Mon ordinateur portable se coupe tout seul

Bonjour je vous écrit car mon ordianteur portable après un temps d'utilisation se coupe tout seul.
J'ai constasté qu'il se coupe la plupart du temps lorsque je suis entrain d'utiliser un jeu ou alors que je regarde un film sur internet.
J'ai également remarqué que juste avant de se couper brusquement le son se coupe pendant a peu près deux secondes et que si j'essaie de rallumer l'ordianteur peu de temps après il s'éteind de nouveau....
Que se passe t-il? Comment remèdier a des interruptions?? Serait-il possible que cela soit lié à un virus???
SVP aidez moi.......

Salut,

C'est peut-être un problème matériel.

http://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

Fais cette manipulation et poste le rapport obtenu dans ta prochaine réponse.

Merci beaucoup de votre réponse avant de lancer Combofix je voulait savoir si il existait un risque de perte de mes données qui sont sur mon ordinateur. Me suffit-il uniquement d'installer le logiciel et de le lancer directement pour avoir un rapport?

Pas de problème de perte de données.

Merci de m'avoir rassuré
Voici le rapport Combofix :

ComboFix 08-11-06.01 - Flo 2008-11-08 0:43:14.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1340 [GMT 1:00]
Lancé depuis: c:\users\Flo\Desktop\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Flo\AppData\Local\hauobc.dat
c:\users\Flo\AppData\Local\hauobc.exe
c:\users\Flo\AppData\Local\hauobc_nav.dat
c:\users\Flo\AppData\Local\hauobc_navps.dat
c:\windows\Downloaded Program Files\setup.inf
c:\windows\system32\MSINET.oca
c:\windows\system32\x64

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-10-07 au 2008-11-07 ))))))))))))))))))))))))))))))))))))
.

2008-11-02 21:14 . 2008-11-02 21:14 <REP> d-------- C:\ATI
2008-11-02 20:42 . 2008-11-02 20:42 <REP> d-------- c:\program files\Microsoft Silverlight
2008-11-02 20:37 . 2008-08-05 10:49 428,544 --a------ c:\windows\System32\EncDec.dll
2008-11-02 20:37 . 2008-08-05 10:49 293,376 --a------ c:\windows\System32\psisdecd.dll
2008-11-02 20:37 . 2008-08-05 10:48 217,088 --a------ c:\windows\System32\psisrndr.ax
2008-11-02 20:37 . 2008-08-05 10:48 177,664 --a------ c:\windows\System32\mpg2splt.ax
2008-11-02 20:37 . 2008-08-05 10:48 80,896 --a------ c:\windows\System32\MSNP.ax
2008-10-31 19:04 . 2008-10-31 19:10 <REP> d-------- c:\users\Flo\AppData\Roaming\foobar2000
2008-10-29 16:22 . 2008-10-29 16:22 <REP> d-------- c:\program files\InstallShield Installation Information
2008-10-29 16:21 . 2008-10-29 16:21 <REP> d-------- c:\program files\Veoh Networks
2008-10-29 15:58 . 2007-03-09 16:18 221,184 --a------ c:\windows\InZU31.exe
2008-10-29 12:00 . 2008-08-12 04:39 443,392 --a------ c:\windows\System32\win32spl.dll
2008-10-29 12:00 . 2008-09-18 05:56 147,456 --a------ c:\windows\System32\Faultrep.dll
2008-10-29 12:00 . 2008-09-18 05:56 125,952 --a------ c:\windows\System32\wersvc.dll
2008-10-15 11:46 . 2008-10-02 04:49 827,392 --a------ c:\windows\System32\wininet.dll
2008-10-15 11:45 . 2008-10-02 02:32 1,383,424 --a------ c:\windows\System32\mshtml.tlb
2008-10-15 10:29 . 2008-09-18 06:09 3,601,464 --a------ c:\windows\System32\ntkrnlpa.exe
2008-10-15 10:29 . 2008-09-18 06:09 3,549,240 --a------ c:\windows\System32\ntoskrnl.exe
2008-10-15 10:29 . 2008-08-27 02:06 288,768 --a------ c:\windows\System32\drivers\srv.sys
2008-10-15 10:15 . 2008-09-18 03:16 2,032,640 --a------ c:\windows\System32\win32k.sys
2008-10-14 19:24 . 2008-10-16 11:53 <REP> d-------- c:\users\Flo\AppData\Roaming\LimeWire
2008-10-10 18:16 . 2008-10-10 18:16 <REP> d-------- c:\program files\Common Files\Steam

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-07 17:51 --------- d-----w c:\program files\MSN Messenger
2008-11-06 20:33 --------- d-----w c:\users\Flo\AppData\Roaming\U3
2008-10-29 13:42 --------- d-----w c:\program files\Microsoft IntelliPoint
2008-10-29 13:42 --------- d-----w c:\program files\Launch Manager
2008-10-29 13:42 --------- d-----w c:\program files\K-Lite Codec Pack
2008-10-29 13:42 --------- d-----w c:\program files\Java
2008-10-29 13:41 --------- d-----w c:\program files\Windows Photo Gallery
2008-10-29 13:41 --------- d-----w c:\program files\Windows Journal
2008-10-29 13:41 --------- d-----w c:\program files\Intel
2008-10-26 15:42 2,606 ----a-w c:\users\Flo\AppData\Roaming\wklnhst.dat
2008-10-16 18:50 --------- d-----w c:\program files\Windows Mail
2008-10-16 10:15 --------- d-----w c:\programdata\Microsoft Help
2008-10-15 21:26 --------- d-----w c:\users\Flo\AppData\Roaming\Media Center Programs
2008-10-05 19:48 --------- d-----w c:\programdata\Apple Computer
2008-10-05 19:48 --------- d-----w c:\programdata\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-09-30 09:30 --------- d-----w c:\programdata\Lavasoft
2008-09-30 09:26 --------- d-----w c:\program files\Lavasoft
2008-09-30 09:26 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-09-30 09:14 --------- d-----w c:\programdata\VadeRetro
2008-09-30 09:11 --------- d-----w c:\users\Flo\AppData\Roaming\VadeRetro
2008-09-29 13:01 2,560 ----a-w c:\windows\_MSRSTRT.EXE
2008-09-17 15:52 --------- d-----w c:\program files\Common Files\Apple
2008-09-17 15:44 --------- d-----w c:\program files\Bonjour
2008-09-12 15:06 22,328 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2008-09-12 15:06 103,736 ----a-w c:\windows\System32\PnkBstrB.exe
2008-08-29 08:18 87,336 ----a-w c:\windows\System32\dns-sd.exe
2008-08-29 07:53 61,440 ----a-w c:\windows\System32\dnssd.dll
2008-06-06 09:57 174 --sha-w c:\program files\desktop.ini
2007-12-25 01:43 22,328 ----a-w c:\users\Flo\AppData\Roaming\PnkBstrK.sys
2007-12-08 09:52 233,472 ----a-w c:\users\Flo\AppData\Roaming\REX Shared Library.dll
2007-12-08 09:52 225,280 ----a-w c:\users\Flo\AppData\Roaming\Rewire.dll
2002-08-26 17:54 327,680 ----a-r c:\users\Flo\AppData\Roaming\MafiaSetup.exe
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"ares"="c:\program files\Ares\Ares.exe" [2007-12-31 962560]
"Veoh"="c:\program files\Veoh Networks\Veoh\VeohClient.exe" [2008-09-26 3660848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"eAudio"="c:\acer\Empowering Technology\eAudio\eAudio.exe" [2007-05-09 1286144]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-12 457728]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-04-04 678672]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-09-02 266497]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2006-11-07 159744]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872]
"RtHDVCpl"="RtHDVCpl.exe" [2007-05-10 c:\windows\RtHDVCpl.exe]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2001-01-10 535336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"EnableUIADesktopToggle"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=eNetHook.dll

[HKLM\~\startupfolder\C:^Users^Flo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Téléchargez gratuitement 2 titres audios.lnk]
path=c:\users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Téléchargez gratuitement 2 titres audios.lnk
backup=c:\windows\pss\Téléchargez gratuitement 2 titres audios.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Tour Reminder]
--a------ 2007-02-15 18:39 151552 c:\acer\AcerTour\Reminder.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
--a------ 2008-09-03 19:12 111936 c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
--a------ 2007-12-31 15:29 962560 c:\program files\Ares\Ares.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSyncU.exe]
--a------ 2006-06-12 13:32 700416 c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
--a------ 2007-02-06 00:52 849280 c:\program files\Microsoft IntelliPoint\ipoint.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-10-01 17:57 289576 D:\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie]
--------- 2007-05-03 10:16 206952 c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSet]
--a------ 2007-03-09 17:51 45056 c:\windows\PLFSet.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
--a------ 2006-11-10 11:35 90112 c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
--a------ 2008-10-10 18:14 1410296 D:\Steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-06-16 20:36 185896 c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
--a------ 2008-09-26 19:14 3660848 c:\program files\Veoh Networks\Veoh\VeohClient.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
--a------ 2006-11-05 20:48 57344 c:\acer\WR_PopUp\WarReg_PopUp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
--a------ 2007-05-07 11:51 1826816 c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{F4F6F825-4E89-486A-8B95-3192340F817A}"= c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe
"{28276C90-044D-4DD6-8E4D-FC3B032F02B6}"= c:\program files\Acer Arcade Deluxe\DVDivine\DVDivine.exe:DVDivine
"{3B2A64A9-C232-4765-AE81-D5C8F5CE7259}"= c:\program files\Acer Arcade Deluxe\VideoMagician\VideoMagician.exe:VideoMagician
"{0F36CD92-4215-41E1-8427-8FDC82BC297D}"= c:\program files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:HomeMedia
"{E3AD86A2-0361-4E7B-9E46-FCC6BCEB485D}"= c:\program files\Acer Arcade Deluxe\DV Wizard\DV Wizard.exe:DV Wizard
"{C2DA6328-0705-499B-B8E6-95D7426FAB66}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{6EF6711E-5547-43D9-84B2-2BAD84EAF4ED}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{DAB198F0-26F2-4555-B0C1-37E127744911}"= c:\program files\Acer Arcade Deluxe\Play Movie\PlayMovie.exe:Play Movie
"{9767B165-41D9-456E-AB57-2E66087E7BD5}"= c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe:Play Movie Resident Program
"{4E5258EA-245A-458B-9B16-85083C48C43D}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"TCP Query User{122424D4-7311-463A-A17D-40363CA4347F}c:\\program files\\sierra\\fear\\fpupdate.exe"= UDP:c:\program files\sierra\fear\fpupdate.exe:fpupdate
"UDP Query User{6C102FC5-0343-4E8E-89B0-CFA130555EA2}c:\\program files\\sierra\\fear\\fpupdate.exe"= TCP:c:\program files\sierra\fear\fpupdate.exe:fpupdate
"{3F29F6A6-2EA9-40C8-8261-F7425A46B247}"= UDP:c:\program files\Sierra\FEAR\FEAR.exe:FEAR
"{F3D958A2-6F5C-40B4-8A12-714DD517B125}"= TCP:c:\program files\Sierra\FEAR\FEAR.exe:FEAR
"{89027A54-1984-4FA3-BA6D-2AD9A89CD7F7}"= UDP:c:\program files\Sierra\FEAR\FEARMP.exe:FEAR
"{2F71E015-E287-4E0E-8DB9-D97C73186968}"= TCP:c:\program files\Sierra\FEAR\FEARMP.exe:FEAR
"TCP Query User{9B64581C-48F5-43FA-BDBC-06CB811F3274}c:\\users\\flo\\desktop\\warcraft iii\\war3.exe"= UDP:c:\users\flo\desktop\warcraft iii\war3.exe:war3.exe
"UDP Query User{A7E3EC21-CD48-4020-BF54-6FE1EE355EE3}c:\\users\\flo\\desktop\\warcraft iii\\war3.exe"= TCP:c:\users\flo\desktop\warcraft iii\war3.exe:war3.exe
"TCP Query User{FC06F41F-FF66-47A1-A21D-9A939DDF0DDA}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"UDP Query User{195C577B-2E76-4923-95E9-93B1753D7F1F}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"TCP Query User{F795ECD2-920F-45D2-A0BB-08477C410A71}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{7BE6A109-275B-42F6-A2D4-026FDD2C83E9}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{339CA8F2-5B1D-4D36-9D77-D1001F2F4E1F}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{014317EC-0E19-4DB4-A5FA-F45D33193401}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"{9EB34EFD-2CA2-4567-BC5D-5D17A3B0249D}"= UDP:c:\program files\FrostWire\FrostWire.exe:LimeWire
"{68C4A4F3-C626-4FFF-9004-09790793C410}"= TCP:c:\program files\FrostWire\FrostWire.exe:LimeWire
"TCP Query User{FC38239E-75F7-4862-8F1F-31F3E5024740}c:\\program files\\ares\\ares.exe"= UDP:c:\program files\ares\ares.exe:Ares p2p for windows
"UDP Query User{6CC855A6-F0B4-483C-94B6-021DCE5BF439}c:\\program files\\ares\\ares.exe"= TCP:c:\program files\ares\ares.exe:Ares p2p for windows
"TCP Query User{D0FD599F-F5E2-4AF6-A1F4-FECA401DD328}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"UDP Query User{E36DAD49-562D-457B-BAAD-B95B97A15D71}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"{69901ECF-7CF6-42B8-9C1B-7515CB4FBE93}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{7FD5DBEB-CD62-49ED-9F14-ADA4129AA981}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{98C4AC8E-66EF-420B-83DD-3B95D9F200F9}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{C2D1729F-76B6-4332-B977-DF8DA5FB9E36}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"TCP Query User{00CDF089-CFF7-475D-9F29-32DEB5FADB06}c:\\program files\\azureus\\azureus.exe"= UDP:c:\program files\azureus\azureus.exe:Azureus
"UDP Query User{F0544D17-C479-4809-B66A-534A9FAFA06A}c:\\program files\\azureus\\azureus.exe"= TCP:c:\program files\azureus\azureus.exe:Azureus
"TCP Query User{631BBB20-AB60-4163-9DF1-C191B5D7BAA2}d:\\sierra\\arcanum\\arcanum.exe"= UDP:d:\sierra\arcanum\arcanum.exe:Arcanum
"UDP Query User{A457EF4F-B9D5-413F-9268-D950D1043395}d:\\sierra\\arcanum\\arcanum.exe"= TCP:d:\sierra\arcanum\arcanum.exe:Arcanum
"TCP Query User{31CC1357-B7F6-4D0D-A78A-24587F6FBA55}d:\\silverfall\\silverfall.exe"= UDP:d:\silverfall\silverfall.exe:Silverfall
"UDP Query User{FCFE2935-77BE-4379-9B71-A1AF4D98CB25}d:\\silverfall\\silverfall.exe"= TCP:d:\silverfall\silverfall.exe:Silverfall
"TCP Query User{6FF68CFA-6A8A-4B0A-9424-0FBDFE27D4E9}d:\\program files\\mohaa.exe"= UDP:d:\program files\mohaa.exe:Medal of Honor Allied Assault(tm)
"UDP Query User{0E0AB83A-BE4C-4A8E-81A9-416809FAAC2F}d:\\program files\\mohaa.exe"= TCP:d:\program files\mohaa.exe:Medal of Honor Allied Assault(tm)
"TCP Query User{07B1DAEC-C190-496B-A2B7-07AE5081FE2A}c:\\program files\\share 1.0 ex2\\share.exe"= UDP:c:\program files\share 1.0 ex2\share.exe:Share
"UDP Query User{B6DA4B94-7AED-4E71-A76A-8475D274539F}c:\\program files\\share 1.0 ex2\\share.exe"= TCP:c:\program files\share 1.0 ex2\share.exe:Share
"TCP Query User{EEF72A69-6FAD-4996-B9AE-DBA18B3BBEDA}c:\\program files\\real\\realplayer\\realplay.exe"= UDP:c:\program files\real\realplayer\realplay.exe:RealPlayer
"UDP Query User{BD400E3E-A192-4C93-BF2F-8B3E3878AAA2}c:\\program files\\real\\realplayer\\realplay.exe"= TCP:c:\program files\real\realplayer\realplay.exe:RealPlayer
"{8FE9B927-47CF-4551-9C02-00E65CED0738}"= UDP:c:\program files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"{F49326FE-D15F-48C9-B0CA-ED1BEA0C4967}"= TCP:c:\program files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"{D716ABE6-E83F-413A-B9CA-A6DE64132AED}"= UDP:c:\program files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"{21EFADC3-5AEC-4660-A875-73215A131F68}"= TCP:c:\program files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"TCP Query User{31CE8ADD-765D-4427-8337-AC5F4BA26F6E}d:\\sierra\\fpupdate.exe"= UDP:d:\sierra\fpupdate.exe:fpupdate
"UDP Query User{FEA701E8-DFF5-41B0-A6E7-C3B11FDD0F90}d:\\sierra\\fpupdate.exe"= TCP:d:\sierra\fpupdate.exe:fpupdate
"{A27F36B2-63D9-43A3-90DC-DC504233C7BB}"= UDP:d:\sierra\FEAR.exe:FEAR
"{BB81289D-8B7B-466E-B7B3-0175F7EA6545}"= TCP:d:\sierra\FEAR.exe:FEAR
"{0F57C1B9-4A12-4B0B-9A21-F102F0AC339E}"= UDP:d:\sierra\FEARMP.exe:FEAR
"{60A939F9-BAB0-4B0D-98DF-F4BBC8B024E3}"= TCP:d:\sierra\FEARMP.exe:FEAR
"{03593397-AB84-4B7C-A6F5-FE8DF42299BE}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{341C5ECD-6D5B-4DE2-A0AA-48508DD99296}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{2B024841-3B16-4683-9472-D32AA5DC5140}"= UDP:D:\iTunes.exe:iTunes
"{459D8120-2DB2-45F2-A1CB-006BB1E530A7}"= TCP:D:\iTunes.exe:iTunes
"{A9E7A095-F1BE-4294-9F06-4BBED3751B24}"= UDP:D:\Steam.exe:Steam Client
"{15433B62-C71F-4F3B-9962-1F4D1E4C858A}"= TCP:D:\Steam.exe:Steam Client
"{2D5EC84C-860A-4BBB-801B-B87AA9C9B85C}"= UDP:d:\steamapps\common\Lost Planet Extreme Condition\LostPlanetDx10.exe:LostPlanetDX10
"{454E749D-B41B-4DA8-AFF3-6D74874034AA}"= TCP:d:\steamapps\common\Lost Planet Extreme Condition\LostPlanetDx10.exe:LostPlanetDX10
"{8A643186-2B0D-447F-B28A-4987CD18EEB1}"= UDP:d:\steamapps\common\Lost Planet Extreme Condition\LostPlanetDx9.exe:LostPlanetDX9
"{E21FC015-7358-4C73-BEBE-1E6142E36D07}"= TCP:d:\steamapps\common\Lost Planet Extreme Condition\LostPlanetDx9.exe:LostPlanetDX9
"TCP Query User{75CE2E7B-F9B4-4082-9F7C-7F97E03DAA4D}c:\\users\\flo\\desktop\\crack\\lostplanetdx9.exe"= UDP:c:\users\flo\desktop\crack\lostplanetdx9.exe:lostplanetdx9.exe
"UDP Query User{DF78125E-7BB5-4068-B436-E081ABEDE197}c:\\users\\flo\\desktop\\crack\\lostplanetdx9.exe"= TCP:c:\users\flo\desktop\crack\lostplanetdx9.exe:lostplanetdx9.exe
"TCP Query User{06FF240D-1B2B-4FDF-BE90-0849A82F268F}d:\\emule\\emule.exe"= UDP:d:\emule\emule.exe:eMule
"UDP Query User{A2C311DC-4BC8-494A-BEF9-173E42B2D6CE}d:\\emule\\emule.exe"= TCP:d:\emule\emule.exe:eMule
"TCP Query User{713A7383-3372-4590-9FF8-0ADABD77705E}c:\\users\\flo\\desktop\\lost.planet.extreme.condition-unleashed-crack\\crack\\lostplanetdx9.exe"= UDP:c:\users\flo\desktop\lost.planet.extreme.condition-unleashed-crack\crack\lostplanetdx9.exe:lostplanetdx9.exe
"UDP Query User{859192F2-D95A-425E-A83E-FC2B9BB3DEF0}c:\\users\\flo\\desktop\\lost.planet.extreme.condition-unleashed-crack\\crack\\lostplanetdx9.exe"= TCP:c:\users\flo\desktop\lost.planet.extreme.condition-unleashed-crack\crack\lostplanetdx9.exe:lostplanetdx9.exe
"{3A67F3BA-0B62-4EF8-AB04-44699B9F5649}"= UDP:d:\limewire\LimeWire.exe:LimeWire
"{AA4B6CD9-E02C-4A14-83C3-C7C35547BBE1}"= TCP:d:\limewire\LimeWire.exe:LimeWire
"{E9D5E634-0544-4DDF-A67B-9C67DC70EC3B}"= UDP:d:\s.t.a.l.k.e.r. - shadow of chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"{DAC83187-4696-49C2-9C59-1EC38885DB69}"= TCP:d:\s.t.a.l.k.e.r. - shadow of chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"{364E0036-DAAD-4894-902A-AD71D526E1AD}"= UDP:d:\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"{4CCE181F-D61E-4EB6-8697-ACE12E7C08F5}"= TCP:d:\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"{A1864EB5-79E5-4ECA-A429-6FB1F36A085F}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Acer\\Empowering Technology\\eDataSecurity\\eDSfsu.exe"= c:\acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu
"c:\\Acer\\Empowering Technology\\eDataSecurity\\encryption.exe"= c:\acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption
"c:\\Acer\\Empowering Technology\\eDataSecurity\\decryption.exe"= c:\acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption

