Se connecter avec
S'enregistrer | Connectez-vous

Pub intenpestive,virus

Dernière réponse : dans Sécurité

Bonjours:

Un ami est infecter il a des pub intenpestive,le pc est lent etc...
Voici son rapport hijackthis:

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 15:40:46, on 25/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SiteAdvisor\6066\SAService.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Trust\DS-3100A Wireless Optical Deskset\Mouse\mouse32a.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
C:\Program Files\QuickTime\qttask.exe
C:\windows\system32\tdfotagt.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wscntfy.exe
C:\program files\valve\steam\steam.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Skype\Phone\Skype.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hercules\WiFi Station\WifiStation.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Antipub\antipub.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Atari\RollerCoaster Tycoon 3\RCT3plus.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Quantin\Bureau\HiJackThis_v2.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Heck sign dash cash] C:\Documents and Settings\All Users\Application Data\ErrorSkipHeckSign\Media grid.exe
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\DS-3100A Wireless Optical Deskset\Mouse\mouse32a.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [Window Creative] C:\DOCUME~1\Quantin\APPLIC~1\COALGR~1\firstgrimlive.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Global Startup: WiFi Station.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\JCA2000\StopPub\StopPub.exe
O9 - Extra 'Tools' menuitem: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\JCA2000\StopPub\StopPub.exe
O9 - Extra button: Internet Radio by Endicosoft.com - {1F958B09-3312-7f0e-9723-4C1324C57B20} - C:\Program Files\Internet Radio\Radio.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://big68470.spaces.live.com//PhotoUpload/MsnPUpld.c...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D380B64-90EB-473E-9E64-76E94F5CC3A5}: NameServer = 213.216.172.62,212.216.172.62
O17 - HKLM\System\CCS\Services\Tcpip\..\{68394A03-7B36-419E-B545-4C14AD64590B}: NameServer = 213.36.80.1,212.216.172.62
O17 - HKLM\System\CCS\Services\Tcpip\..\{D44DF079-0D21-4D52-98B9-398961898F5E}: NameServer = 213.36.80.1,212.216.172.62
O17 - HKLM\System\CS1\Services\Tcpip\..\{0D380B64-90EB-473E-9E64-76E94F5CC3A5}: NameServer = 213.216.172.62,212.216.172.62
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

--
End of file - 11804 bytes

Autres pages sur : pub intenpestive virus

Lassé par la pub ? Créez un compte

Svp les helper pouriez vous me trouver une solution pour que je l'aide car quand il jou a des jeux en réseau il n'est jamais tranquille car il y'a des pub qui s'affiche et sa l'enléve du jeu et son pc beug je sais que vous etes trés occupé.merci

Bonjour,

Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
Double clique sur SDFix.exe et choisis Install pour l'extraire sur le Bureau.

Redémarre en mode sans échec

  • Ouvre le dossier SDFix qui vient d'être créé à la racine de ton dique dur (C:) et double clique sur RunThis.bat pour lancer le script.
  • Appuie sur Y pour commencer le processus de nettoyage.
  • Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
  • Appuie sur une touche pour redémarrer le PC.
  • Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
  • Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
  • Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
  • Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
  • Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis.


    SDFix: Version 1.88

    Run by Quantin on 25/06/2007 at 17:54

    Microsoft Windows XP [version 5.1.2600]

    Running From: C:\DOCUME~1\Quantin\Bureau\SDFix

    Safe Mode:
    Checking Services:






    Restoring Windows Registry Values
    Restoring Windows Default Hosts File
    Restoring Missing Security Center Service
    Restoring Missing SharedAccess Service

    Rebooting...


    Normal Mode:
    Checking Files:

    Below files will be copied to Backups folder then removed:

    C:\DOCUME~1\Quantin\LOCALS~1\Temp\GLFD.tmp.dll - Deleted
    C:\DOCUME~1\Quantin\LOCALS~1\Temp\injs.a9.exe.conf - Deleted
    C:\DOCUME~1\Quantin\LOCALS~1\Temp\injs.aa.exe.conf - Deleted
    C:\WINDOWS\system\smss.exe - Deleted
    C:\WINDOWS\system32\plugin1.dat - Deleted
    C:\WINDOWS\system32\SysPr.prx - Deleted



    Removing Temp Files...

    ADS Check:

    Checking C:\WINDOWS
    C:\WINDOWS
    No streams found.

    Checking C:\WINDOWS\system32
    C:\WINDOWS\system32
    No streams found.

    Checking C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    No streams found.

