Notify-wvUoNfCU - wvUoNfCU.dll


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-20 16:16:54
Windows 5.1.2600 Service Pack 2 FAT NTAPI

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\[u]0[/u]\FTRTSVC.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\[u]0[/u]\AlertModule.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Orange\Launcher\Launcher.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Orange\Deskboard\deskboard.exe
C:\Program Files\Orange\connectivity\connectivitymanager.exe
C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\[u]0[/u]\FTCOMModule.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-07-20 16:21:02 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-20 14:20:56

Pre-Run: 17,322,278,912 octets libres
Post-Run: 17,280,040,960 octets libres

562 --- E O F --- 2008-07-10 16:45:30

Voilà le nouveau rapport :

ComboFix 08-07-19.1 - acer1640 2008-07-20 17:00:51.2 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.582 [GMT 2:00]
Endroit: C:\Documents and Settings\acer1640\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\acer1640\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]

FILE ::
C:\FOUND.002
C:\Program Files\AskTBar
C:\WINDOWS\BM313e2b3d.xml
C:\WINDOWS\system32\nnnoMEtR.dll
C:\WINDOWS\system32\rqRJCtRK.dll
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\BM313e2b3d.xml
C:\WINDOWS\system32\nnnoMEtR.dll
C:\WINDOWS\system32\rqRJCtRK.dll

.
((((((((((((((((((((((((((((( Fichiers créés 2008-06-20 to 2008-07-20 ))))))))))))))))))))))))))))))))))))
.

2008-07-20 15:26 . 2008-07-20 15:26 <REP> d-------- C:\Program Files\Avira
2008-07-20 15:26 . 2008-07-20 15:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-07-20 15:03 . 2008-07-20 15:03 <REP> d-------- C:\Deckard
2008-07-20 12:12 . 2008-07-20 12:12 <REP> d-------- C:\Program Files\Trend Micro
2008-07-20 11:43 . 2008-07-20 11:43 7,168 --ahs---- C:\WINDOWS\Thumbs.db
2008-07-20 11:43 . 2008-07-20 11:43 5,632 --ahs---- C:\WINDOWS\system32\Thumbs.db
2008-07-16 11:46 . 2008-07-16 11:46 <REP> d-------- C:\Program Files\Securitoo
2008-07-16 11:46 . 2008-07-16 11:46 <REP> d-------- C:\Documents and Settings\acer1640\Application Data\InstallShield
2008-07-16 11:24 . 2008-07-16 11:24 <REP> d-------- C:\Program Files\SAGEM
2008-07-10 18:56 . 2008-07-10 18:56 <REP> d-------- C:\Program Files\Sun
2008-07-02 20:47 . 2008-07-02 20:47 <REP> d--hs---- C:\FOUND.002
2008-06-20 13:10 . 2008-06-20 13:10 221 --a------ C:\WINDOWS\NCLogConfig.ini

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\dllcache\mswsock.dll
2008-06-20 17:41 148,992 ----a-w C:\WINDOWS\system32\dnsapi(2).dll
2008-06-20 17:41 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\dllcache\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-11 15:05 --------- d-----w C:\Program Files\AskTBar
2008-06-11 14:51 --------- d-----w C:\Program Files\ALO SOFT
2008-06-11 12:17 --------- d-----w C:\Program Files\Alwil Software
2008-05-30 23:22 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2008-05-30 23:22 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2008-05-30 23:22 815,104 ----a-w C:\WINDOWS\system32\divx_xx0a.dll
2008-05-30 23:22 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2008-05-30 23:22 683,520 ----a-w C:\WINDOWS\system32\DivX.dll
2008-05-30 23:22 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2008-05-30 23:22 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2008-05-30 23:22 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2008-05-30 23:22 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2008-05-22 22:22 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-05-22 22:22 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-05-22 22:20 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-05-22 22:20 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-05-22 22:19 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2008-05-22 22:19 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2008-05-22 22:19 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-05-22 22:18 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\dllcache\rmcast.sys
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-07 05:15 1,293,824 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
2008-04-23 20:16 3,591,680 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-04-22 07:41 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-04-22 07:41 625,664 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-04-22 07:39 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-04-20 05:07 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
2006-08-01 17:19 0 ----a-w C:\Documents and Settings\acer1640\Application Data\wklnhst.dat
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 05:00 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
"LightScribe Control Panel"="C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe" [2007-08-23 17:36 455968]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-11-19 18:21 68856]
"ccleaner"="C:\Program Files\CCleaner\CCleaner.exe" [2007-11-06 08:31 791792]
"eMuleAutoStart"="C:\eMule\emule.exe" [2007-05-13 15:57 5308416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-11 19:51 53248]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-10-08 14:44 98394]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-10-08 14:43 688218]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 05:00 208952]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 05:00 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 05:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 05:00 455168]
"PCMService"="C:\Program Files\Acer\Acer Arcade\PCMService.exe" [2005-08-31 19:59 147456]
"EPM-DM"="c:\acer\epm\epm-dm.exe" [2005-08-11 19:21 200704]
"ePowerManagement"="C:\Acer\ePM\ePM.exe" [2005-03-15 10:03 2893824]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 02:41 49152]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-06-08 11:02 94208]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-06-08 10:59 77824]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2005-06-08 11:03 114688]
"SystrayORAHSS"="C:\Program Files\Orange\Systray\SystrayApp.exe" [2007-09-25 20:08 94208]
"ORAHSSSessionManager"="C:\Program Files\Orange\SessionManager\SessionManager.exe" [2007-09-25 19:10 102400]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 14:28 266497]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 17:07 61952 C:\WINDOWS\system32\HdAShCut.exe]
"RTHDCPL"="RTHDCPL.EXE" [2005-08-09 15:17 14743552 C:\WINDOWS\RTHDCPL.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 05:00 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.mkdmp3enc"= C:\PROGRA~1\Acer\ACERAR~1\Kernel\Burner\MKDMP3Enc.ACM