R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [2006-11-02 15:51 13560]
R2 ALaunchService;ALaunch Service;c:\acer\ALaunch\ALaunchSvc.exe [2007-01-26 50688]
R3 atikmdag;atikmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2007-05-04 2591232]
R3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2007-03-07 32256]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-02-08 179712]
S3 PMUSB2G;PassMark® Software USB 2.0 Loopback plug;c:\windows\system32\Drivers\PMUSB.sys [2004-11-25 18944]
S3 Steam Client Service;Steam Client Service;c:\program files\Common Files\Steam\SteamService.exe [2008-10-10 87288]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4fb4f2c1-1d06-11dc-a2e6-806e6f6e6963}]
\shell\AutoRun\command - F:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6ef4b407-30df-11dd-9859-0019d2c4c165}]
\shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7d40ab10-746a-11dd-942d-0019d2c4c165}]
\shell\AutoRun\command - H:\LaunchU3.exe -a
.
- - - - ORPHELINS SUPPRIMES - - - -

HKLM-Run-IgfxTray - c:\windows\system32\igfxtray.exe
HKLM-Run-HotKeysCmds - c:\windows\system32\hkcmd.exe
HKLM-Run-Persistence - c:\windows\system32\igfxpers.exe
HKLM-Run-ALaunch - c:\acer\ALaunch\AlaunchClient.exe
HKLM-Run-Acer Tour - (no file)
HKLM-Run-eRecoveryService - (no file)
MSConfigStartUp-Adobe Photo Downloader - D:\apdproxy.exe
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe
MSConfigStartUp-hauobc - c:\users\flo\appdata\local\hauobc.exe
MSConfigStartUp-QuickTime Task - c:\program files\QuickTime\QTTask.exe
MSConfigStartUp-SetPanel - c:\acer\APanel\APanel.cmd


.
------- Examen supplémentaire -------
.
FireFox -: Profile - c:\users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\t2p94jkv.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-08 00:46:47
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...


c:\windows\TEMP\TMP0000006AF5A05C146A94D41B

Scan terminé avec succès
Fichiers cachés: 1

**************************************************************************
.
Heure de fin: 2008-11-08 0:49:18
ComboFix-quarantined-files.txt 2008-11-07 23:48:39

Avant-CF: 18,265,194,496 octets libres
Après-CF: 18,621,882,368 octets libres

271 --- E O F --- 2008-11-07 11:35:32

Salut,

Azureus + emule : deux sources potentielles d'infections... tu as peur de rien !

- Redémarre en mode sans-échec.(Important)

- Clique sur le menu démarrer/Exécuter, tape notepad à l’invite de commande et OK.

- Copie/colle ce qui est en citation ci-dessous dans le Bloc-Notes :




- Enregistre ce fichier sur le bureau (Impératif)

-Nom du fichier : CFScript.txt
-Type du fichier : tous les fichiers

- Clique sur Enregistrer et quitte le Bloc Notes

Important Déconnecte toi de l’internet et désactive ton Antivirus et antispyware avant de faire le glisser/déposer

- Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe sur le bureau, comme sur cette capture (l’icône est un lion) :



* Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
* Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
* Si le fichier ne s'ouvre pas, il se trouve ici > C:\ ComboFix.txt.

Bonjour j'ai effectué toutes les manipulations que vous m'avez demandé et durant le processus de Combofix il s'est affiché un message concernant les fichier que vous m'avez demandé de copier coller dans le bloc note. Ce message indiquait : "Accès refusé , vous devez être administrateur" quelque chose comme ça...(enfin en tout cas je pense que les fichiers n'ont pas été supprimé)
J'ai tout de même conservé le nouveau rapport de Combofix que voici :


ComboFix 08-11-06.01 - Flo 2008-11-08 13:36:10.2 - NTFSx86 MINIMAL
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1615 [GMT 1:00]
Lancé depuis: c:\users\Flo\Desktop\ComboFix.exe
Commutateurs utilisés :: c:\users\Flo\Desktop\CFScript.txt

FILE ::
c:\windows\_MSRSTRT.EXE
c:\windows\InZU31.exe
c:\windows\TEMP\TMP0000006AF5A05C146A94D41B
F:\setup.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\_MSRSTRT.EXE
c:\windows\InZU31.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-10-08 au 2008-11-08 ))))))))))))))))))))))))))))))))))))
.

2008-11-02 21:14 . 2008-11-02 21:14 <REP> d-------- C:\ATI
2008-11-02 20:42 . 2008-11-02 20:42 <REP> d-------- c:\program files\Microsoft Silverlight
2008-11-02 20:37 . 2008-08-05 10:49 428,544 --a------ c:\windows\System32\EncDec.dll
2008-11-02 20:37 . 2008-08-05 10:49 293,376 --a------ c:\windows\System32\psisdecd.dll
2008-11-02 20:37 . 2008-08-05 10:48 217,088 --a------ c:\windows\System32\psisrndr.ax
2008-11-02 20:37 . 2008-08-05 10:48 177,664 --a------ c:\windows\System32\mpg2splt.ax
2008-11-02 20:37 . 2008-08-05 10:48 80,896 --a------ c:\windows\System32\MSNP.ax
2008-10-31 19:04 . 2008-10-31 19:10 <REP> d-------- c:\users\Flo\AppData\Roaming\foobar2000
2008-10-29 16:22 . 2008-10-29 16:22 <REP> d-------- c:\program files\InstallShield Installation Information
2008-10-29 16:21 . 2008-10-29 16:21 <REP> d-------- c:\program files\Veoh Networks
2008-10-29 12:00 . 2008-08-12 04:39 443,392 --a------ c:\windows\System32\win32spl.dll
2008-10-29 12:00 . 2008-09-18 05:56 147,456 --a------ c:\windows\System32\Faultrep.dll
2008-10-29 12:00 . 2008-09-18 05:56 125,952 --a------ c:\windows\System32\wersvc.dll
2008-10-15 11:46 . 2008-10-02 04:49 827,392 --a------ c:\windows\System32\wininet.dll
2008-10-15 11:45 . 2008-10-02 02:32 1,383,424 --a------ c:\windows\System32\mshtml.tlb
2008-10-15 10:29 . 2008-09-18 06:09 3,601,464 --a------ c:\windows\System32\ntkrnlpa.exe
2008-10-15 10:29 . 2008-09-18 06:09 3,549,240 --a------ c:\windows\System32\ntoskrnl.exe
2008-10-15 10:29 . 2008-08-27 02:06 288,768 --a------ c:\windows\System32\drivers\srv.sys
2008-10-15 10:15 . 2008-09-18 03:16 2,032,640 --a------ c:\windows\System32\win32k.sys
2008-10-14 19:24 . 2008-10-16 11:53 <REP> d-------- c:\users\Flo\AppData\Roaming\LimeWire
2008-10-10 18:16 . 2008-10-10 18:16 <REP> d-------- c:\program files\Common Files\Steam

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-07 17:51 --------- d-----w c:\program files\MSN Messenger
2008-11-06 20:33 --------- d-----w c:\users\Flo\AppData\Roaming\U3
2008-10-29 13:42 --------- d-----w c:\program files\Microsoft IntelliPoint
2008-10-29 13:42 --------- d-----w c:\program files\Launch Manager
2008-10-29 13:42 --------- d-----w c:\program files\K-Lite Codec Pack
2008-10-29 13:42 --------- d-----w c:\program files\Java
2008-10-29 13:41 --------- d-----w c:\program files\Windows Photo Gallery
2008-10-29 13:41 --------- d-----w c:\program files\Windows Journal
2008-10-29 13:41 --------- d-----w c:\program files\Intel
2008-10-26 15:42 2,606 ----a-w c:\users\Flo\AppData\Roaming\wklnhst.dat
2008-10-16 18:50 --------- d-----w c:\program files\Windows Mail
2008-10-16 10:15 --------- d-----w c:\programdata\Microsoft Help
2008-10-15 21:26 --------- d-----w c:\users\Flo\AppData\Roaming\Media Center Programs
2008-10-05 19:48 --------- d-----w c:\programdata\Apple Computer
2008-10-05 19:48 --------- d-----w c:\programdata\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-09-30 09:30 --------- d-----w c:\programdata\Lavasoft
2008-09-30 09:26 --------- d-----w c:\program files\Lavasoft
2008-09-30 09:26 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-09-30 09:14 --------- d-----w c:\programdata\VadeRetro
2008-09-30 09:11 --------- d-----w c:\users\Flo\AppData\Roaming\VadeRetro
2008-09-17 15:52 --------- d-----w c:\program files\Common Files\Apple
2008-09-17 15:44 --------- d-----w c:\program files\Bonjour
2008-09-12 15:06 22,328 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2008-09-12 15:06 103,736 ----a-w c:\windows\System32\PnkBstrB.exe
2008-08-29 08:18 87,336 ----a-w c:\windows\System32\dns-sd.exe
2008-08-29 07:53 61,440 ----a-w c:\windows\System32\dnssd.dll
2008-06-06 09:57 174 --sha-w c:\program files\desktop.ini
2007-12-25 01:43 22,328 ----a-w c:\users\Flo\AppData\Roaming\PnkBstrK.sys
2007-12-08 09:52 233,472 ----a-w c:\users\Flo\AppData\Roaming\REX Shared Library.dll
2007-12-08 09:52 225,280 ----a-w c:\users\Flo\AppData\Roaming\Rewire.dll
2002-08-26 17:54 327,680 ----a-r c:\users\Flo\AppData\Roaming\MafiaSetup.exe
.

((((((((((((((((((((((((((((( snapshot@2008-11-08_ 0.47.46.55 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-11-07 23:29:12 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat
+ 2008-11-08 13:28:56 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat
+ 2008-11-08 13:28:56 262,144 ---ha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2008-11-07 23:29:53 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2008-11-08 13:28:56 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2008-11-08 13:28:56 262,144 ---ha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2008-11-07 23:30:22 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-11-08 11:45:09 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-11-07 23:30:22 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-11-08 11:45:09 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-11-07 23:30:22 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-11-08 11:45:09 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-11-07 23:34:47 105,276 ----a-w c:\windows\System32\perfc009.dat
+ 2008-11-08 12:31:35 104,666 ----a-w c:\windows\System32\perfc009.dat
- 2008-11-07 23:34:47 128,418 ----a-w c:\windows\System32\perfc00C.dat
+ 2008-11-08 12:31:35 127,834 ----a-w c:\windows\System32\perfc00C.dat
- 2008-11-07 23:34:47 595,946 ----a-w c:\windows\System32\perfh009.dat
+ 2008-11-08 12:31:35 595,336 ----a-w c:\windows\System32\perfh009.dat
- 2008-11-07 23:34:47 679,418 ----a-w c:\windows\System32\perfh00C.dat
+ 2008-11-08 12:31:35 678,432 ----a-w c:\windows\System32\perfh00C.dat
- 2008-11-07 23:30:08 12,080 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-722847408-4120334268-1447528841-1000_UserData.bin
+ 2008-11-08 11:22:41 12,096 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-722847408-4120334268-1447528841-1000_UserData.bin
- 2008-11-07 23:30:08 82,960 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-11-08 11:22:41 82,960 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2008-11-07 23:30:07 61,874 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-11-08 11:22:39 61,890 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"ares"="c:\program files\Ares\Ares.exe" [2007-12-31 962560]
"Veoh"="c:\program files\Veoh Networks\Veoh\VeohClient.exe" [2008-09-26 3660848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"eAudio"="c:\acer\Empowering Technology\eAudio\eAudio.exe" [2007-05-09 1286144]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-12 457728]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-04-04 678672]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-09-02 266497]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2006-11-07 159744]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872]
"RtHDVCpl"="RtHDVCpl.exe" [2007-05-10 c:\windows\RtHDVCpl.exe]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2001-01-10 535336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"EnableUIADesktopToggle"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=eNetHook.dll

[HKLM\~\startupfolder\C:^Users^Flo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Téléchargez gratuitement 2 titres audios.lnk]
path=c:\users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Téléchargez gratuitement 2 titres audios.lnk
backup=c:\windows\pss\Téléchargez gratuitement 2 titres audios.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Tour Reminder]
--a------ 2007-02-15 18:39 151552 c:\acer\AcerTour\Reminder.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
--a------ 2008-09-03 19:12 111936 c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
--a------ 2007-12-31 15:29 962560 c:\program files\Ares\Ares.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSyncU.exe]
--a------ 2006-06-12 13:32 700416 c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
--a------ 2007-02-06 00:52 849280 c:\program files\Microsoft IntelliPoint\ipoint.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-10-01 17:57 289576 D:\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie]
--------- 2007-05-03 10:16 206952 c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSet]
--a------ 2007-03-09 17:51 45056 c:\windows\PLFSet.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
--a------ 2006-11-10 11:35 90112 c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
--a------ 2008-10-10 18:14 1410296 D:\Steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-06-16 20:36 185896 c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
--a------ 2008-09-26 19:14 3660848 c:\program files\Veoh Networks\Veoh\VeohClient.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
--a------ 2006-11-05 20:48 57344 c:\acer\WR_PopUp\WarReg_PopUp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
--a------ 2007-05-07 11:51 1826816 c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{F4F6F825-4E89-486A-8B95-3192340F817A}"= c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe
"{28276C90-044D-4DD6-8E4D-FC3B032F02B6}"= c:\program files\Acer Arcade Deluxe\DVDivine\DVDivine.exe:DVDivine
"{3B2A64A9-C232-4765-AE81-D5C8F5CE7259}"= c:\program files\Acer Arcade Deluxe\VideoMagician\VideoMagician.exe:VideoMagician
"{0F36CD92-4215-41E1-8427-8FDC82BC297D}"= c:\program files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:HomeMedia
"{E3AD86A2-0361-4E7B-9E46-FCC6BCEB485D}"= c:\program files\Acer Arcade Deluxe\DV Wizard\DV Wizard.exe:DV Wizard
"{C2DA6328-0705-499B-B8E6-95D7426FAB66}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{6EF6711E-5547-43D9-84B2-2BAD84EAF4ED}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{DAB198F0-26F2-4555-B0C1-37E127744911}"= c:\program files\Acer Arcade Deluxe\Play Movie\PlayMovie.exe:Play Movie
"{9767B165-41D9-456E-AB57-2E66087E7BD5}"= c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe:Play Movie Resident Program
"{4E5258EA-245A-458B-9B16-85083C48C43D}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"TCP Query User{122424D4-7311-463A-A17D-40363CA4347F}c:\\program files\\sierra\\fear\\fpupdate.exe"= UDP:c:\program files\sierra\fear\fpupdate.exe:fpupdate
"UDP Query User{6C102FC5-0343-4E8E-89B0-CFA130555EA2}c:\\program files\\sierra\\fear\\fpupdate.exe"= TCP:c:\program files\sierra\fear\fpupdate.exe:fpupdate
"{3F29F6A6-2EA9-40C8-8261-F7425A46B247}"= UDP:c:\program files\Sierra\FEAR\FEAR.exe:FEAR
"{F3D958A2-6F5C-40B4-8A12-714DD517B125}"= TCP:c:\program files\Sierra\FEAR\FEAR.exe:FEAR
"{89027A54-1984-4FA3-BA6D-2AD9A89CD7F7}"= UDP:c:\program files\Sierra\FEAR\FEARMP.exe:FEAR
"{2F71E015-E287-4E0E-8DB9-D97C73186968}"= TCP:c:\program files\Sierra\FEAR\FEARMP.exe:FEAR
"TCP Query User{9B64581C-48F5-43FA-BDBC-06CB811F3274}c:\\users\\flo\\desktop\\warcraft iii\\war3.exe"= UDP:c:\users\flo\desktop\warcraft iii\war3.exe:war3.exe
"UDP Query User{A7E3EC21-CD48-4020-BF54-6FE1EE355EE3}c:\\users\\flo\\desktop\\warcraft iii\\war3.exe"= TCP:c:\users\flo\desktop\warcraft iii\war3.exe:war3.exe
"TCP Query User{FC06F41F-FF66-47A1-A21D-9A939DDF0DDA}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"UDP Query User{195C577B-2E76-4923-95E9-93B1753D7F1F}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"TCP Query User{F795ECD2-920F-45D2-A0BB-08477C410A71}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{7BE6A109-275B-42F6-A2D4-026FDD2C83E9}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{339CA8F2-5B1D-4D36-9D77-D1001F2F4E1F}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{014317EC-0E19-4DB4-A5FA-F45D33193401}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"{9EB34EFD-2CA2-4567-BC5D-5D17A3B0249D}"= UDP:c:\program files\FrostWire\FrostWire.exe:LimeWire
"{68C4A4F3-C626-4FFF-9004-09790793C410}"= TCP:c:\program files\FrostWire\FrostWire.exe:LimeWire
"TCP Query User{FC38239E-75F7-4862-8F1F-31F3E5024740}c:\\program files\\ares\\ares.exe"= UDP:c:\program files\ares\ares.exe:Ares p2p for windows
"UDP Query User{6CC855A6-F0B4-483C-94B6-021DCE5BF439}c:\\program files\\ares\\ares.exe"= TCP:c:\program files\ares\ares.exe:Ares p2p for windows
"TCP Query User{D0FD599F-F5E2-4AF6-A1F4-FECA401DD328}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"UDP Query User{E36DAD49-562D-457B-BAAD-B95B97A15D71}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"{69901ECF-7CF6-42B8-9C1B-7515CB4FBE93}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{7FD5DBEB-CD62-49ED-9F14-ADA4129AA981}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{98C4AC8E-66EF-420B-83DD-3B95D9F200F9}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{C2D1729F-76B6-4332-B977-DF8DA5FB9E36}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"TCP Query User{00CDF089-CFF7-475D-9F29-32DEB5FADB06}c:\\program files\\azureus\\azureus.exe"= UDP:c:\program files\azureus\azureus.exe:Azureus
"UDP Query User{F0544D17-C479-4809-B66A-534A9FAFA06A}c:\\program files\\azureus\\azureus.exe"= TCP:c:\program files\azureus\azureus.exe:Azureus
"TCP Query User{631BBB20-AB60-4163-9DF1-C191B5D7BAA2}d:\\sierra\\arcanum\\arcanum.exe"= UDP:d:\sierra\arcanum\arcanum.exe:Arcanum
"UDP Query User{A457EF4F-B9D5-413F-9268-D950D1043395}d:\\sierra\\arcanum\\arcanum.exe"= TCP:d:\sierra\arcanum\arcanum.exe:Arcanum
"TCP Query User{31CC1357-B7F6-4D0D-A78A-24587F6FBA55}d:\\silverfall\\silverfall.exe"= UDP:d:\silverfall\silverfall.exe:Silverfall
"UDP Query User{FCFE2935-77BE-4379-9B71-A1AF4D98CB25}d:\\silverfall\\silverfall.exe"= TCP:d:\silverfall\silverfall.exe:Silverfall
"TCP Query User{6FF68CFA-6A8A-4B0A-9424-0FBDFE27D4E9}d:\\program files\\mohaa.exe"= UDP:d:\program files\mohaa.exe:Medal of Honor Allied Assault(tm)
"UDP Query User{0E0AB83A-BE4C-4A8E-81A9-416809FAAC2F}d:\\program files\\mohaa.exe"= TCP:d:\program files\mohaa.exe:Medal of Honor Allied Assault(tm)
"TCP Query User{07B1DAEC-C190-496B-A2B7-07AE5081FE2A}c:\\program files\\share 1.0 ex2\\share.exe"= UDP:c:\program files\share 1.0 ex2\share.exe:Share
"UDP Query User{B6DA4B94-7AED-4E71-A76A-8475D274539F}c:\\program files\\share 1.0 ex2\\share.exe"= TCP:c:\program files\share 1.0 ex2\share.exe:Share
"TCP Query User{EEF72A69-6FAD-4996-B9AE-DBA18B3BBEDA}c:\\program files\\real\\realplayer\\realplay.exe"= UDP:c:\program files\real\realplayer\realplay.exe:RealPlayer
"UDP Query User{BD400E3E-A192-4C93-BF2F-8B3E3878AAA2}c:\\program files\\real\\realplayer\\realplay.exe"= TCP:c:\program files\real\realplayer\realplay.exe:RealPlayer
"{8FE9B927-47CF-4551-9C02-00E65CED0738}"= UDP:c:\program files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"{F49326FE-D15F-48C9-B0CA-ED1BEA0C4967}"= TCP:c:\program files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"{D716ABE6-E83F-413A-B9CA-A6DE64132AED}"= UDP:c:\program files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"{21EFADC3-5AEC-4660-A875-73215A131F68}"= TCP:c:\program files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"TCP Query User{31CE8ADD-765D-4427-8337-AC5F4BA26F6E}d:\\sierra\\fpupdate.exe"= UDP:d:\sierra\fpupdate.exe:fpupdate
"UDP Query User{FEA701E8-DFF5-41B0-A6E7-C3B11FDD0F90}d:\\sierra\\fpupdate.exe"= TCP:d:\sierra\fpupdate.exe:fpupdate
"{A27F36B2-63D9-43A3-90DC-DC504233C7BB}"= UDP:d:\sierra\FEAR.exe:FEAR
"{BB81289D-8B7B-466E-B7B3-0175F7EA6545}"= TCP:d:\sierra\FEAR.exe:FEAR
"{0F57C1B9-4A12-4B0B-9A21-F102F0AC339E}"= UDP:d:\sierra\FEARMP.exe:FEAR
"{60A939F9-BAB0-4B0D-98DF-F4BBC8B024E3}"= TCP:d:\sierra\FEARMP.exe:FEAR
"{03593397-AB84-4B7C-A6F5-FE8DF42299BE}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{341C5ECD-6D5B-4DE2-A0AA-48508DD99296}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{2B024841-3B16-4683-9472-D32AA5DC5140}"= UDP:D:\iTunes.exe:iTunes
"{459D8120-2DB2-45F2-A1CB-006BB1E530A7}"= TCP:D:\iTunes.exe:iTunes
"{A9E7A095-F1BE-4294-9F06-4BBED3751B24}"= UDP:D:\Steam.exe:Steam Client
"{15433B62-C71F-4F3B-9962-1F4D1E4C858A}"= TCP:D:\Steam.exe:Steam Client
"{2D5EC84C-860A-4BBB-801B-B87AA9C9B85C}"= UDP:d:\steamapps\common\Lost Planet Extreme Condition\LostPlanetDx10.exe:LostPlanetDX10
"{454E749D-B41B-4DA8-AFF3-6D74874034AA}"= TCP:d:\steamapps\common\Lost Planet Extreme Condition\LostPlanetDx10.exe:LostPlanetDX10
"{8A643186-2B0D-447F-B28A-4987CD18EEB1}"= UDP:d:\steamapps\common\Lost Planet Extreme Condition\LostPlanetDx9.exe:LostPlanetDX9
"{E21FC015-7358-4C73-BEBE-1E6142E36D07}"= TCP:d:\steamapps\common\Lost Planet Extreme Condition\LostPlanetDx9.exe:LostPlanetDX9
"TCP Query User{75CE2E7B-F9B4-4082-9F7C-7F97E03DAA4D}c:\\users\\flo\\desktop\\crack\\lostplanetdx9.exe"= UDP:c:\users\flo\desktop\crack\lostplanetdx9.exe:lostplanetdx9.exe
"UDP Query User{DF78125E-7BB5-4068-B436-E081ABEDE197}c:\\users\\flo\\desktop\\crack\\lostplanetdx9.exe"= TCP:c:\users\flo\desktop\crack\lostplanetdx9.exe:lostplanetdx9.exe
"TCP Query User{06FF240D-1B2B-4FDF-BE90-0849A82F268F}d:\\emule\\emule.exe"= UDP:d:\emule\emule.exe:eMule
"UDP Query User{A2C311DC-4BC8-494A-BEF9-173E42B2D6CE}d:\\emule\\emule.exe"= TCP:d:\emule\emule.exe:eMule
"TCP Query User{713A7383-3372-4590-9FF8-0ADABD77705E}c:\\users\\flo\\desktop\\lost.planet.extreme.condition-unleashed-crack\\crack\\lostplanetdx9.exe"= UDP:c:\users\flo\desktop\lost.planet.extreme.condition-unleashed-crack\crack\lostplanetdx9.exe:lostplanetdx9.exe
"UDP Query User{859192F2-D95A-425E-A83E-FC2B9BB3DEF0}c:\\users\\flo\\desktop\\lost.planet.extreme.condition-unleashed-crack\\crack\\lostplanetdx9.exe"= TCP:c:\users\flo\desktop\lost.planet.extreme.condition-unleashed-crack\crack\lostplanetdx9.exe:lostplanetdx9.exe
"{3A67F3BA-0B62-4EF8-AB04-44699B9F5649}"= UDP:d:\limewire\LimeWire.exe:LimeWire
"{AA4B6CD9-E02C-4A14-83C3-C7C35547BBE1}"= TCP:d:\limewire\LimeWire.exe:LimeWire
"{E9D5E634-0544-4DDF-A67B-9C67DC70EC3B}"= UDP:d:\s.t.a.l.k.e.r. - shadow of chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"{DAC83187-4696-49C2-9C59-1EC38885DB69}"= TCP:d:\s.t.a.l.k.e.r. - shadow of chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"{364E0036-DAAD-4894-902A-AD71D526E1AD}"= UDP:d:\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"{4CCE181F-D61E-4EB6-8697-ACE12E7C08F5}"= TCP:d:\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"{A1864EB5-79E5-4ECA-A429-6FB1F36A085F}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Acer\\Empowering Technology\\eDataSecurity\\eDSfsu.exe"= c:\acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu
"c:\\Acer\\Empowering Technology\\eDataSecurity\\encryption.exe"= c:\acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption
"c:\\Acer\\Empowering Technology\\eDataSecurity\\decryption.exe"= c:\acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption

R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [2006-11-02 15:51 13560]
R2 ALaunchService;ALaunch Service;c:\acer\ALaunch\ALaunchSvc.exe [2007-01-26 50688]
R3 atikmdag;atikmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2007-05-04 2591232]
R3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2007-03-07 32256]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-02-08 179712]
S3 PMUSB2G;PassMark® Software USB 2.0 Loopback plug;c:\windows\system32\Drivers\PMUSB.sys [2004-11-25 18944]
S3 Steam Client Service;Steam Client Service;c:\program files\Common Files\Steam\SteamService.exe [2008-10-10 87288]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4fb4f2c1-1d06-11dc-a2e6-806e6f6e6963}]
\shell\AutoRun\command - F:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6ef4b407-30df-11dd-9859-0019d2c4c165}]
\shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7d40ab10-746a-11dd-942d-0019d2c4c165}]
\shell\AutoRun\command - H:\LaunchU3.exe -a
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-08 14:29:09
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\System32\Ati2evxx.exe
c:\windows\System32\audiodg.exe
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\windows\System32\Ati2evxx.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\System32\CTSVCCDA.EXE
c:\acer\Empowering Technology\eDataSecurity\eDSService.exe
c:\acer\Empowering Technology\eLock\Service\eLockServ.exe
c:\acer\Empowering Technology\eNet\eNet Service.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\acer\Mobility Center\MobilityService.exe
c:\windows\System32\PnkBstrA.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\System32\drivers\XAudio.exe
c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe
c:\acer\Empowering Technology\eSettings\Service\capuserv.exe
c:\acer\Empowering Technology\ePower\ePowerSvc.exe
c:\windows\System32\wbem\unsecapp.exe
c:\windows\System32\conime.exe
c:\program files\Launch Manager\LManager.exe
c:\acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
c:\users\Flo\AppData\Local\Temp\RtkBtMnt.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Apoint2K\ApMsgFwd.exe
c:\program files\Apoint2K\ApntEx.exe
c:\acer\Empowering Technology\eNet\eNMTray.exe
c:\acer\Empowering Technology\ePower\ePower_DMC.exe
c:\acer\Empowering Technology\eRecovery\eRAgent.exe
c:\windows\System32\wbem\WMIADAP.exe
c:\program files\Internet Explorer\ieuser.exe
c:\windows\System32\dllhost.exe
.
**************************************************************************
.
Heure de fin: 2008-11-08 14:35:34 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-11-08 13:35:26
ComboFix2.txt 2008-11-07 23:49:19

Avant-CF: Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.
Après-CF: 18,094,284,800 octets libres

321 --- E O F --- 2008-11-07 11:35:32

Salut,

>Ouvrez n'importe quelle fenêtre de l'explorateur windows. Celle du poste de travail peut faire l'affaire.


Est-ce que tu vois le "F:\setup.exe" ?

Je ne le voit pas directement mais quand je le recherche grâce à l'outils de recherche il me l'affiche, l'icône est la même qu'un jeu vidéo que j'ai sur mon pc.

En tout cas le fichier n'apparait pas dans la fenêtre du Poste de travail

Alors dès que tu l'as trouvé avec l'outil de recherche, supprime-le.

Suis à présent, cette manipulation : http://www.site-naheulbeuk.com/sdfix.php

Oublie pas le rapport.

J'ai eu quelque problèmes avec sdfix.
J'ai effectué le dézipage et le lancement du programme en mode sans echec comme il est indiqué sur le site que vous m'avez donné.
Mais en mode sans echec Sdfix ne se lançait pas une fenêtre bleu s'ouvrait une demi seconde sans que j'ai le temps de faire quoi que se soit.
J'ai tout de même effectué un scan mais en mode normal voici le rapport :

Run on 09/11/2008 at 14:42

Microsoft Windows [version 6.0.6001]

Current user is not an administrator

Running Processes:

C:\Windows\system32\taskeng.exe [1508]
C:\Windows\system32\Dwm.exe [1824]
C:\Windows\Explorer.EXE [2080]
C:\Windows\RtHDVCpl.exe [2324]
C:\Acer\Empowering Technology\eAudio\eAudio.exe [2336]
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe [2348]
C:\Users\Flo\AppData\Local\Temp\RtkBtMnt.exe [2520]
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe [2552]
C:\Program Files\Launch Manager\LManager.exe [2560]
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2572]
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2640]
C:\Program Files\Apoint2K\Apoint.exe [2672]
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [2680]
C:\Program Files\Windows Sidebar\sidebar.exe [2712]
C:\Program Files\MSN Messenger\msnmsgr.exe [2720]
C:\Windows\ehome\ehtray.exe [2744]
C:\Program Files\Ares\Ares.exe [2812]
C:\Windows\ehome\ehmsas.exe [2844]
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe [2852]
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE [3296]
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE [3400]
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE [3812]
C:\Program Files\Apoint2K\Apntex.exe [4208]
C:\Windows\system32\conime.exe [2736]
C:\Program Files\Internet Explorer\ieuser.exe [4964]
C:\Program Files\Internet Explorer\iexplore.exe [3652]
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe [4752]
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe [6064]


Drivers - Running:

ACPI
AFD
atapi
atksgt
avgio
avipbb
Beep
bowser
cdrom
CLFS
Compbatt
crcdisk
DfsC
disk
Ecache
FileInfo
FltMgr
HTTP
i8042prt
iaStor
iaStorV
int15
kbdclass
kbdhid
KSecDD
lirsgt
lltdio
luafv
mdmxsdk
mouclass
MountMgr
mpsdrv
MRxDAV
mrxsmb
mrxsmb10
mrxsmb20
Msfs
msisadrv
Mup
NativeWifiP
NDIS
Ndisuio
NetBIOS
netbt
NETw4v32
Npfs
nsiproxy
Null
partmgr
pci
pciide
PEAUTH
PSched
PSDFilter
PSDNServ
psdvdisk
PxHelp20
RasAcd
rdbss
RDPCDD
RDPENCDD
rimmptsk
rimsptsk
rismxdp
rspndr
secdrv
Smb
spldr
sptd
srv
srv2
srvnet
ssmdrv
Tcpip
tcpipreg
tdx
TermDD
VgaSave
volmgr
volmgrx
volsnap
Wanarpv6
Wdf01000
XAudio
{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}


Drivers - Stopped:

adp94xx
adpahci
adpu160m
adpu320
agp440
aic78xx
aliide
amdagp
amdide
AmdK7
AmdK8
ApfiltrService
arc
arcsas
AsyncMac
atikmdag
avgntflt
b57nd60x
blbdrive
BrFiltLo
BrFiltUp
Brserid
BrSerWdm
BrUsbMdm
BrUsbSer
BTHMODEM
cdfs
circlass
CmBatt
cmdide
Crusoe
DKbFltr
DritekPortIO
drmkaud
DXGKrnl
E1G60
elxstor
enecir
exfat
fastfat
fdc
Filetrace
flpydisk
gagp30kx
GEARAspiWDM
HdAudAddService
HDAudBus
HidBth
HidIr
HidUsb
HpCISSs
HSFHWAZL
HSF_DPV
HSXHWAZL
i2omp
igfx
iirsp
IntcAzAudAddService
intelide
intelppm
IpFilterDriver
IpInIp
IPMIDRV
IPNAT
IRENUM
isapnp
iScsiPrt
iteatapi
iteraid
LSI_FC
LSI_SAS
LSI_SCSI
megasas
Modem
monitor
mouhid
mpio
Mraid35x
msahci
msdsm
MSKSSRV
MSPCLOCK
MSPQM
MsRPC
mssmbios
MSTEE
NdisTapi
NdisWan
NDProxy
NETw3v32
nfrd960
Ntfs
NTIDrvr
ntrigdigi
nvraid
nvstor
nv_agp
NwlnkFlt
NwlnkFwd
ohci1394
Parport
Parvdm
pcmcia
PMUSB2G
Point32
PptpMiniport
Processor
ql2300
ql40xx
QWAVEdrv
Rasl2tp
RasPppoe
RasSstp
rdpdr
RDPWD
sbp2port
sdbus
Serenum
Serial
sermouse
sffdisk
sffp_mmc
sffp_sd
sfloppy
sisagp
SiSRaid2
SiSRaid4
SNP2UVC
sscdbus
sscdmdfl
sscdmdm
swenum
Symc8xx
Sym_hi
Sym_u3
Tcpip6
TDPIPE
TDTCP
tssecsrv
tunmp
tunnel
uagp35
udfs
UIUSys
uliagpkx
uliahci
UlSata
ulsata2
umbus
usbaudio
usbccgp
usbcir
usbehci
usbhub
usbohci
usbprint
USBSTOR
usbuhci
vga
viaagp
ViaC7
viaide
vsmraid
WacomPen
Wanarp
Wd
winachsf
WmiAcpi
WpdUsb
ws2ifsl
WUDFRd


Services - Running:

aawservice
AeLookupSvc
ALaunchService
AntiVirScheduler
AntiVirService
Appinfo
Apple
Ati
AudioEndpointBuilder
Audiosrv
BFE
BITS
Bonjour
Browser
Creative
CryptSvc
DcomLaunch
Dhcp
Dnscache
DPS
EapHost
eDataSecurity
eLockService
EMDMgmt
eNet
eRecoveryService
eSettingsService
Eventlog
EventSystem
FDResPub
gpsvc
hidserv
IAANTMON
IKEEXT
iphlpsvc
KeyIso
KtmRm
LanmanServer
LanmanWorkstation
LightScribeService
lmhosts
MMCSS
MobilityService
MpsSvc
Netman
netprofm
NlaSvc
nsi
PcaSvc
PlugPlay
PnkBstrA
PolicyAgent
ProfSvc
RasMan
RichVideo
RpcSs
SamSs
Schedule
seclogon
SENS
ShellHWDetection
slsvc
Spooler
SSDPSRV
SstpSvc
stisvc
SysMain
TabletInputService
TapiSrv
TermService
Themes
TrkWks
upnphost
usnjsvc
UxSms
W32Time
WdiSystemHost
WebClient
WerSvc
WinDefend
WinHttpAutoProxySvc
Winmgmt
Wlansvc
WMIService
WPDBusEnum
wscsvc
WSearch
wuauserv
wudfsvc
XAudioService


Services - Stopped:

ALG
AresChatServer
aspnet_state
CertPropSvc
clr_optimization_v2.0.50727_32
CLTNetCnService
COMSysApp
DFSR
dot3svc
ehRecvr
ehSched
ehstart
fdPHost
FontCache3.0.0.0
gusvc
hkmsvc
idsvc
IPBusEnum
iPod
lltdsvc
Mcx2Svc
MSDTC
MSiSCSI
msiserver
napagent
Netlogon
NetTcpPortSharing
odserv
ose
p2pimsvc
p2psvc
pla
PNRPAutoReg
PNRPsvc
ProtectedStorage
QWAVE
RasAuto
RemoteAccess
RemoteRegistry
RpcLocator
SCardSvr
SCPolicySvc
SDRSVC
SessionEnv
SharedAccess
SLUINotify
SNMPTRAP
Steam
swprv
TBS
THREADORDER
TrustedInstaller
UI0Detect
vds
VSS
wcncsvc
WcsPlugInService
WdiServiceHost
Wecsvc
wercplsupport
WinRM
wmiApSrv
WMPNetworkSvc
WPCSvc


Files Created/Modified - 60 Days:


C:\

9 Nov 2008 14:37:22 2 145 402 880 A.SH. "C:\hiberfil.sys"
9 Nov 2008 14:37:22 2 459 201 536 A.SH. "C:\pagefile.sys"


C:\Windows\

9 Nov 2008 14:37:24 67 584 A.S.. "C:\Windows\bootstat.dat"
8 Nov 2008 13:40:46 110 A.... "C:\Windows\ERDNT\CFrecovery.bat"
5 Oct 2008 20:46:18 86 016 A.... "C:\Windows\inf\infpub.dat"
5 Oct 2008 20:46:18 143 360 A.... "C:\Windows\inf\infstor.dat"
5 Oct 2008 20:46:18 143 360 A.... "C:\Windows\inf\infstrng.dat"
18 Sep 2008 5:56:04 147 456 A.... "C:\Windows\System32\Faultrep.dll"
16 Oct 2008 19:52:54 314 616 A.... "C:\Windows\System32\FNTCACHE.DAT"
2 Oct 2008 4:49:16 6 068 736 A.... "C:\Windows\System32\ieframe.dll"
2 Oct 2008 4:49:16 270 336 A.... "C:\Windows\System32\iertutil.dll"
2 Oct 2008 4:49:16 28 160 A.... "C:\Windows\System32\jsproxy.dll"
7 Oct 2008 20:19:40 16 721 856 A.... "C:\Windows\System32\mrt.exe"
2 Oct 2008 4:49:16 3 578 880 A.... "C:\Windows\System32\mshtml.dll"
2 Oct 2008 4:49:18 671 232 A.... "C:\Windows\System32\mstime.dll"
16 Oct 2008 5:47:34 466 944 A.... "C:\Windows\System32\netapi32.dll"
18 Sep 2008 6:09:12 3 601 464 A.... "C:\Windows\System32\ntkrnlpa.exe"
18 Sep 2008 6:09:10 3 549 240 A.... "C:\Windows\System32\ntoskrnl.exe"
9 Nov 2008 13:15:04 105 276 A.... "C:\Windows\System32\perfc009.dat"
9 Nov 2008 13:15:04 128 418 A.... "C:\Windows\System32\perfc00C.dat"
9 Nov 2008 13:15:04 595 946 A.... "C:\Windows\System32\perfh009.dat"
9 Nov 2008 13:15:04 679 418 A.... "C:\Windows\System32\perfh00C.dat"
12 Sep 2008 16:06:44 103 736 A.... "C:\Windows\System32\PnkBstrB.exe"
2 Oct 2008 4:49:20 1 166 336 A.... "C:\Windows\System32\urlmon.dll"
18 Sep 2008 5:56:08 125 952 A.... "C:\Windows\System32\wersvc.dll"
18 Sep 2008 3:16:30 2 032 640 A.... "C:\Windows\System32\win32k.sys"
2 Oct 2008 4:49:20 827 392 A.... "C:\Windows\System32\wininet.dll"
9 Nov 2008 14:37:32 6 A..H. "C:\Windows\Tasks\SA.DAT"
12 Sep 2008 16:06:50 22 328 A.... "C:\Windows\System32\drivers\PnkBstrK.sys"
16 Oct 2008 11:13:26 827 392 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18148_none_01c5b803a1ec4989_wininet.dll_790e2e3a"
11 Sep 2008 9:51:02 36 864 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-lddmcore_31bf3856ad364e35_6.0.6001.18114_none_abc1cbc0e39143f0_cdd.dll_01f58cd5"
11 Sep 2008 9:51:08 1 823 232 A.... "C:\Windows\winsxs\Backup\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.6001.18065_none_8dcc2d1362c70bc9_gdiplus.dll_423f7010"
16 Oct 2008 11:14:10 3 549 240 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18145_none_6c0a2548b43efe06_ntoskrnl.exe_0fb0ab79"
11 Sep 2008 9:51:08 1 748 992 A.... "C:\Windows\winsxs\Backup\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222_gdiplus.dll_423f7010"
16 Oct 2008 11:14:10 3 601 464 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18145_none_6c0a2548b43efe06_ntkrnlpa.exe_165c312a"
11 Sep 2008 9:51:02 625 152 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-lddmcore_31bf3856ad364e35_6.0.6001.18114_none_abc1cbc0e39143f0_dxgkrnl.sys_8aad3dfb"
25 Oct 2008 11:11:32 466 944 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-netapi32_31bf3856ad364e35_6.0.6001.18157_none_8d050f6301b2186f_netapi32.dll_8b1e859a"
16 Oct 2008 11:18:44 2 032 640 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18145_none_b8cd3d629aa2b55e_win32k.sys_0d7a6fb3"
16 Oct 2008 11:13:26 3 578 880 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18148_none_131fd7222242b2bf_mshtml.dll_fab8f891"
16 Oct 2008 11:13:26 180 736 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.18148_none_647f3125ae3840ec_ieui.dll_f0fcf806"
16 Oct 2008 11:13:26 6 068 736 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.18148_none_647f3125ae3840ec_ieframe.dll_c6cbe33f"
16 Oct 2008 11:13:28 1 166 336 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6001.18148_none_b4bfdc61d6e322f6_urlmon.dll_95c89473"
16 Oct 2008 11:13:26 28 160 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18148_none_01c5b803a1ec4989_jsproxy.dll_3cc8d651"
16 Oct 2008 11:13:26 64 512 A.... "C:\Windows\winsxs\Backup\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18148_none_01c5b803a1ec4989_wininetplugin.dll_f2ff35f9"
2 Oct 2008 4:27:56 477 696 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.20927_none_46bdad865f65b75e\mshtmled.dll"
18 Sep 2008 5:54:46 3 601 976 A.... "C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22269_none_6c822363cd693b0e\ntkrnlpa.exe"
18 Sep 2008 5:54:50 3 549 752 A.... "C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22269_none_6c822363cd693b0e\ntoskrnl.exe"
16 Oct 2008 5:38:28 466 944 A.... "C:\Windows\winsxs\x86_microsoft-windows-netapi32_31bf3856ad364e35_6.0.6001.22288_none_8d6f3cb41ae72563\netapi32.dll"
15 Sep 2008 23:28:36 2 413 072 A.... "C:\Windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.20919_none_f129aec387715c4e\OESpamFilter.dat"
20 Sep 2008 2:13:22 2 029 568 A.... "C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.20922_none_b7833c67b68c3d77\win32k.sys"
2 Oct 2008 4:34:50 1 166 848 A.... "C:\Windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6001.22278_none_b5290968f0191693\urlmon.dll"
20 Sep 2008 5:00:24 147 456 A.... "C:\Windows\winsxs\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_6.0.6001.22271_none_70460c29561ecb18\Faultrep.dll"
20 Sep 2008 5:00:18 217 088 A.... "C:\Windows\winsxs\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_6.0.6001.22271_none_70460c29561ecb18\WerFault.exe"
20 Sep 2008 5:00:18 860 160 A.... "C:\Windows\winsxs\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_6.0.6001.22271_none_70460c29561ecb18\WerFaultSecure.exe"
2 Oct 2008 4:25:50 124 928 A.... "C:\Windows\winsxs\x86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.20927_none_aa6029990ed1805a\advpack.dll"
2 Oct 2008 4:49:04 52 736 A.... "C:\Windows\winsxs\x86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.16757_none_29e0813e6824c817\iebrshim.dll"
2 Oct 2008 2:18:56 263 168 A.... "C:\Windows\winsxs\x86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.20927_none_e7309d3dada34feb\ieinstal.exe"
2 Oct 2008 4:49:04 383 488 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16757_none_f97ccc016eba3585\ieapfltr.dll"
2 Oct 2008 4:28:22 671 232 A.... "C:\Windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6000.20927_none_df5a6ac398739d2c\mstime.dll"
2 Oct 2008 4:48:34 301 568 A.... "C:\Windows\winsxs\x86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.16757_none_0b2ec3e4d718c67f\ieuser.exe"
2 Oct 2008 4:34:48 671 232 A.... "C:\Windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6001.22278_none_e10b983195c1d602\mstime.dll"
2 Oct 2008 4:30:08 44 544 A.... "C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.20927_none_ec5b33482f6a6659\pngfilt.dll"
2 Oct 2008 4:27:56 3 594 752 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20927_none_11d7d6bb3e2a6d86\mshtml.dll"
15 Sep 2008 23:29:56 2 413 072 A.... "C:\Windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.18143_none_f25fdd386b980c17\OESpamFilter.dat"
2 Oct 2008 4:49:04 3 593 216 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16757_none_112dc84625252468\mshtml.dll"
2 Oct 2008 4:49:02 124 928 A.... "C:\Windows\winsxs\x86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.16757_none_a9b61b23f5cc373c\advpack.dll"
2 Oct 2008 4:34:48 28 160 A.... "C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22278_none_022ee50abb223d26\jsproxy.dll"
2 Oct 2008 4:34:50 827 904 A.... "C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22278_none_022ee50abb223d26\wininet.dll"
2 Oct 2008 4:34:50 64 512 A.... "C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22278_none_022ee50abb223d26\WininetPlugin.dll"
20 Sep 2008 5:00:28 125 952 A.... "C:\Windows\winsxs\x86_microsoft-windows-feedback-service_31bf3856ad364e35_6.0.6001.22271_none_7a0ae2e8aa3b1988\wersvc.dll"
16 Oct 2008 5:47:34 466 944 A.... "C:\Windows\winsxs\x86_microsoft-windows-netapi32_31bf3856ad364e35_6.0.6001.18157_none_8d050f6301b2186f\netapi32.dll"
16 Oct 2008 5:22:28 425 984 A.... "C:\Windows\winsxs\x86_microsoft-windows-netapi32_31bf3856ad364e35_6.0.6000.20937_none_8bbe0f461d98ec8d\netapi32.dll"
18 Sep 2008 5:35:06 3 505 208 A.... "C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16754_none_6a18166cb7216faf\ntkrnlpa.exe"
18 Sep 2008 5:35:08 3 470 904 A.... "C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16754_none_6a18166cb7216faf\ntoskrnl.exe"
2 Oct 2008 4:48:34 263 168 A.... "C:\Windows\winsxs\x86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.16757_none_e6868ec8949e06cd\ieinstal.exe"
2 Oct 2008 4:49:06 44 544 A.... "C:\Windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16757_none_ebb124d316651d3b\pngfilt.dll"
2 Oct 2008 4:49:16 6 068 736 A.... "C:\Windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.18148_none_647f3125ae3840ec\ieframe.dll"
18 Sep 2008 3:03:08 2 027 520 A.... "C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16754_none_b6db2e869d852707\win32k.sys"
2 Oct 2008 4:49:04 6 066 176 A.... "C:\Windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.16757_none_628d2249b11ab295\ieframe.dll"
2 Oct 2008 4:49:04 180 736 A.... "C:\Windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.16757_none_628d2249b11ab295\ieui.dll"
2 Oct 2008 4:49:06 671 232 A.... "C:\Windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6000.16757_none_deb05c4e7f6e540e\mstime.dll"
2 Oct 2008 4:49:04 267 776 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.16757_none_458e60038f7fd98f\iertutil.dll"
2 Oct 2008 4:49:08 134 144 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.16757_none_458e60038f7fd98f\sqmapi.dll"
2 Oct 2008 4:49:16 270 336 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.18148_none_47806edf8c9d67e6\iertutil.dll"
2 Oct 2008 2:18:34 70 656 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20927_none_c46579437a7a3bd8\ie4uinit.exe"
2 Oct 2008 4:26:50 44 544 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20927_none_c46579437a7a3bd8\iernonce.dll"
2 Oct 2008 4:26:50 56 320 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20927_none_c46579437a7a3bd8\iesetup.dll"
2 Oct 2008 2:18:44 26 624 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20927_none_2df6c42835ff7333\ieUnatt.exe"
2 Oct 2008 4:32:02 633 632 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20927_none_2df6c42835ff7333\iexplore.exe"
2 Oct 2008 4:26:48 380 928 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.20927_none_fa26da7687bf7ea3\ieapfltr.dll"
2 Oct 2008 2:18:58 301 568 A.... "C:\Windows\winsxs\x86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.20927_none_0bd8d259f01e0f9d\ieuser.exe"
2 Oct 2008 4:34:46 6 069 760 A.... "C:\Windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.22278_none_64e85e2cc76e3489\ieframe.dll"
2 Oct 2008 4:34:46 180 736 A.... "C:\Windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.22278_none_64e85e2cc76e3489\ieui.dll"
2 Oct 2008 4:49:16 28 160 A.... "C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18148_none_01c5b803a1ec4989\jsproxy.dll"
2 Oct 2008 4:49:20 827 392 A.... "C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18148_none_01c5b803a1ec4989\wininet.dll"
2 Oct 2008 4:26:50 267 776 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.20927_none_46386e78a88522ad\iertutil.dll"
2 Oct 2008 4:30:32 134 144 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.20927_none_46386e78a88522ad\sqmapi.dll"
2 Oct 2008 4:48:34 70 656 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16757_none_c3bb6ace6174f2ba\ie4uinit.exe"
2 Oct 2008 4:49:04 44 544 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16757_none_c3bb6ace6174f2ba\iernonce.dll"
2 Oct 2008 4:49:04 56 320 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16757_none_c3bb6ace6174f2ba\iesetup.dll"
2 Oct 2008 4:34:46 270 848 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.22278_none_47e99be6a5d35b83\iertutil.dll"
2 Oct 2008 4:34:50 129 536 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.22278_none_47e99be6a5d35b83\sqmapi.dll"
18 Sep 2008 6:09:12 3 601 464 A.... "C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18145_none_6c0a2548b43efe06\ntkrnlpa.exe"
18 Sep 2008 6:09:10 3 549 240 A.... "C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18145_none_6c0a2548b43efe06\ntoskrnl.exe"
16 Oct 2008 5:40:38 425 472 A.... "C:\Windows\winsxs\x86_microsoft-windows-netapi32_31bf3856ad364e35_6.0.6000.16764_none_8b10fff30496576a\netapi32.dll"
18 Sep 2008 5:56:08 125 952 A.... "C:\Windows\winsxs\x86_microsoft-windows-feedback-service_31bf3856ad364e35_6.0.6001.18145_none_79a5b70991018b47\wersvc.dll"
15 Sep 2008 23:27:42 2 413 072 A.... "C:\Windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.22267_none_f2d7db5384c2491f\OESpamFilter.dat"
18 Sep 2008 3:16:30 2 032 640 A.... "C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18145_none_b8cd3d629aa2b55e\win32k.sys"
2 Oct 2008 4:34:48 3 579 392 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22278_none_138904293b78a65c\mshtml.dll"
15 Sep 2008 23:29:32 2 413 072 A.... "C:\Windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.16752_none_f06dce5c6e7a7dc0\OESpamFilter.dat"
2 Oct 2008 4:49:04 27 648 A.... "C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16757_none_ffd3a927a4cebb32\jsproxy.dll"
2 Oct 2008 4:49:08 826 368 A.... "C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16757_none_ffd3a927a4cebb32\wininet.dll"
2 Oct 2008 4:49:08 64 512 A.... "C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16757_none_ffd3a927a4cebb32\WininetPlugin.dll"
2 Oct 2008 4:26:48 52 736 A.... "C:\Windows\winsxs\x86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.20927_none_2a8a8fb3812a1135\iebrshim.dll"
2 Oct 2008 4:49:20 1 166 336 A.... "C:\Windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6001.18148_none_b4bfdc61d6e322f6\urlmon.dll"
2 Oct 2008 4:26:20 347 136 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.20927_none_965b132e9da504d1\dxtmsft.dll"
2 Oct 2008 4:26:22 214 528 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.20927_none_965b132e9da504d1\dxtrans.dll"
2 Oct 2008 4:49:04 347 136 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.16757_none_95b104b9849fbbb3\dxtmsft.dll"
2 Oct 2008 4:49:04 214 528 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.16757_none_95b104b9849fbbb3\dxtrans.dll"
2 Oct 2008 4:26:48 63 488 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-infocard_31bf3856ad364e35_6.0.6000.20927_none_59304385803ef98f\icardie.dll"
2 Oct 2008 4:26:50 6 068 224 A.... "C:\Windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.20927_none_633730beca1ffbb3\ieframe.dll"
2 Oct 2008 4:26:50 180 736 A.... "C:\Windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.20927_none_633730beca1ffbb3\ieui.dll"
2 Oct 2008 4:49:08 1 159 680 A.... "C:\Windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.16757_none_b2cdcd85d9c5949f\urlmon.dll"
2 Oct 2008 4:48:34 26 624 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16757_none_2d4cb5b31cfa2a15\ieUnatt.exe"
2 Oct 2008 4:50:02 633 632 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16757_none_2d4cb5b31cfa2a15\iexplore.exe"
2 Oct 2008 4:49:18 671 232 A.... "C:\Windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6001.18148_none_e0a26b2a7c8be265\mstime.dll"
20 Sep 2008 2:21:52 2 033 152 A.... "C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22271_none_b9326941b3dc439f\win32k.sys"
2 Oct 2008 4:30:38 1 162 752 A.... "C:\Windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.20927_none_b377dbfaf2caddbd\urlmon.dll"
2 Oct 2008 4:27:02 27 648 A.... "C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20927_none_007db79cbdd40450\jsproxy.dll"
2 Oct 2008 4:30:46 827 904 A.... "C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20927_none_007db79cbdd40450\wininet.dll"
2 Oct 2008 4:30:46 64 512 A.... "C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20927_none_007db79cbdd40450\WininetPlugin.dll"
18 Sep 2008 5:27:46 3 506 744 A.... "C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20921_none_6abf2403d0296cc8\ntkrnlpa.exe"
18 Sep 2008 5:27:46 3 472 952 A.... "C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20921_none_6abf2403d0296cc8\ntoskrnl.exe"
18 Sep 2008 5:56:04 147 456 A.... "C:\Windows\winsxs\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_6.0.6001.18145_none_6fe0e04a3ce53cd7\Faultrep.dll"
2 Oct 2008 4:49:16 3 578 880 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18148_none_131fd7222242b2bf\mshtml.dll"
2 Oct 2008 4:49:04 477 696 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.16757_none_46139f1146606e40\mshtmled.dll"
2 Oct 2008 4:49:04 63 488 A.... "C:\Windows\winsxs\x86_microsoft-windows-ie-infocard_31bf3856ad364e35_6.0.6000.16757_none_588635106739b071\icardie.dll"
5 Oct 2008 4:16:26 235 936 A...R "C:\Windows\System32\Macromed\Flash\FlashUtil10a.exe"
5 Nov 2008 12:26:06 88 590 A.... "C:\Windows\System32\Macromed\Flash\uninstall_activeX.exe"
5 Oct 2008 4:16:26 235 936 A...R "C:\Windows\System32\Macromed\Flash\FlashUtil10a.exe"
5 Nov 2008 12:26:06 88 590 A.... "C:\Windows\System32\Macromed\Flash\uninstall_activeX.exe"
8 Nov 2008 14:35:18 212 992 A.... "C:\Windows\ERDNT\Hiv-backup\Users\00000001\ntuser.dat"
8 Nov 2008 14:35:18 212 992 A.... "C:\Windows\ERDNT\Hiv-backup\Users\00000002\ntuser.dat"
8 Nov 2008 14:35:18 3 416 064 A.... "C:\Windows\ERDNT\Hiv-backup\Users\00000003\ntuser.dat"
8 Nov 2008 14:35:18 4 599 808 A.... "C:\Windows\ERDNT\Hiv-backup\Users\00000004\UsrClass.dat"
1 Oct 2008 12:01:28 32 000 A.... "C:\Windows\System32\DriverStore\FileRepository\usbaapl.inf_3c16a04b\usbaapl.sys"
3 Nov 2008 2:09:42 6 553 600 A.... "C:\Windows\System32\SMI\Store\Machine\schema.dat"
12 Sep 2008 2:57:34 6 291 456 A.... "C:\Windows\System32\SMI\Store\Machine\schema.dat_previous"
3 Nov 2008 2:09:42 524 288 A.SH. "C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT{3a53986d-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms"