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqnrs08.exe"=
"C:\\eMule\\emule.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Orange\\Connectivity\\ConnectivityManager.exe"=

R2 EpmPsd;Acer EPM Power Scheme Driver;C:\WINDOWS\system32\drivers\epm-psd.sys [2004-07-19 13:10]
R2 EpmShd;Acer EPM System Hardware Driver;C:\WINDOWS\system32\drivers\epm-shd.sys [2005-04-07 18:08]
R2 osaio;osaio;C:\WINDOWS\system32\drivers\osaio.sys [2005-06-30 16:58]
R2 osanbm;osanbm;C:\WINDOWS\system32\drivers\osanbm.sys [2005-01-14 15:57]
S2 NMSAccessU;NMSAccessU;C:\Program Files\ALO SOFT\ALO CD BURNER\NMSAccessU.exe []
S3 archbus;NEC WMC USB_BJ1 Composite Device driver (WDM);C:\WINDOWS\system32\DRIVERS\archbus.sys [2005-08-30 12:17]
S3 archmdfl;NEC WMC USB_BJ1 Modem Filter;C:\WINDOWS\system32\DRIVERS\archmdfl.sys [2005-08-30 12:17]
S3 archmdm;NEC WMC USB_BJ1 Port Drivers;C:\WINDOWS\system32\DRIVERS\archmdm.sys [2005-08-30 12:17]
S3 archobex;NEC WMC USB_BJ1 OBEX Interface Drivers (WDM);C:\WINDOWS\system32\DRIVERS\archobex.sys [2005-08-30 12:17]
S3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 17:23]
S3 s125bus;Sony Ericsson Device 125 driver (WDM);C:\WINDOWS\system32\DRIVERS\s125bus.sys [2007-04-24 11:33]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\s125mdfl.sys [2007-04-24 11:33]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\s125mdm.sys [2007-04-24 11:33]
S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\s125mgmt.sys [2007-04-24 11:33]
S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\s125obex.sys [2007-04-24 11:33]
S3 se44bus;Sony Ericsson Device 068 driver (WDM);C:\WINDOWS\system32\DRIVERS\se44bus.sys [2006-11-30 14:58]
S3 se44mdfl;Sony Ericsson Device 068 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se44mdfl.sys [2006-11-30 14:58]
S3 se44mdm;Sony Ericsson Device 068 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se44mdm.sys [2006-11-30 14:58]
S3 se44mgmt;Sony Ericsson Device 068 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\se44mgmt.sys [2006-11-30 14:58]
S3 se44nd5;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (NDIS);C:\WINDOWS\system32\DRIVERS\se44nd5.sys [2006-11-30 14:58]
S3 se44obex;Sony Ericsson Device 068 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\se44obex.sys [2006-11-30 14:58]
S3 se44unic;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (WDM);C:\WINDOWS\system32\DRIVERS\se44unic.sys [2006-11-30 14:58]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - F:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b28551a4-aa35-11dc-9e07-0013ce93d3f9}]
\Shell\AutoRun\command - F:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ee74d244-7014-11dc-9da5-0013ce93d3f9}]
\Shell\AutoRun\command - F:\InstallTomTomHOME.exe

*Newly Created Service* - SSMDRV

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Fichiers communs\LightScribe\LSRunOnce.exe"
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-07-15 06:50:42 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-09-19 07:04:38 C:\WINDOWS\Tasks\MP Scheduled Quick Scan.job"
- C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MpCmdRun.exe%Scan -RestrictPrivileges -ScanType 1
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-20 17:01:56
Windows 5.1.2600 Service Pack 2 FAT NTAPI

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-07-20 17:02:19
ComboFix-quarantined-files.txt 2008-07-20 15:02:18
ComboFix2.txt 2008-07-20 14:21:04

Pre-Run: 17,237,704,704 octets libres
Post-Run: 17,227,874,304 octets libres

206 --- E O F --- 2008-07-10 16:45:30

Voilà ce qui est écrit :


Deckard's System Scanner v20071014.68
Run by acer1640 on 2008-07-20 17:42:19
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as acer1640.exe) --------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:42:23, on 20/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\acer\epm\epm-dm.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\acer1640\Bureau\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\acer1640.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?rls=ig&gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [eMuleAutoStart] C:\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - https://tiragesphoto.fnac.com/
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.photoservice.com/telechargement/ImageUploader4.cab
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\ALO SOFT\ALO CD BURNER\NMSAccessU.exe (file missing)
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

Bonjour,

Tu es bien matinal et dispo pour des conseils : merci
Comme je le disais à ep44, je n'ai rien en quarantaine lorsque la recherche se termine donc rien à supprimer. Nénamoins, le bilan de la recherche n'annonce bien 21 fichiers infectés