C:\Program Files\

17 Oct 2008 18:44:22 53 618 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\aebb.dll"
8 Nov 2008 0:30:36 172 405 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\aecore.dll"
17 Oct 2008 18:44:28 393 588 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeemu.dll"
8 Nov 2008 0:30:38 319 859 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\aegen.dll"
8 Nov 2008 0:30:40 119 157 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\aehelp.dll"
8 Nov 2008 0:30:50 1 487 222 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeheur.dll"
8 Nov 2008 0:30:54 196 986 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeoffice.dll"
5 Nov 2008 17:54:46 393 591 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\aepack.dll"
5 Nov 2008 17:54:48 438 645 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\aerdl.dll"
8 Nov 2008 0:30:56 123 251 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\aescn.dll"
5 Nov 2008 17:54:50 332 156 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\aescript.dll"
8 Nov 2008 0:30:56 2 155 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeset.dat"
17 Oct 2008 18:44:44 102 772 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\aevdf.dll"
23 Oct 2008 19:08:18 151 297 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe"
23 Oct 2008 19:08:20 16 933 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\build.dat"
23 Oct 2008 19:08:18 229 633 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\fact.exe"
23 Oct 2008 19:08:20 23 297 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\factrc.dll"
23 Oct 2008 19:08:20 68 865 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe"
10 Oct 2008 18:14:32 87 288 A.... "C:\Program Files\Common Files\Steam\SteamService.exe"
29 Oct 2008 16:22:56 1 991 424 A.... "C:\Program Files\InstallShield Installation Information\{0405E51E-9582-4207-8F38-AC44201D3808}\ISSetup.dll"
29 Oct 2008 16:20:56 294 912 A.... "C:\Program Files\InstallShield Installation Information\{0405E51E-9582-4207-8F38-AC44201D3808}\setup.exe"
30 Sep 2008 10:27:16 611 664 A.... "C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe"
30 Sep 2008 10:27:20 804 200 A.... "C:\Program Files\Lavasoft\Ad-Aware\CEAPI.dll"
4 Oct 2008 21:48:24 3 085 632 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\agcore.dll"
4 Oct 2008 21:48:24 3 076 424 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\coreclr.dll"
4 Oct 2008 21:48:24 236 384 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\Microsoft.VisualBasic.dll"
4 Oct 2008 21:48:24 1 461 064 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\mscorlib.dll"
4 Oct 2008 21:48:24 11 080 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\mscorrc.dll"
4 Oct 2008 21:48:24 783 168 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\npctrl.dll"
4 Oct 2008 21:48:24 132 936 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\npctrlui.dll"
4 Oct 2008 21:48:24 783 168 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\npctrl.1.0.20813.0.dll"
4 Oct 2008 21:48:24 148 336 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\Silverlight.ConfigurationUI.dll"
4 Oct 2008 21:48:24 268 136 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\Silverlight.Configuration.exe"
4 Oct 2008 21:48:24 76 648 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\System.ServiceModel.Web.dll"
4 Oct 2008 21:48:24 162 632 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\System.Net.dll"
4 Oct 2008 21:48:24 342 880 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\System.ServiceModel.dll"
4 Oct 2008 21:48:24 289 648 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\System.Runtime.Serialization.dll"
4 Oct 2008 21:48:24 236 352 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\system.dll"
4 Oct 2008 21:48:24 138 080 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\System.Windows.Browser.dll"
4 Oct 2008 21:48:24 789 328 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\System.Windows.dll"
4 Oct 2008 21:48:24 326 472 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\System.Xml.dll"
4 Oct 2008 21:48:24 289 616 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\System.Core.dll"
26 Sep 2008 19:02:50 234 576 A.... "C:\Program Files\Veoh Networks\Veoh\BsSndRpt.exe"
26 Sep 2008 19:02:50 227 408 A.... "C:\Program Files\Veoh Networks\Veoh\BugSplat.dll"
26 Sep 2008 19:02:50 41 040 A.... "C:\Program Files\Veoh Networks\Veoh\BugSplatRc.dll"
26 Sep 2008 19:02:50 234 576 A.... "C:\Program Files\Veoh Networks\Veoh\BsSndRpt.exe"
26 Sep 2008 19:02:50 227 408 A.... "C:\Program Files\Veoh Networks\Veoh\BugSplat.dll"
26 Sep 2008 19:02:50 41 040 A.... "C:\Program Files\Veoh Networks\Veoh\BugSplatRc.dll"
26 Sep 2008 19:02:50 986 112 A.... "C:\Program Files\Veoh Networks\Veoh\dbghelp.dll"
26 Sep 2008 19:14:06 3 660 848 A.... "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"
17 Oct 2008 18:44:22 53 618 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\FAILSAFE\aebb.dll"
8 Nov 2008 0:30:36 172 405 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\FAILSAFE\aecore.dll"
17 Oct 2008 18:44:28 393 588 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\FAILSAFE\aeemu.dll"
8 Nov 2008 0:30:38 319 859 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\FAILSAFE\aegen.dll"
8 Nov 2008 0:30:40 119 157 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\FAILSAFE\aehelp.dll"
8 Nov 2008 0:30:50 1 487 222 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\FAILSAFE\aeheur.dll"
8 Nov 2008 0:30:54 196 986 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\FAILSAFE\aeoffice.dll"
5 Nov 2008 17:54:46 393 591 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\FAILSAFE\aepack.dll"
5 Nov 2008 17:54:48 438 645 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\FAILSAFE\aerdl.dll"
8 Nov 2008 0:30:56 123 251 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\FAILSAFE\aescn.dll"
5 Nov 2008 17:54:50 332 156 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\FAILSAFE\aescript.dll"
8 Nov 2008 0:30:56 2 155 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\FAILSAFE\aeset.dat"
17 Oct 2008 18:44:44 102 772 A.... "C:\Program Files\Avira\AntiVir PersonalEdition Classic\FAILSAFE\aevdf.dll"
4 Oct 2008 21:48:24 11 128 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\de\Microsoft.VisualBasic.resources.dll"
4 Oct 2008 21:48:24 11 608 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\de\mscorlib.resources.dll"
4 Oct 2008 21:48:24 11 592 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\de\mscorrc.dll"
4 Oct 2008 21:48:24 11 096 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\de\system.resources.dll"
4 Oct 2008 21:48:24 11 128 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\es\Microsoft.VisualBasic.resources.dll"
4 Oct 2008 21:48:24 11 608 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\es\mscorlib.resources.dll"
4 Oct 2008 21:48:24 11 080 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\es\mscorrc.dll"
4 Oct 2008 21:48:24 11 608 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\es\system.resources.dll"
4 Oct 2008 21:48:24 11 128 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\fr\Microsoft.VisualBasic.resources.dll"
4 Oct 2008 21:48:24 11 608 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\fr\mscorlib.resources.dll"
4 Oct 2008 21:48:24 11 080 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\fr\mscorrc.dll"
4 Oct 2008 21:48:24 11 608 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\fr\system.resources.dll"
4 Oct 2008 21:48:24 11 128 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\it\Microsoft.VisualBasic.resources.dll"
4 Oct 2008 21:48:24 11 608 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\it\mscorlib.resources.dll"
4 Oct 2008 21:48:24 11 080 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\it\mscorrc.dll"
4 Oct 2008 21:48:24 11 608 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\it\system.resources.dll"
4 Oct 2008 21:48:24 11 128 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\ja\Microsoft.VisualBasic.resources.dll"
4 Oct 2008 21:48:24 11 608 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\ja\mscorlib.resources.dll"
4 Oct 2008 21:48:24 11 080 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\ja\mscorrc.dll"
4 Oct 2008 21:48:24 11 608 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\ja\system.resources.dll"
4 Oct 2008 21:48:24 11 128 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\ko\Microsoft.VisualBasic.resources.dll"
4 Oct 2008 21:48:24 11 608 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\ko\mscorlib.resources.dll"
4 Oct 2008 21:48:24 11 080 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\ko\mscorrc.dll"
4 Oct 2008 21:48:24 11 096 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\ko\system.resources.dll"
4 Oct 2008 21:48:24 11 128 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\zh-Hans\Microsoft.VisualBasic.resources.dll"
4 Oct 2008 21:48:24 11 608 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\zh-Hans\mscorlib.resources.dll"
4 Oct 2008 21:48:24 10 568 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\zh-Hans\mscorrc.dll"
4 Oct 2008 21:48:24 10 584 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\zh-Hans\system.resources.dll"
4 Oct 2008 21:48:24 11 128 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\zh-Hant\Microsoft.VisualBasic.resources.dll"
4 Oct 2008 21:48:24 11 608 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\zh-Hant\mscorlib.resources.dll"
4 Oct 2008 21:48:24 10 568 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\zh-Hant\mscorrc.dll"
4 Oct 2008 21:48:24 11 608 A.... "C:\Program Files\Microsoft Silverlight\2.0.31005.0\zh-Hant\system.resources.dll"
26 Sep 2008 19:02:32 587 A.... "C:\Program Files\Veoh Networks\Veoh\Html\loading.html"
26 Sep 2008 19:02:32 781 A.... "C:\Program Files\Veoh Networks\Veoh\Html\no_connection.html"
1 Oct 2008 12:06:12 275 912 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileBackup.exe"
1 Oct 2008 12:06:16 153 984 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe"
1 Oct 2008 12:06:20 267 400 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileSync.exe"
1 Oct 2008 12:06:14 116 040 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
1 Oct 2008 12:06:22 65 480 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncUIHandler.exe"
1 Oct 2008 12:01:34 1 194 248 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\CoreFoundation.dll"
10 Sep 2008 15:50:40 46 056 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\defaults.exe"
10 Sep 2008 15:45:26 135 544 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\DeviceLink.dll"
1 Oct 2008 12:06:26 15 376 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe"
1 Oct 2008 12:06:28 19 064 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\EventFixer.exe"
10 Sep 2008 15:45:28 2 800 850 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\Foundation.dll"
1 Oct 2008 12:06:30 51 216 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\gconsync.exe"
1 Oct 2008 12:01:40 656 801 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\GoogleContactSync.dll"
1 Oct 2008 12:05:08 7 348 094 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\icudt36.dll"
1 Oct 2008 12:05:08 863 707 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\icuin36.dll"
1 Oct 2008 12:05:08 985 379 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\icuuc36.dll"
10 Sep 2008 15:50:52 133 480 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\IESyncClient.exe"
1 Oct 2008 12:02:06 1 011 634 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\ISSupport.dll"
1 Oct 2008 12:02:14 1 191 936 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll"
1 Oct 2008 12:05:26 645 738 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\libobjc.i386.A.dll"
10 Sep 2008 15:49:08 1 029 774 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\libxml2.dll"
1 Oct 2008 12:05:24 151 040 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\libxslt.dll"
1 Oct 2008 12:06:38 236 920 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\MDCrashReportTool.exe"
1 Oct 2008 12:02:12 302 612 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\MobileDevice.dll"
10 Sep 2008 15:46:06 110 592 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\OutlookChangeNotifierAddIn.dll"
10 Sep 2008 15:51:00 95 560 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\OutlookSyncClient.exe"
1 Oct 2008 12:02:18 742 343 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\OutlookSyncClientHelper.dll"
10 Sep 2008 15:51:02 109 496 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SafariSyncClient.exe"
10 Sep 2008 15:49:16 400 896 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\sqlite3.dll"
1 Oct 2008 12:06:54 28 472 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncDiagnostics.exe"
1 Oct 2008 12:07:00 24 488 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\syncli.exe"
1 Oct 2008 12:06:56 26 104 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncPlanObserver.exe"
1 Oct 2008 12:04:30 1 441 693 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncServices.dll"
1 Oct 2008 12:06:58 518 120 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncServer.exe"
1 Oct 2008 12:04:30 187 187 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncServicesUI.dll"
1 Oct 2008 12:05:12 233 472 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.dll"
1 Oct 2008 12:05:14 34 141 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUIHandler.dll"
1 Oct 2008 12:07:04 1 097 528 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\upgradedb.exe"
10 Sep 2008 15:51:24 150 864 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\WindowsContactsSync.exe"
10 Sep 2008 15:51:28 100 800 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\WindowsMailSync.exe"
10 Sep 2008 15:51:32 1 866 752 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\YahooSync.exe"
10 Sep 2008 15:48:52 18 267 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\YSFileShim.dll"
1 Oct 2008 12:01:28 32 000 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\Drivers\usbaapl.sys"
1 Oct 2008 12:06:12 275 912 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileBackup.exe"
1 Oct 2008 12:06:16 153 984 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe"
1 Oct 2008 12:06:20 267 400 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileSync.exe"
1 Oct 2008 12:06:14 116 040 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
1 Oct 2008 12:06:22 65 480 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncUIHandler.exe"
1 Oct 2008 12:01:34 1 194 248 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\CoreFoundation.dll"
10 Sep 2008 15:50:40 46 056 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\defaults.exe"
10 Sep 2008 15:45:26 135 544 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\DeviceLink.dll"
1 Oct 2008 12:06:26 15 376 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe"
1 Oct 2008 12:06:28 19 064 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\EventFixer.exe"
10 Sep 2008 15:45:28 2 800 850 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\Foundation.dll"
1 Oct 2008 12:06:30 51 216 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\gconsync.exe"
1 Oct 2008 12:01:40 656 801 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\GoogleContactSync.dll"
1 Oct 2008 12:05:08 7 348 094 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\icudt36.dll"
1 Oct 2008 12:05:08 863 707 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\icuin36.dll"
1 Oct 2008 12:05:08 985 379 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\icuuc36.dll"
10 Sep 2008 15:50:52 133 480 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\IESyncClient.exe"
1 Oct 2008 12:02:06 1 011 634 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\ISSupport.dll"
1 Oct 2008 12:02:14 1 191 936 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll"
1 Oct 2008 12:05:26 645 738 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\libobjc.i386.A.dll"
10 Sep 2008 15:49:08 1 029 774 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\libxml2.dll"
1 Oct 2008 12:05:24 151 040 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\libxslt.dll"
1 Oct 2008 12:06:38 236 920 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\MDCrashReportTool.exe"
1 Oct 2008 12:02:12 302 612 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\MobileDevice.dll"
10 Sep 2008 15:46:06 110 592 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\OutlookChangeNotifierAddIn.dll"
10 Sep 2008 15:51:00 95 560 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\OutlookSyncClient.exe"
1 Oct 2008 12:02:18 742 343 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\OutlookSyncClientHelper.dll"
10 Sep 2008 15:51:02 109 496 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SafariSyncClient.exe"
10 Sep 2008 15:49:16 400 896 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\sqlite3.dll"
1 Oct 2008 12:06:54 28 472 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncDiagnostics.exe"
1 Oct 2008 12:07:00 24 488 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\syncli.exe"
1 Oct 2008 12:06:56 26 104 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncPlanObserver.exe"
1 Oct 2008 12:04:30 1 441 693 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncServices.dll"
1 Oct 2008 12:06:58 518 120 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncServer.exe"
1 Oct 2008 12:04:30 187 187 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncServicesUI.dll"
1 Oct 2008 12:05:12 233 472 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.dll"
1 Oct 2008 12:05:14 34 141 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUIHandler.dll"
1 Oct 2008 12:07:04 1 097 528 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\upgradedb.exe"
10 Sep 2008 15:51:24 150 864 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\WindowsContactsSync.exe"
10 Sep 2008 15:51:28 100 800 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\WindowsMailSync.exe"
10 Sep 2008 15:51:32 1 866 752 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\YahooSync.exe"
10 Sep 2008 15:48:52 18 267 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\YSFileShim.dll"
1 Oct 2008 12:01:28 32 000 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\Drivers\usbaapl.sys"
26 Sep 2008 19:02:32 237 568 A.... "C:\Program Files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll"
26 Sep 2008 19:02:32 352 256 A.... "C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll"
26 Sep 2008 19:02:32 128 872 A.... "C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohVersion4.dll"
1 Oct 2008 12:05:16 61 440 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\da.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 61 952 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\de.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:12 60 928 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\en.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 61 952 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\es.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 61 440 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\fi.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 61 952 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\fr.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 61 952 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\it.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 60 928 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\ja.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 59 392 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\ko.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 61 440 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\nb.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 61 952 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\nl.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 61 440 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\pl.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 61 952 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\pt.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 61 952 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\pt_PT.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 61 952 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\ru.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 61 440 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\sv.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 60 928 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\zh_CN.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 60 928 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\zh_TW.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 61 440 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\da.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 61 952 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\de.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:12 60 928 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\en.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 61 952 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\es.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 61 440 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\fi.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 61 952 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\fr.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 61 952 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\it.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 60 928 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\ja.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 59 392 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\ko.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 61 440 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\nb.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 61 952 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\nl.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 61 440 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\pl.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 61 952 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\pt.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 61 952 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\pt_PT.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 61 952 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\ru.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 61 440 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\sv.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 60 928 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\zh_CN.lproj\SyncUICoreLocalized.dll"
1 Oct 2008 12:05:16 60 928 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncUICore.resources\zh_TW.lproj\SyncUICoreLocalized.dll"
10 Sep 2008 15:51:38 60 688 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\Bookmarks.syncschema\Contents\Windows\Bookmarks.exe"
10 Sep 2008 15:51:40 184 528 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\Calendars.syncschema\Contents\Windows\Calendars.exe"
10 Sep 2008 15:51:44 134 168 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\Contacts.syncschema\Contents\Windows\Contacts.exe"
10 Sep 2008 15:51:38 60 688 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\Bookmarks.syncschema\Contents\Windows\Bookmarks.exe"
10 Sep 2008 15:51:40 184 528 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\Calendars.syncschema\Contents\Windows\Calendars.exe"
10 Sep 2008 15:51:44 134 168 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServices\Schemas\Contacts.syncschema\Contents\Windows\Contacts.exe"
10 Sep 2008 15:51:34 719 232 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\YahooSync.app\Contents\Resources\Formatter.bundle\Contents\Windows\Formatter.exe"
10 Sep 2008 15:51:34 719 232 A.... "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\YahooSync.app\Contents\Resources\Formatter.bundle\Contents\Windows\Formatter.exe"


Files with hidden attributes:

Sat 8 Nov 2008 524,288 A.SH. --- "C:\Users\Default\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms"
Thu 2 Nov 2006 524,288 A.SH. --- "C:\Users\Default\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms"
Thu 9 Oct 2008 524,288 A.SH. --- "C:\Users\Flo\ntuser.dat{0a26839e-9513-11dd-b33d-93bc71edf493}.TMContainer00000000000000000002.regtrans-ms"
Sun 9 Nov 2008 524,288 A.SH. --- "C:\Users\Flo\ntuser.dat{0a26839e-9513-11dd-b33d-93bc71edf493}.TMContainer00000000000000000001.regtrans-ms"
Fri 13 Jun 2008 524,288 A.SH. --- "C:\Users\Flo\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms"
Sun 19 Aug 2007 524,288 A.SH. --- "C:\Users\Flo\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms"
Tue 15 Jul 2008 524,288 A.SH. --- "C:\Users\Flo\ntuser.dat{d52db398-4ec0-11dd-b479-0019d2c4c165}.TMContainer00000000000000000001.regtrans-ms"
Thu 10 Jul 2008 524,288 A.SH. --- "C:\Users\Flo\ntuser.dat{d52db398-4ec0-11dd-b479-0019d2c4c165}.TMContainer00000000000000000002.regtrans-ms"
Wed 10 Jan 2001 1,024 A..HR --- "C:\Windows\System32\NTIBUN4.dll"
Wed 10 Jan 2001 1,024 ...HR --- "C:\Users\Public\Documents\NTICDMK7.dll"
Wed 10 Jan 2001 1,024 A..HR --- "C:\Users\Public\Documents\NTIMP3.dll"
Wed 10 Jan 2001 1,024 A..HR --- "C:\Users\Public\Documents\NTIMPEG2.dll"
Sat 17 Nov 2007 4,348 A.SH. --- "C:\ProgramData\Microsoft\Windows\DRM\DRMv1.bak"
Sat 11 Oct 2008 0 A.SH. --- "C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv01.tmp"
Sat 17 Nov 2007 4,348 A.SH. --- "C:\Users\All Users\Microsoft\Windows\DRM\DRMv1.bak"
Mon 3 Nov 2008 524,288 A.SH. --- "C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT{3a53986d-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms"
Thu 2 Nov 2006 524,288 A.SH. --- "C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT{3a53986d-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms"
Sat 11 Oct 2008 0 A.SH. --- "C:\Users\All Users\Microsoft\Windows\DRM\Cache\Indiv01.tmp"
Sun 9 Nov 2008 524,288 A.SH. --- "C:\Users\Flo\AppData\Local\Microsoft\Windows\UsrClass.dat{ca5a5079-4de2-11dc-8de3-0019d2c4c165}.TMContainer00000000000000000001.regtrans-ms"
Sun 19 Aug 2007 524,288 A.SH. --- "C:\Users\Flo\AppData\Local\Microsoft\Windows\UsrClass.dat{ca5a5079-4de2-11dc-8de3-0019d2c4c165}.TMContainer00000000000000000002.regtrans-ms"
Sun 11 May 2008 2,834 ...HR --- "C:\Users\Flo\AppData\Roaming\SecuROM\UserData\securom_v7_01.bak"
Mon 12 Feb 2007 3,096,576 A..H. --- "C:\Users\Flo\AppData\Roaming\U3\temp\Launchpad Removal.exe"
Wed 2 Nov 2005 15,043 A..H. --- "C:\Users\Flo\AppData\Local\Microsoft\Windows\GameExplorer\GamesBoxArt\BITBBE3.tmp"


Program Folders:

C:\Program Files\

Acer Arcade Deluxe
Advanced Encryption Plug-in Pro for Explorer
Apoint2K
Ares
ATI Technologies
Avira
Bonjour
Common Files
Creative
CyberLink
Fichiers communs
InstallShield Installation Information
Intel
Internet Explorer
Java
K-Lite Codec Pack
Launch Manager
Lavasoft
Microsoft IntelliPoint
Microsoft Silverlight
Movie Maker
MSN Messenger
Reference Assemblies
Veoh Networks
Windows Calendar
Windows Collaboration
Windows Defender
Windows Journal
Windows Mail
Windows Media Player
Windows NT
Windows Photo Gallery
Windows Sidebar
WinRAR

C:\Program Files\Common Files\

Adobe
Apple
Blizzard Entertainment
Creative
DESIGNER
InstallShield
Java
LightScribe
microsoft shared
muvee Technologies
NewTech Infosystems
Oberon Media
PX Storage Engine
Real
Sandlot Shared
Services
Simple Star Shared
snp2uvc
SpeechEngines
Steam
SWF Studio
Symantec Shared
System
Wise Installation Wizard
xing shared


Add/Remove Programs:

Adobe Acrobat 4.0
Adobe Flash Player 10 ActiveX
Adobe Flash Player Plugin
Adobe Shockwave Player 11
Adware Spyware Scanner Deleter version 0.2
Advanced Encryption Plug-in Pro for Windows Explorer
Age of Mythology
AGEIA PhysX v2.4.4
Avira AntiVir Personal - Free Antivirus
Ares 2.0.9
Audacity 1.2.6
Gestionnaire de disques amovible Creative
EAX Unified
Electronic Arts Game Updater
eMule
foobar2000 v0.9.5.6
Favorit
VeohTV BETA
Far Cry
Security Update for CAPICOM (KB931906)
K-Lite Codec Pack 3.4.5 Full
Microsoft .NET Framework 1.1 Hotfix (KB929729)
Mafia Game
Microsoft .NET Framework 1.1
Module linguistique Microsoft .NET Framework 3.5 SP1- fra
Microsoft .NET Framework 3.5 SP1
PunkBuster Services
RealPlayer
S.T.A.L.K.E.R. - Shadow of Chernobyl
SAMSUNG CDMA Modem Driver Set
SAMSUNG Mobile USB Modem Software
SAMSUNG Mobile USB Modem 1.0 Software
Creative System Information
VideoLAN VLC media player 0.8.6c
Archiveur WinRAR
ZENcast Organizer
MSXML4 Parser
VeohTV BETA
Steam
Medal of Honor débarquement allié
Security Update for CAPICOM (KB931906)
AutoUpdate
Saitek Drivers
OpenOffice.org 2.4
Google Toolbar for Internet Explorer
FEAR
Creative ZEN Vision M Series
Java(TM) 6 Update 3
Java(TM) 6 Update 4
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Microsoft .NET Framework 3.5 Language Pack SP1 - fra
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Apple Software Update
Microsoft Works
Panneau de configuration MobileMe
Microsoft Visual C++ 2005 Redistributable
DivX Codec
Microsoft Silverlight
Bonjour
DivX Player
QuickTime
Microsoft Office Excel MUI (French) 2007
Microsoft Office PowerPoint MUI (French) 2007
Microsoft Office Word MUI (French) 2007
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (English) 2007
Microsoft Off

Le rapport n'est pas complet.

Voici la fin désolé :


Microsoft Office Excel MUI (French) 2007
Microsoft Office PowerPoint MUI (French) 2007
Microsoft Office Word MUI (French) 2007
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Dutch) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Shared MUI (French) 2007
Microsoft Office OneNote MUI (French) 2007
Microsoft Office Home and Student 2007
GTAIII
Apple Mobile Device Support
EA.com Update
ALPS Touch Pad Driver
Adobe Reader 8.1.2 - Français
DivX Converter
DivX Web Player
Creative MediaSource 5
MSXML 4.0 SP2 (KB941833)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 3.5 SP1
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Lightroom
Far Cry
iTunes Art Importer
iTunes
Ad-Aware
Samsung PC Studio 3 USB Driver Installer
Realtek High Definition Audio Driver
Windows Live Messenger
World of Warcraft Trial


Run Values:

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"RtHDVCpl"="RtHDVCpl.exe"
"eAudio"="\"C:\\Acer\\Empowering Technology\\eAudio\\eAudio.exe\""
"eDataSecurity Loader"="C:\\Acer\\Empowering Technology\\eDataSecurity\\eDSloader.exe"
"LManager"="C:\\PROGRA~1\\LAUNCH~1\\LManager.exe"
"avgnt"="\"C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_07\\bin\\jusched.exe\""
"Apoint"="C:\\Program Files\\Apoint2K\\Apoint.exe"
"IAAnotif"="\"C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\Iaanotif.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
@=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"Sidebar"="C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"ehTray.exe"="C:\\Windows\\ehome\\ehTray.exe"
"ares"="\"C:\\Program Files\\Ares\\Ares.exe\" -h"
"Veoh"="\"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe\" /VeohHide"


Bot Check:

SERVICE_NAME: wscsvc
DISPLAY_NAME : Centre de sécurité
START_TYPE : 2 AUTO_START

SERVICE_NAME: sharedaccess
DISPLAY_NAME : Partage de connexion Internet (ICS)
START_TYPE : 2 AUTO_START

SERVICE_NAME: wuauserv
DISPLAY_NAME : Windows Update
START_TYPE : 2 AUTO_START

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole]
"EnableDCOM"="Y"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"restrictanonymous"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update]
"AUOptions"=dword:00000004

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UacDisableNotify"=dword:00000000
"InternetSettingsDisableNotify"=dword:00000000
"AutoUpdateDisableNotify"=dword:00000000
"FirewallDisableNotify"=dword:00000000
"AntiVirusOverride"=dword:00000000
"AntiSpywareOverride"=dword:00000000
"FirewallOverride"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"WaitToKillServiceTimeout"="20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"SFCDisable"=dword:00000000
"Shell"="Explorer.exe"
"Userinit"="C:\\Windows\\system32\\userinit.exe,"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shell extensions]


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters]
"TransportBindName"="\\Device\\"


ShellExecuteHooks:


Environment:


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager\environment
ComSpec REG_EXPAND_SZ %SystemRoot%\system32\cmd.exe
OS REG_SZ Windows_NT
Path REG_EXPAND_SZ %systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem
PATHEXT REG_SZ .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
TEMP REG_EXPAND_SZ %SystemRoot%\TEMP
TMP REG_EXPAND_SZ %SystemRoot%\TEMP
USERNAME REG_SZ SYSTEM
windir REG_EXPAND_SZ %SystemRoot%
CLASSPATH REG_SZ .;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
QTJAVA REG_SZ C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

SecurityProviders:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders
SecurityProviders REG_SZ credssp.dll


Authentication Packages:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0


Subsystem Startup:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems]
"Windows"="%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16"


Midi Drivers:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midi"="wdmaud.drv"
"midi2"="wdmaud.drv"
"midi1"="wdmaud.drv"


Non-Default IFEO Debugger:


Non-Default Installed Components:


Non-Default Safeboot Minimal:


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice
<NO NAME> REG_SZ Service


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\appinfo
<NO NAME> REG_SZ Service


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\keyiso
<NO NAME> REG_SZ Service


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\ntds
<NO NAME> REG_SZ Service


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\profsvc
<NO NAME> REG_SZ Service


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sacsvr
<NO NAME> REG_SZ Service


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\swprv
<NO NAME> REG_SZ Service


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\tabletinputservice
<NO NAME> REG_SZ Service


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\tbs
<NO NAME> REG_SZ Service


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\trustedinstaller
<NO NAME> REG_SZ Service


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\volmgr.sys
<NO NAME> REG_SZ Driver


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\volmgrx.sys
<NO NAME> REG_SZ Driver


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\windefend
<NO NAME> REG_SZ Service


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\{6bdd1fc1-810f-11d0-bec7-08002be2092f}
<NO NAME> REG_SZ IEEE 1394 Bus host controllers


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\{d48179be-ec20-11d1-b6b8-00c04fa372a7}
<NO NAME> REG_SZ SBP2 IEEE 1394 Devices


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}
<NO NAME> REG_SZ SecurityDevices


File Associations:


[HKEY_CLASSES_ROOT\batfile\shell\open\command]
@="\"%1\" %*"

[HKEY_CLASSES_ROOT\cmdfile\shell\open\command]
@="\"%1\" %*"

[HKEY_CLASSES_ROOT\comfile\shell\open\command]
@="\"%1\" %*"

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"
"IsolatedCommand"="\"%1\" %*"

[HKEY_CLASSES_ROOT\htafile\shell\open\command]
@="C:\\Windows\\system32\\mshta.exe \"%1\" %*"

[HKEY_CLASSES_ROOT\http\shell\open\command]
@="\"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE\" -nohome"

[HKEY_CLASSES_ROOT\htmlfile\shell\open\command]
@="\"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE\" -nohome"

[HKEY_CLASSES_ROOT\regedit\shell\open\command]
@="regedit.exe %1"

[HKEY_CLASSES_ROOT\regfile\shell\open\command]
@="regedit.exe \"%1\""

[HKEY_CLASSES_ROOT\scrfile\shell\open\command]
@="\"%1\" /S"

[HKEY_CLASSES_ROOT\txtfile\shell\open\command]
@="%SystemRoot%\system32\NOTEPAD.EXE %1"


Finished!

Lance le fichier catchme.exe dans le dossier de SDFix.
Poste le rapport.

Voici le rapport catchme.exe dans Sdfix:


catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-10 12:54:59
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:70,e2,2a,20,4f,0d,28,a0,1b,da,21,69,36,5d,1d,ed,92,89,31,05,a9,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:70,e2,2a,20,4f,0d,28,a0,1b,da,21,69,36,5d,1d,ed,92,89,31,05,a9,..

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

Salut,

Effectue la manipulation ici.

Poste le rapport obtenu dans ta prochaine réponse.
Comment va le PC?

Salut
Le pc fonctionne plus rapidemment qu'avant mais il se coupe encore tout seul mais moins régulièrement me semble t-il.
Voici le nouveau rapport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:02:44, on 11/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Users\Flo\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Users\Flo\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll (file missing)
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (file missing)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [Comrade.exe] C:\Program Files\GameSpy\Comrade\Comrade.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll (file missing)
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (file missing)
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (file missing)
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.(...)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\Windows\system32\CTsvcCDA.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Service de l’iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9663 bytes

http://www.site-naheulbeuk.com/navilog.php

Fais cette manipulation jusqu'au bout.

Après cela :

>Télécharges MalwareBytes ici.
>Lance-le pour le mettre à jour.
>Redémarre en mode sans-échec (en tapotant sur F8 au lancement du PC).
>Effectue un scan Complet avec MalwareBytes et conserve le rapport.
>Redémarre en mode normal et poste le rapport dans ta prochaine réponse.

Salut!
J'ai récupéré un trojan
Voici le rapport de Malwarebytes:

Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1387
Windows 6.0.6001 Service Pack 1

12/11/2008 20:42:21
mbam-log-2008-11-12 (20-42-21).txt

Type de recherche: Examen complet (C:\|D:\|E:\|)
Eléments examinés: 206154
Temps écoulé: 43 minute(s), 21 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Users\Flo\AppData\Roaming\REX Shared Library.dll (Trojan.Lop.H) -> Quarantined and deleted successfully.

Fais la manipulation ici en entier :

http://www.assistepc.com/forum/lop-s-d-nettoyer-les-infections-de-l-adware-lo(...)

Voici le rapport après manipulation:


--------------------\\ Lop S&D 4.2.4-9c XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5250 @ 1.50GHz )
BIOS : Default System BIOS
USER : Flo ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.18 (Activated)
C:\ (Local Disk) - NTFS - Total:69 Go (Free:14 Go)
D:\ (Local Disk) - NTFS - Total:149 Go (Free:72 Go)
E:\ (Local Disk) - NTFS - Total:69 Go (Free:51 Go)
F:\ (CD or DVD) - CDFS - Total:6 Go (Free:0 Go)

"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [2] ( 12/11/2008|23:51 )

[ UAC => 1 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans Local

[21/08/2007|18:52] C:\Users\Flo\AppData\Local\Acer Arcade Deluxe
[19/08/2007|00:35] C:\Users\Flo\AppData\Local\acer eNM
[06/10/2008|12:58] C:\Users\Flo\AppData\Local\Adobe
[05/09/2008|11:47] C:\Users\Flo\AppData\Local\Apple
[14/10/2008|23:22] C:\Users\Flo\AppData\Local\Apple Computer
[19/08/2007|00:34] C:\Users\Flo\AppData\Local\Application Data
[12/11/2008|22:46] C:\Users\Flo\AppData\Local\ApplicationHistory
[11/10/2008|10:17] C:\Users\Flo\AppData\Local\Ares
[19/08/2007|00:35] C:\Users\Flo\AppData\Local\ATI
[10/10/2008|19:08] C:\Users\Flo\AppData\Local\capcom
[12/11/2008|20:03] C:\Users\Flo\AppData\Local\d3d9caps.dat
[29/10/2008|02:30] C:\Users\Flo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[05/06/2008|15:32] C:\Users\Flo\AppData\Local\eMule
[06/09/2008|15:20] C:\Users\Flo\AppData\Local\fusioncache.dat
[11/11/2008|11:51] C:\Users\Flo\AppData\Local\GameSpy
[11/11/2008|11:50] C:\Users\Flo\AppData\Local\GDIPFONTCACHEV1.DAT
[07/10/2007|01:54] C:\Users\Flo\AppData\Local\Google
[12/10/2008|20:57] C:\Users\Flo\AppData\Local\hauobc.bat
[19/08/2007|00:34] C:\Users\Flo\AppData\Local\Historique
[12/11/2008|19:21] C:\Users\Flo\AppData\Local\Microsoft
[08/06/2008|22:30] C:\Users\Flo\AppData\Local\Microsoft Games
[04/04/2008|10:31] C:\Users\Flo\AppData\Local\MigWiz
[11/09/2007|15:20] C:\Users\Flo\AppData\Local\Mozilla
[13/01/2008|12:36] C:\Users\Flo\AppData\Local\PlayMovie
[21/08/2007|18:52] C:\Users\Flo\AppData\Local\PowerCinema
[12/09/2007|21:39] C:\Users\Flo\AppData\Local\PunkBuster
[12/11/2008|23:51] C:\Users\Flo\AppData\Local\Temp
[19/08/2007|00:34] C:\Users\Flo\AppData\Local\Temporary Internet Files
[19/08/2007|23:12] C:\Users\Flo\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[12/11/2008 22:40][--ah-----] C:\Windows\tasks\SA.DAT
[12/11/2008 19:29][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[10/01/2001|20:04] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[05/10/2008|20:48] C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[18/08/2007|22:57] C:\ProgramData\addr_file.html
[06/10/2008|12:58] C:\ProgramData\Adobe
[05/09/2008|11:46] C:\ProgramData\Apple
[05/10/2008|20:48] C:\ProgramData\Apple Computer
[02/11/2006|14:02] C:\ProgramData\Application Data
[13/02/2008|23:15] C:\ProgramData\Avira
[07/01/2008|12:01] C:\ProgramData\Azureus
[19/08/2007|00:31] C:\ProgramData\Bureau
[16/09/2007|10:37] C:\ProgramData\CheckPoint
[18/08/2007|22:58] C:\ProgramData\Creative
[17/06/2007|20:20] C:\ProgramData\CyberLink
[02/11/2006|14:02] C:\ProgramData\Desktop
[02/11/2006|14:02] C:\ProgramData\Documents
[05/06/2008|15:32] C:\ProgramData\eMule
[19/08/2007|00:31] C:\ProgramData\Favoris
[02/11/2006|14:02] C:\ProgramData\Favorites
[30/09/2008|10:12] C:\ProgramData\Google
[30/09/2008|10:30] C:\ProgramData\Lavasoft
[12/11/2008|12:17] C:\ProgramData\Malwarebytes
[11/09/2007|18:29] C:\ProgramData\McAfee
[11/11/2008|22:59] C:\ProgramData\Media Center Programs
[19/08/2007|00:31] C:\ProgramData\Menu D‚marrer
[18/08/2007|23:04] C:\ProgramData\Microsoft
[16/10/2008|11:15] C:\ProgramData\Microsoft Help
[19/08/2007|00:31] C:\ProgramData\ModŠles
[11/09/2007|15:20] C:\ProgramData\Mozilla
[08/12/2007|10:53] C:\ProgramData\Propellerhead Software
[18/08/2007|23:25] C:\ProgramData\QuickTime
[11/09/2007|18:05] C:\ProgramData\Sandlot Games
[02/11/2006|14:02] C:\ProgramData\Start Menu
[18/08/2007|23:11] C:\ProgramData\Symantec
[22/09/2007|11:05] C:\ProgramData\TEMP
[02/11/2006|14:02] C:\ProgramData\Templates
[30/09/2008|10:14] C:\ProgramData\VadeRetro
[19/08/2007|15:50] C:\ProgramData\Yahoo! Companion

--------------------\\ Listing des dossiers dans C:\Program Files

[17/06/2007|20:20] C:\Program Files\Acer Arcade Deluxe
[07/10/2007|16:03] C:\Program Files\Advanced Encryption Plug-in Pro for Explorer
[17/06/2007|20:22] C:\Program Files\Apoint2K
[14/02/2008|14:53] C:\Program Files\Ares
[17/06/2007|20:13] C:\Program Files\ATI Technologies
[11/09/2007|18:36] C:\Program Files\Avira
[17/09/2008|16:44] C:\Program Files\Bonjour
[08/11/2008|13:38] C:\Program Files\Common Files
[27/06/2008|19:04] C:\Program Files\Creative
[10/01/2001|19:50] C:\Program Files\CyberLink
[11/11/2008|22:44] C:\Program Files\Electronic Arts
[19/08/2007|00:31] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[10/11/2008|12:36] C:\Program Files\GameSpy
[29/10/2008|16:22] C:\Program Files\InstallShield Installation Information
[29/10/2008|14:41] C:\Program Files\Intel
[29/10/2008|14:41] C:\Program Files\Internet Explorer
[29/10/2008|14:42] C:\Program Files\Java
[29/10/2008|14:42] C:\Program Files\K-Lite Codec Pack
[29/10/2008|14:42] C:\Program Files\Launch Manager
[30/09/2008|10:26] C:\Program Files\Lavasoft
[12/11/2008|12:18] C:\Program Files\Malwarebytes' Anti-Malware
[29/10/2008|14:42] C:\Program Files\Microsoft IntelliPoint
[02/11/2008|20:42] C:\Program Files\Microsoft Silverlight
[06/06/2008|10:50] C:\Program Files\Movie Maker
[07/11/2008|18:51] C:\Program Files\MSN Messenger
[12/11/2008|19:28] C:\Program Files\Navilog1
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[29/10/2008|16:21] C:\Program Files\Veoh Networks
[06/06/2008|10:50] C:\Program Files\Windows Calendar
[06/06/2008|10:50] C:\Program Files\Windows Collaboration
[06/06/2008|10:50] C:\Program Files\Windows Defender
[29/10/2008|14:41] C:\Program Files\Windows Journal
[16/10/2008|19:50] C:\Program Files\Windows Mail
[29/10/2008|14:41] C:\Program Files\Windows Media Player
[29/10/2008|14:41] C:\Program Files\Windows NT
[29/10/2008|14:41] C:\Program Files\Windows Photo Gallery
[06/06/2008|10:50] C:\Program Files\Windows Sidebar
[29/10/2008|14:41] C:\Program Files\WinRAR

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[16/04/2008|18:38] C:\Program Files\Common Files\Adobe
[17/09/2008|16:52] C:\Program Files\Common Files\Apple
[09/01/2008|16:27] C:\Program Files\Common Files\Blizzard Entertainment
[18/08/2007|22:59] C:\Program Files\Common Files\Creative
[10/01/2001|20:00] C:\Program Files\Common Files\DESIGNER
[10/01/2001|19:39] C:\Program Files\Common Files\InstallShield
[10/11/2007|01:48] C:\Program Files\Common Files\Java
[10/01/2001|19:31] C:\Program Files\Common Files\LightScribe
[30/05/2008|10:55] C:\Program Files\Common Files\microsoft shared
[10/01/2001|19:31] C:\Program Files\Common Files\muvee Technologies
[10/01/2001|19:32] C:\Program Files\Common Files\NewTech Infosystems
[10/01/2001|20:06] C:\Program Files\Common Files\Oberon Media
[14/05/2008|14:01] C:\Program Files\Common Files\PX Storage Engine
[16/06/2008|20:36] C:\Program Files\Common Files\Real
[11/09/2007|18:05] C:\Program Files\Common Files\Sandlot Shared
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[27/11/2007|11:29] C:\Program Files\Common Files\Simple Star Shared
[17/06/2007|20:13] C:\Program Files\Common Files\snp2uvc
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[10/10/2008|18:16] C:\Program Files\Common Files\Steam
[18/08/2007|22:58] C:\Program Files\Common Files\SWF Studio
[18/08/2007|23:11] C:\Program Files\Common Files\Symantec Shared
[06/06/2008|10:50] C:\Program Files\Common Files\System
[30/09/2008|10:26] C:\Program Files\Common Files\Wise Installation Wizard
[16/06/2008|20:36] C:\Program Files\Common Files\xing shared

--------------------\\ Process

( 82 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-12 23:51:53
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
C:\Users\Flo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\CJN0959M\showdef[1].asp
scan completed successfully
hidden processes: 0
hidden files: 2

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\Flo\AppData\Roaming\LimeWire\.AppSpecialShare\Lost.Planet.Extreme.Condition-Unleashed-Crack.torrent
C:\Users\Flo\AppData\Roaming\LimeWire\.AppSpecialShare\Lost.Planet.Extreme.Condition-Unleashed-Crack.torrent.bak
C:\Users\Flo\AppData\Roaming\Microsoft\Office\Recent\Crack + Serial - Lost Planet Extreme Condition Colonies Edition.LNK
C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Recent\Crack + Serial - Lost Planet Extreme Condition Colonies Edition.lnk
C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Recent\Crack + Serial - Lost Planet Extreme Condition Colonies Edition.lnk
C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Recent\Crack.lnk
C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Recent\lost planet extreme condition no-cd crack.lnk
C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Recent\Lost_Planet_Extreme_Condition_Crack.3744068.TPB.lnk
C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Recent\[PC GAME] Lost Planet - Keygen+Crack Nocd by Razor1911 (2).lnk
C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Recent\[PC GAME] Lost Planet - Keygen+Crack Nocd by Razor1911.lnk
C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Recent\[pc]lost planet extreme condition crack rar(2).lnk
C:\Users\Flo\Documents\LimeWire\Saved\Lost.Planet.Extreme.Condition-Unleashed-Crack
C:\Users\Flo\Documents\LimeWire\Saved\Lost.Planet.Extreme.Condition-Unleashed-Crack\Crack
C:\Users\Flo\Documents\LimeWire\Saved\Lost.Planet.Extreme.Condition-Unleashed-Crack\unl-lpec.nfo
C:\Users\Flo\Documents\LimeWire\Saved\Lost.Planet.Extreme.Condition-Unleashed-Crack\Crack\ClientRegistry.blob
C:\Users\Flo\Documents\LimeWire\Saved\Lost.Planet.Extreme.Condition-Unleashed-Crack\Crack\launcher.ini
C:\Users\Flo\Documents\LimeWire\Saved\Lost.Planet.Extreme.Condition-Unleashed-Crack\Crack\LostPlanetDx10.exe
C:\Users\Flo\Documents\LimeWire\Saved\Lost.Planet.Extreme.Condition-Unleashed-Crack\Crack\LostPlanetDx9.exe
C:\Users\Flo\Documents\LimeWire\Saved\Lost.Planet.Extreme.Condition-Unleashed-Crack\Crack\Steam.dll
C:\Users\Flo\Documents\LimeWire\Saved\Lost.Planet.Extreme.Condition-Unleashed-Crack\Crack\steamclient.dll
C:\Users\Flo\Documents\LimeWire\Saved\Lost.Planet.Extreme.Condition-Unleashed-Crack\Crack\Steam_api.dll
C:\Users\Flo\Documents\LimeWire\Saved\Lost.Planet.Extreme.Condition-Unleashed-Crack\Crack\tier0_s.dll
C:\Users\Flo\Documents\LimeWire\Saved\Lost.Planet.Extreme.Condition-Unleashed-Crack\Crack\vstdlib_s.dll


[F:13][D:6]-> C:\Users\Flo\AppData\Local\Temp
[F:335][D:1]-> C:\Users\Flo\AppData\Roaming\MICROS~1\Windows\Cookies
[F:1022][D:4]-> C:\Users\Flo\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:37][D:3]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 12/11/2008|23:51 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 12/11/2008|23:54 - Option : [2]

--------------------\\ Fin du rapport a 23:54:26
[ UAC => 1 ]

Re, mon pc s'éteind toujours tout seul mais moins souvent toutefois j'apperçois de nettes amélioration quand à certaines exécutions notamment pour internet.

Note: Si tu as des problèmes lors de la supression, redémarre en mode sans-échec.

Vide ces répertoires :

>C:\Users\Flo\AppData\Local\Temp
>C:\Users\Flo\AppData\Local\Temporary Internet Files
C:\Users\Flo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\

Et supprime tout ca :



>Renomme ComboFix.exe en Flolcho.exe, redémarre en mode sans-échec et lance un scan.
>Poste le rapport obtenu dans ta prochaine réponse.

ComboFix 08-11-06.01 - Flo 2008-11-13 16:39:29.2 - NTFSx86 MINIMAL
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1594 [GMT 1:00]
Lancé depuis: C:\Users\Flo\Desktop\Flolcho.exe
.

((((((((((((((((((((((((((((( Fichiers créés du 2008-10-13 au 2008-11-13 ))))))))))))))))))))))))))))))))))))
.

Pas de nouveau fichier créé dans ce laps de temps

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-12 18:28 --------- d-----w C:\Program Files\Navilog1
2008-11-12 11:18 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-11-12 11:17 --------- d-----w C:\Users\Flo\AppData\Roaming\Malwarebytes
2008-11-12 11:17 --------- d-----w C:\ProgramData\Malwarebytes
2008-11-11 22:01 22,328 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys
2008-11-11 22:01 22,328 ----a-w C:\Users\Flo\AppData\Roaming\PnkBstrK.sys
2008-11-11 22:01 103,736 ----a-w C:\Windows\System32\PnkBstrB.exe
2008-11-11 22:00 669,184 ----a-w C:\Windows\System32\pbsvc.exe
2008-11-11 21:59 --------- d-----w C:\ProgramData\Media Center Programs
2008-11-11 21:44 --------- d-----w C:\Program Files\Electronic Arts
2008-11-10 11:36 --------- d-----w C:\Program Files\GameSpy
2008-11-07 17:51 --------- d-----w C:\Program Files\MSN Messenger
2008-11-06 20:33 --------- d-----w C:\Users\Flo\AppData\Roaming\U3
2008-11-02 19:42 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-10-31 18:10 --------- d-----w C:\Users\Flo\AppData\Roaming\foobar2000
2008-10-29 15:22 --------- d-----w C:\Program Files\InstallShield Installation Information
2008-10-29 15:21 --------- d-----w C:\Program Files\Veoh Networks
2008-10-29 13:42 --------- d-----w C:\Program Files\Microsoft IntelliPoint
2008-10-29 13:42 --------- d-----w C:\Program Files\Launch Manager
2008-10-29 13:42 --------- d-----w C:\Program Files\K-Lite Codec Pack
2008-10-29 13:42 --------- d-----w C:\Program Files\Java
2008-10-29 13:41 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-10-29 13:41 --------- d-----w C:\Program Files\Windows Journal
2008-10-29 13:41 --------- d-----w C:\Program Files\Intel
2008-10-26 15:42 2,606 ----a-w C:\Users\Flo\AppData\Roaming\wklnhst.dat
2008-10-22 15:10 38,496 ----a-w C:\Windows\system32\drivers\mbamswissarmy.sys
2008-10-22 15:10 15,504 ----a-w C:\Windows\system32\drivers\mbam.sys
2008-10-16 18:50 --------- d-----w C:\Program Files\Windows Mail
2008-10-16 10:15 --------- d-----w C:\ProgramData\Microsoft Help
2008-10-15 21:26 --------- d-----w C:\Users\Flo\AppData\Roaming\Media Center Programs
2008-10-10 17:16 --------- d-----w C:\Program Files\Common Files\Steam
2008-10-05 19:48 --------- d-----w C:\ProgramData\Apple Computer
2008-10-05 19:48 --------- d-----w C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-02 03:49 827,392 ----a-w C:\Windows\System32\wininet.dll
2008-09-30 09:30 --------- d-----w C:\ProgramData\Lavasoft
2008-09-30 09:26 --------- d-----w C:\Program Files\Lavasoft
2008-09-30 09:26 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-09-30 09:14 --------- d-----w C:\ProgramData\VadeRetro
2008-09-30 09:11 --------- d-----w C:\Users\Flo\AppData\Roaming\VadeRetro
2008-09-18 05:09 3,601,464 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-09-18 05:09 3,549,240 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-09-18 04:56 147,456 ----a-w C:\Windows\System32\Faultrep.dll
2008-09-18 04:56 125,952 ----a-w C:\Windows\System32\wersvc.dll
2008-09-18 02:16 2,032,640 ----a-w C:\Windows\System32\win32k.sys
2008-09-17 15:52 --------- d-----w C:\Program Files\Common Files\Apple
2008-09-17 15:44 --------- d-----w C:\Program Files\Bonjour
2008-08-29 08:18 87,336 ----a-w C:\Windows\System32\dns-sd.exe
2008-08-29 07:53 61,440 ----a-w C:\Windows\System32\dnssd.dll
2008-06-06 09:57 174 --sha-w C:\Program Files\desktop.ini
2007-12-08 09:52 225,280 ----a-w C:\Users\Flo\AppData\Roaming\Rewire.dll
2002-08-26 17:54 327,680 ----a-r C:\Users\Flo\AppData\Roaming\MafiaSetup.exe
.

((((((((((((((((((((((((((((( snapshot@2008-11-08_ 0.47.46.55 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-11-11 21:59:54 9,662 ----a-r C:\Windows\Installer\{000E79B7-E725-4F01-870A-C12942B7F8E4}\ARPPRODUCTICON.exe
- 2007-12-25 01:42:56 10,134 ----a-r C:\Windows\Installer\{000E79B7-E725-4F01-870A-C12942B7F8E4}\checkForUpdatesSC_000E79B7E7254F01870AC12942B7F8E4.exe
+ 2008-11-11 21:59:55 10,134 ----a-r C:\Windows\Installer\{000E79B7-E725-4F01-870A-C12942B7F8E4}\checkForUpdatesSC_000E79B7E7254F01870AC12942B7F8E4.exe
- 2007-12-25 01:42:56 10,134 ----a-r C:\Windows\Installer\{000E79B7-E725-4F01-870A-C12942B7F8E4}\visitWebsite_000E79B7E7254F01870AC12942B7F8E4.exe
+ 2008-11-11 21:59:55 10,134 ----a-r C:\Windows\Installer\{000E79B7-E725-4F01-870A-C12942B7F8E4}\visitWebsite_000E79B7E7254F01870AC12942B7F8E4.exe
+ 2008-11-10 11:36:54 57,344 ----a-r C:\Windows\Installer\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}\ARPPRODUCTICON.exe
+ 2008-11-10 11:36:54 57,344 ----a-r C:\Windows\Installer\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}\Comrade.exe_CD7D16AA9DCA4A66A4ABF9C1BE60B1B5.exe
+ 2008-11-10 11:36:54 57,344 ----a-r C:\Windows\Installer\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}\NewShortcut7_CD7D16AA9DCA4A66A4ABF9C1BE60B1B5.exe
+ 2008-11-10 11:36:54 57,344 ----a-r C:\Windows\Installer\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}\NewShortcut8_CD7D16AA9DCA4A66A4ABF9C1BE60B1B5.exe
+ 2008-11-10 11:36:54 8,854 ----a-r C:\Windows\Installer\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}\UNINST_Uninstall_Com_CD7D16AA9DCA4A66A4ABF9C1BE60B1B5.exe
- 2008-11-07 23:29:12 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat
+ 2008-11-13 15:30:45 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat
+ 2008-11-13 15:30:45 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2008-11-07 23:29:53 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2008-11-13 15:30:45 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2008-11-13 15:30:45 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2008-11-07 23:30:22 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-11-13 14:34:08 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-11-07 23:30:22 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-11-13 14:34:08 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-11-07 23:30:22 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-11-13 14:34:08 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-09-02 17:40:53 75,072 ----a-w C:\Windows\System32\drivers\avipbb.sys
+ 2008-11-13 14:35:16 75,072 ----a-w C:\Windows\System32\drivers\avipbb.sys
- 2008-10-16 18:52:53 314,616 ----a-w C:\Windows\System32\FNTCACHE.DAT
+ 2008-11-12 21:40:43 316,656 ----a-w C:\Windows\System32\FNTCACHE.DAT
- 2008-11-07 23:34:47 105,276 ----a-w C:\Windows\System32\perfc009.dat
+ 2008-11-13 15:12:09 105,276 ----a-w C:\Windows\System32\perfc009.dat
- 2008-11-07 23:34:47 128,418 ----a-w C:\Windows\System32\perfc00C.dat
+ 2008-11-13 15:12:09 128,418 ----a-w C:\Windows\System32\perfc00C.dat
- 2008-11-07 23:34:47 595,946 ----a-w C:\Windows\System32\perfh009.dat
+ 2008-11-13 15:12:09 595,946 ----a-w C:\Windows\System32\perfh009.dat
- 2008-11-07 23:34:47 679,418 ----a-w C:\Windows\System32\perfh00C.dat
+ 2008-11-13 15:12:09 679,418 ----a-w C:\Windows\System32\perfh00C.dat
- 2008-11-03 01:09:41 6,553,600 ----a-w C:\Windows\System32\SMI\Store\Machine\schema.dat
+ 2008-11-13 14:45:57 6,553,600 ----a-w C:\Windows\System32\SMI\Store\Machine\schema.dat
- 2008-11-07 23:30:08 12,080 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-722847408-4120334268-1447528841-1000_UserData.bin
+ 2008-11-13 15:07:43 12,270 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-722847408-4120334268-1447528841-1000_UserData.bin
- 2008-11-07 23:30:08 82,960 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-11-13 15:07:43 83,180 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2008-11-07 23:30:07 61,874 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-11-13 15:07:41 62,170 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
- 2008-11-07 17:44:58 287,522 ----a-w C:\Windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2008-11-13 13:52:08 290,022 ----a-w C:\Windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2008-11-07 15:17:12 262,870 ----a-w C:\Windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2008-11-11 17:37:28 265,286 ----a-w C:\Windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S4.bin
- 2008-11-02 19:35:14 91,656,472 ----a-w C:\Windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
+ 2008-11-13 11:21:59 93,486,364 ----a-w C:\Windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
+ 2006-11-02 09:41:09 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6001.18136_none_8853d47896e90b40\msxml3r.dll
+ 2006-11-02 09:41:09 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6001.18138_none_885590b496e78ad1\msxml6r.dll
+ 2008-09-15 22:27:41 2,413,072 ----a-w C:\Windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.16764_none_f064ff046e80cc5f\OESpamFilter.dat
+ 2008-09-15 22:27:41 2,413,072 ----a-w C:\Windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.20937_none_f1120e5787836182\OESpamFilter.dat
+ 2008-09-15 22:27:41 2,413,072 ----a-w C:\Windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.18157_none_f2590e746b9c8d64\OESpamFilter.dat
+ 2008-09-15 22:27:41 2,413,072 ----a-w C:\Windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.22288_none_f2c33bc584d19a58\OESpamFilter.dat
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 08:33 1233920]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 11:55 5674352]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 08:33 125952]
"Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2008-09-26 19:14 3660848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"eAudio"="C:\Acer\Empowering Technology\eAudio\eAudio.exe" [2007-05-09 10:36 1286144]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-12 17:42 457728]
"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2007-04-04 08:02 678672]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-09-02 18:40 266497]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 03:27 144784]
"Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2006-11-07 13:57 159744]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 13:00 174872]
"RtHDVCpl"="RtHDVCpl.exe" [2007-05-10 10:10 4468736 C:\Windows\RtHDVCpl.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2001-01-10 19:37:37 535336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"EnableUIADesktopToggle"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=eNetHook.dll

[HKLM\~\startupfolder\C:^Users^Flo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Téléchargez gratuitement 2 titres audios.lnk]
path=C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Téléchargez gratuitement 2 titres audios.lnk
backup=C:\Windows\pss\Téléchargez gratuitement 2 titres audios.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Tour Reminder]
--a------ 2007-02-15 18:39 151552 C:\Acer\AcerTour\Reminder.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
--a------ 2008-09-03 19:12 111936 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
--a------ 2007-12-31 15:29 962560 C:\Program Files\Ares\Ares.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
--a------ 2007-06-29 15:03 36864 C:\Program Files\GameSpy\Comrade\Comrade.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSyncU.exe]
--a------ 2006-06-12 13:32 700416 C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
--a------ 2007-02-06 00:52 849280 C:\Program Files\Microsoft IntelliPoint\ipoint.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-10-01 17:57 289576 D:\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie]
--------- 2007-05-03 10:16 206952 C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSet]
--a------ 2007-03-09 17:51 45056 C:\Windows\PLFSet.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
--a------ 2006-11-10 11:35 90112 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
--a------ 2008-10-10 18:14 1410296 D:\Steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-06-16 20:36 185896 C:\Program Files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
--a------ 2008-09-26 19:14 3660848 C:\Program Files\Veoh Networks\Veoh\VeohClient.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
--a------ 2006-11-05 20:48 57344 C:\Acer\WR_PopUp\WarReg_PopUp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
--a------ 2007-05-07 11:51 1826816 C:\Windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{F4F6F825-4E89-486A-8B95-3192340F817A}"= C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe
"{28276C90-044D-4DD6-8E4D-FC3B032F02B6}"= C:\Program Files\Acer Arcade Deluxe\DVDivine\DVDivine.exe:DVDivine
"{3B2A64A9-C232-4765-AE81-D5C8F5CE7259}"= C:\Program Files\Acer Arcade Deluxe\VideoMagician\VideoMagician.exe:VideoMagician
"{0F36CD92-4215-41E1-8427-8FDC82BC297D}"= C:\Program Files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:HomeMedia
"{E3AD86A2-0361-4E7B-9E46-FCC6BCEB485D}"= C:\Program Files\Acer Arcade Deluxe\DV Wizard\DV Wizard.exe:DV Wizard
"{C2DA6328-0705-499B-B8E6-95D7426FAB66}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{6EF6711E-5547-43D9-84B2-2BAD84EAF4ED}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{DAB198F0-26F2-4555-B0C1-37E127744911}"= C:\Program Files\Acer Arcade Deluxe\Play Movie\PlayMovie.exe:Play Movie
"{9767B165-41D9-456E-AB57-2E66087E7BD5}"= C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe:Play Movie Resident Program
"{4E5258EA-245A-458B-9B16-85083C48C43D}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"TCP Query User{122424D4-7311-463A-A17D-40363CA4347F}C:\\program files\\sierra\\fear\\fpupdate.exe"= UDP:C:\program files\sierra\fear\fpupdate.exe:fpupdate
"UDP Query User{6C102FC5-0343-4E8E-89B0-CFA130555EA2}C:\\program files\\sierra\\fear\\fpupdate.exe"= TCP:C:\program files\sierra\fear\fpupdate.exe:fpupdate
"{3F29F6A6-2EA9-40C8-8261-F7425A46B247}"= UDP:C:\Program Files\Sierra\FEAR\FEAR.exe:FEAR
"{F3D958A2-6F5C-40B4-8A12-714DD517B125}"= TCP:C:\Program Files\Sierra\FEAR\FEAR.exe:FEAR
"{89027A54-1984-4FA3-BA6D-2AD9A89CD7F7}"= UDP:C:\Program Files\Sierra\FEAR\FEARMP.exe:FEAR
"{2F71E015-E287-4E0E-8DB9-D97C73186968}"= TCP:C:\Program Files\Sierra\FEAR\FEARMP.exe:FEAR
"TCP Query User{9B64581C-48F5-43FA-BDBC-06CB811F3274}C:\\users\\flo\\desktop\\warcraft iii\\war3.exe"= UDP:C:\users\flo\desktop\warcraft iii\war3.exe:war3.exe
"UDP Query User{A7E3EC21-CD48-4020-BF54-6FE1EE355EE3}C:\\users\\flo\\desktop\\warcraft iii\\war3.exe"= TCP:C:\users\flo\desktop\warcraft iii\war3.exe:war3.exe
"TCP Query User{FC06F41F-FF66-47A1-A21D-9A939DDF0DDA}C:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:C:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"UDP Query User{195C577B-2E76-4923-95E9-93B1753D7F1F}C:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:C:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"TCP Query User{F795ECD2-920F-45D2-A0BB-08477C410A71}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{7BE6A109-275B-42F6-A2D4-026FDD2C83E9}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{339CA8F2-5B1D-4D36-9D77-D1001F2F4E1F}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{014317EC-0E19-4DB4-A5FA-F45D33193401}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"{9EB34EFD-2CA2-4567-BC5D-5D17A3B0249D}"= UDP:C:\Program Files\FrostWire\FrostWire.exe:LimeWire
"{68C4A4F3-C626-4FFF-9004-09790793C410}"= TCP:C:\Program Files\FrostWire\FrostWire.exe:LimeWire
"TCP Query User{FC38239E-75F7-4862-8F1F-31F3E5024740}C:\\program files\\ares\\ares.exe"= UDP:C:\program files\ares\ares.exe:Ares p2p for windows
"UDP Query User{6CC855A6-F0B4-483C-94B6-021DCE5BF439}C:\\program files\\ares\\ares.exe"= TCP:C:\program files\ares\ares.exe:Ares p2p for windows
"TCP Query User{D0FD599F-F5E2-4AF6-A1F4-FECA401DD328}C:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:C:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"UDP Query User{E36DAD49-562D-457B-BAAD-B95B97A15D71}C:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:C:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"{69901ECF-7CF6-42B8-9C1B-7515CB4FBE93}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{7FD5DBEB-CD62-49ED-9F14-ADA4129AA981}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{98C4AC8E-66EF-420B-83DD-3B95D9F200F9}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"{C2D1729F-76B6-4332-B977-DF8DA5FB9E36}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"TCP Query User{00CDF089-CFF7-475D-9F29-32DEB5FADB06}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus
"UDP Query User{F0544D17-C479-4809-B66A-534A9FAFA06A}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus
"TCP Query User{631BBB20-AB60-4163-9DF1-C191B5D7BAA2}D:\\sierra\\arcanum\\arcanum.exe"= UDP:D:\sierra\arcanum\arcanum.exe:Arcanum
"UDP Query User{A457EF4F-B9D5-413F-9268-D950D1043395}D:\\sierra\\arcanum\\arcanum.exe"= TCP:D:\sierra\arcanum\arcanum.exe:Arcanum
"TCP Query User{31CC1357-B7F6-4D0D-A78A-24587F6FBA55}D:\\silverfall\\silverfall.exe"= UDP:D:\silverfall\silverfall.exe:Silverfall
"UDP Query User{FCFE2935-77BE-4379-9B71-A1AF4D98CB25}D:\\silverfall\\silverfall.exe"= TCP:D:\silverfall\silverfall.exe:Silverfall
"TCP Query User{6FF68CFA-6A8A-4B0A-9424-0FBDFE27D4E9}D:\\program files\\mohaa.exe"= UDP:D:\program files\mohaa.exe:Medal of Honor Allied Assault(tm)
"UDP Query User{0E0AB83A-BE4C-4A8E-81A9-416809FAAC2F}D:\\program files\\mohaa.exe"= TCP:D:\program files\mohaa.exe:Medal of Honor Allied Assault(tm)
"TCP Query User{07B1DAEC-C190-496B-A2B7-07AE5081FE2A}C:\\program files\\share 1.0 ex2\\share.exe"= UDP:C:\program files\share 1.0 ex2\share.exe:Share
"UDP Query User{B6DA4B94-7AED-4E71-A76A-8475D274539F}C:\\program files\\share 1.0 ex2\\share.exe"= TCP:C:\program files\share 1.0 ex2\share.exe:Share
"TCP Query User{EEF72A69-6FAD-4996-B9AE-DBA18B3BBEDA}C:\\program files\\real\\realplayer\\realplay.exe"= UDP:C:\program files\real\realplayer\realplay.exe:RealPlayer
"UDP Query User{BD400E3E-A192-4C93-BF2F-8B3E3878AAA2}C:\\program files\\real\\realplayer\\realplay.exe"= TCP:C:\program files\real\realplayer\realplay.exe:RealPlayer
"{8FE9B927-47CF-4551-9C02-00E65CED0738}"= UDP:C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"{F49326FE-D15F-48C9-B0CA-ED1BEA0C4967}"= TCP:C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"{D716ABE6-E83F-413A-B9CA-A6DE64132AED}"= UDP:C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"{21EFADC3-5AEC-4660-A875-73215A131F68}"= TCP:C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"TCP Query User{31CE8ADD-765D-4427-8337-AC5F4BA26F6E}D:\\sierra\\fpupdate.exe"= UDP:D:\sierra\fpupdate.exe:fpupdate
"UDP Query User{FEA701E8-DFF5-41B0-A6E7-C3B11FDD0F90}D:\\sierra\\fpupdate.exe"= TCP:D:\sierra\fpupdate.exe:fpupdate
"{A27F36B2-63D9-43A3-90DC-DC504233C7BB}"= UDP:D:\Sierra\FEAR.exe:FEAR
"{BB81289D-8B7B-466E-B7B3-0175F7EA6545}"= TCP:D:\Sierra\FEAR.exe:FEAR
"{0F57C1B9-4A12-4B0B-9A21-F102F0AC339E}"= UDP:D:\Sierra\FEARMP.exe:FEAR
"{60A939F9-BAB0-4B0D-98DF-F4BBC8B024E3}"= TCP:D:\Sierra\FEARMP.exe:FEAR
"{03593397-AB84-4B7C-A6F5-FE8DF42299BE}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{341C5ECD-6D5B-4DE2-A0AA-48508DD99296}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{2B024841-3B16-4683-9472-D32AA5DC5140}"= UDP:D:\iTunes.exe:iTunes
"{459D8120-2DB2-45F2-A1CB-006BB1E530A7}"= TCP:D:\iTunes.exe:iTunes
"{A9E7A095-F1BE-4294-9F06-4BBED3751B24}"= UDP:D:\Steam.exe:Steam Client
"{15433B62-C71F-4F3B-9962-1F4D1E4C858A}"= TCP:D:\Steam.exe:Steam Client
"{2D5EC84C-860A-4BBB-801B-B87AA9C9B85C}"= UDP:D:\SteamApps\common\Lost Planet Extreme Condition\LostPlanetDx10.exe:LostPlanetDX10
"{454E749D-B41B-4DA8-AFF3-6D74874034AA}"= TCP:D:\SteamApps\common\Lost Planet Extreme Condition\LostPlanetDx10.exe:LostPlanetDX10
"{8A643186-2B0D-447F-B28A-4987CD18EEB1}"= UDP:D:\SteamApps\common\Lost Planet Extreme Condition\LostPlanetDx9.exe:LostPlanetDX9
"{E21FC015-7358-4C73-BEBE-1E6142E36D07}"= TCP:D:\SteamApps\common\Lost Planet Extreme Condition\LostPlanetDx9.exe:LostPlanetDX9
"TCP Query User{75CE2E7B-F9B4-4082-9F7C-7F97E03DAA4D}C:\\users\\flo\\desktop\\crack\\lostplanetdx9.exe"= UDP:C:\users\flo\desktop\crack\lostplanetdx9.exe:lostplanetdx9.exe
"UDP Query User{DF78125E-7BB5-4068-B436-E081ABEDE197}C:\\users\\flo\\desktop\\crack\\lostplanetdx9.exe"= TCP:C:\users\flo\desktop\crack\lostplanetdx9.exe:lostplanetdx9.exe
"TCP Query User{06FF240D-1B2B-4FDF-BE90-0849A82F268F}D:\\emule\\emule.exe"= UDP:D:\emule\emule.exe:eMule
"UDP Query User{A2C311DC-4BC8-494A-BEF9-173E42B2D6CE}D:\\emule\\emule.exe"= TCP:D:\emule\emule.exe:eMule
"TCP Query User{713A7383-3372-4590-9FF8-0ADABD77705E}C:\\users\\flo\\desktop\\lost.planet.extreme.condition-unleashed-crack\\crack\\lostplanetdx9.exe"= UDP:C:\users\flo\desktop\lost.planet.extreme.condition-unleashed-crack\crack\lostplanetdx9.exe:lostplanetdx9.exe
"UDP Query User{859192F2-D95A-425E-A83E-FC2B9BB3DEF0}C:\\users\\flo\\desktop\\lost.planet.extreme.condition-unleashed-crack\\crack\\lostplanetdx9.exe"= TCP:C:\users\flo\desktop\lost.planet.extreme.condition-unleashed-crack\crack\lostplanetdx9.exe:lostplanetdx9.exe
"{3A67F3BA-0B62-4EF8-AB04-44699B9F5649}"= UDP:D:\LimeWire\LimeWire.exe:LimeWire
"{AA4B6CD9-E02C-4A14-83C3-C7C35547BBE1}"= TCP:D:\LimeWire\LimeWire.exe:LimeWire
"{E9D5E634-0544-4DDF-A67B-9C67DC70EC3B}"= UDP:D:\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"{DAC83187-4696-49C2-9C59-1EC38885DB69}"= TCP:D:\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)
"{364E0036-DAAD-4894-902A-AD71D526E1AD}"= UDP:D:\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"{4CCE181F-D61E-4EB6-8697-ACE12E7C08F5}"= TCP:D:\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)
"{A1864EB5-79E5-4ECA-A429-6FB1F36A085F}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{77347962-34A9-4B04-95B2-BA262699205B}"= UDP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32
"{BAACB067-D100-4174-BD46-07459D62ED10}"= TCP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32
"{8E8CC5FC-FA5B-4CF4-9B12-D44AA9CFA443}"= UDP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"{A6C8C247-211C-4C7F-86C0-A5F74CA3AE43}"= TCP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Acer\\Empowering Technology\\eDataSecurity\\eDSfsu.exe"= C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu
"C:\\Acer\\Empowering Technology\\eDataSecurity\\encryption.exe"= C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption
"C:\\Acer\\Empowering Technology\\eDataSecurity\\decryption.exe"= C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption

R3 enecir;ENE CIR Receiver;C:\Windows\system32\DRIVERS\enecir.sys [2007-03-07 09:26 32256]
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl [2006-11-02 15:51 13560]
S2 ALaunchService;ALaunch Service;C:\Acer\ALaunch\ALaunchSvc.exe [2007-01-26 14:24 50688]
S3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-05-04 15:19 2591232]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-02-08 08:03 179712]
S3 PMUSB2G;PassMark® Software USB 2.0 Loopback plug;C:\Windows\system32\Drivers\PMUSB.sys [2004-11-25 16:11 18944]
S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-10-10 18:14 87288]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4fb4f2c1-1d06-11dc-a2e6-806e6f6e6963}]
\shell\AutoRun\command - F:\AutoRunCD.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6ef4b407-30df-11dd-9859-0019d2c4c165}]
\shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7d40ab10-746a-11dd-942d-0019d2c4c165}]
\shell\AutoRun\command - H:\LaunchU3.exe -a

*Newly Created Service* - ECACHE
.
- - - - ORPHELINS SUPPRIMES - - - -

HKLM-RunOnce-<NO NAME> - (no file)


.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\t2p94jkv.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
.

Tiens il y a encore une horreur que je viens de trouver :



>Supprime ce programme à partir du "panneau de configuration" > "Ajout/Supression de programmes".

Vérifie que le répertoire n'y est plus. S'il y est encore supprime-le.

Note : Si tu rencontres des soucis lors de la supression, fais-la en mode sans-échec.

>Va dans "Démarrer" > "Executer" > "REGEDIT".
>Fais une recherche avec le mot : "Wire".

Si tu tombes sur des clefs qui traitent de FrostWire, supprime-les.

Note : Pour continuer la recherche, clique sur "Recherche suivant", en dessous de "Rechercher".

PLus aucunes traces de FrostWire tout a été supprimé.
J'ai l'impression que certains logiciels (surtout pour les jeux) rament plus qu'avant. Est-ce lié à une infection ou au fait que mon pc s'éteigne tout seul?
Parce que avant ces jeux ne ramaient pas du tout (en tout cas moins que maintenant)

Redémarre en mode sans-échec et fais un scan complet avec ton antivirus.
Poste le rapport obtenu.

Voici le rapport Antivir :

Avira AntiVir Personal
Report file date: 2008-11-14 12:24

Scanning for 1034067 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows Vista
Windows version: (Service Pack 1) [6.0.6001]
Boot mode: Save mode
Username: Flo
Computer name: ACER

Version information:
BUILD.DAT : 8.2.0.336 16933 Bytes 2008-10-30 11:40:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-09-02 17:40:30
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-09-02 17:40:30
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-09-02 17:40:42
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-09-02 17:40:42
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 2008-10-27 23:06:02
ANTIVIR1.VDF : 7.1.0.56 411136 Bytes 2008-11-09 12:11:34
ANTIVIR2.VDF : 7.1.0.57 2048 Bytes 2008-11-09 12:11:36
ANTIVIR3.VDF : 7.1.0.81 187392 Bytes 2008-11-13 14:35:13
Engineversion : 8.2.0.31
AEVDF.DLL : 8.1.0.6 102772 Bytes 2008-10-17 17:44:43
AESCRIPT.DLL : 8.1.1.15 332156 Bytes 2008-11-13 14:35:15
AESCN.DLL : 8.1.1.5 123251 Bytes 2008-11-07 23:30:55
AERDL.DLL : 8.1.1.3 438645 Bytes 2008-11-05 16:54:47
AEPACK.DLL : 8.1.3.4 393591 Bytes 2008-11-13 14:35:14
AEOFFICE.DLL : 8.1.0.30 196986 Bytes 2008-11-07 23:30:53
AEHEUR.DLL : 8.1.0.71 1487222 Bytes 2008-11-07 23:30:48
AEHELP.DLL : 8.1.1.3 119157 Bytes 2008-11-07 23:30:38
AEGEN.DLL : 8.1.1.0 319859 Bytes 2008-11-07 23:30:36
AEEMU.DLL : 8.1.0.9 393588 Bytes 2008-10-17 17:44:27
AECORE.DLL : 8.1.4.1 172405 Bytes 2008-11-07 23:30:34
AEBB.DLL : 8.1.0.3 53618 Bytes 2008-10-17 17:44:21
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-09-02 17:40:30
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-09-02 17:40:30
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-09-02 17:40:51
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-09-02 17:40:30
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-04-14 22:32:09
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-09-02 17:40:29
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-04-14 22:32:10
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-09-02 17:40:45
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-04-14 22:32:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-09-02 17:40:22
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-09-02 17:40:22

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, E:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2008-11-14 12:24

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsm.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'wininit.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
18 processes with 18 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '41' files ).


Starting the file scan:

Begin scan in 'C:\' <ACER>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Windows\System32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <DATA>
Begin scan in 'E:\' <DATA>


End of the scan: 2008-11-14 13:30
Used time: 1:06:53 Hour(s)

The scan has been done completely.

27821 Scanning directories
689307 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
689305 Files not concerned
3188 Archives were scanned
2 Warnings
0 Notes

Toujours ces ralentissements?

Plus de ralentissement notoire mais toujours ces foutues coupures!
Elles se font toujours quand je joue après 10 minutes de jeu, le son se coupe toujours je ne comprend pas.
Merci en tout cas pour toutes ces désinfections!!