    Checking C:\WINDOWS\system32\ntoskrnl.exe
    C:\WINDOWS\system32\ntoskrnl.exe
    No streams found.



    Final Check:

    Remaining Services:
    ------------------



    Authorized Application Key Export:

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
    "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
    "C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\\Program Files\\World of Warcraft\\WoW-1.12.0-frFR-downloader.exe"="C:\\Program Files\\World of Warcraft\\WoW-1.12.0-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
    "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\\Program Files\\NetMeeting\\conf.exe"="C:\\Program Files\\NetMeeting\\conf.exe:*:D isabled:Windows© NetMeeting©"
    "C:\\WINDOWS\\system32\\rtcshare.exe"="C:\\WINDOWS\\system32\\rtcshare.exe:*:Enabled:p artage de l'application RTC"
    "C:\\Program Files\\Reallusion\\CrazyTalk for Skype\\CT4Skype.exe"="C:\\Program Files\\Reallusion\\CrazyTalk for Skype\\CT4Skype.exe:*:Enabled:CrazyTalk"
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\\Program Files\\Google\\Google Talk\\googletalk.exe"="C:\\Program Files\\Google\\Google Talk\\googletalk.exe:*:Enabled:Google Talk"
    "C:\\Program Files\\Warcraft III\\Warcraft III.exe"="C:\\Program Files\\Warcraft III\\Warcraft III.exe:*:Enabled:Warcraft III"
    "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"="C:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
    "C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"="C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\81exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\81exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\85exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\85exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\7exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\7exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\61exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\61exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\65exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\65exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\15exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\15exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\67exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\67exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\86exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\86exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\1exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\1exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\46exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\46exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\33exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\33exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\79exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\79exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\35exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\35exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\20exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\20exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\74exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\74exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\3exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\3exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\95exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\95exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\16exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\16exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\78exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\78exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\55exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\55exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\66exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\66exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\30exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\30exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\24exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\24exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\76exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\76exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\19exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\19exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\87exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\87exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\94exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\94exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
    "C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Ex‚cuter une DLL en tant qu'application"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\13exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\13exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\63exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\63exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\0exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\0exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\18exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\18exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\53exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\53exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\57exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\57exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\11exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\11exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\72exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\72exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\25exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\25exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\40exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\40exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\14exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\14exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\39exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\39exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\34exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\34exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\5exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\5exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\17exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\17exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\52exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\52exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\41exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\41exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\54exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\54exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\77exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\77exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\75exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\75exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\51exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\51exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\6exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\6exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\62exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\62exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\96exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\96exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\37exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\37exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\91exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\91exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\32exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\32exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\21exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\21exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\92exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\92exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\26exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\26exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\69exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\69exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\73exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\73exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\56exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\56exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\36exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\36exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\64exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\64exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\10exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\10exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\50exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\50exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\70exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\70exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\83exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\83exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\58exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\58exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\9exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\9exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\43exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\43exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\45exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\45exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\71exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\71exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\2exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\2exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\8exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\8exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\44exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\44exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\98exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\98exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\97exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\97exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\4exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\4exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\29exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\29exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\31exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\31exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\49exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\49exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\22exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\22exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\99exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\99exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\82exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\82exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\38exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\38exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\68exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\68exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\42exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\42exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\counter-strike\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher"
    "C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\condition zero\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\condition zero\\hl.exe:*:Enabled:Half-Life Launcher"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\93exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\93exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\80exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\80exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\12exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\12exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\deathmatch classic\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\deathmatch classic\\hl.exe:*:Enabled:Half-Life Launcher"
    "C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\ricochet\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\ricochet\\hl.exe:*:Enabled:Half-Life Launcher"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\27exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\27exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\Program Files\\Valve\\Steam\\SteamApps\\magnumstyle\\half-life 2 deathmatch\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\magnumstyle\\half-life 2 deathmatch\\hl2.exe:*:Enabled:hl2"
    "C:\\Program Files\\Valve\\Steam\\SteamApps\\magnumstyle\\counter-strike source\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\magnumstyle\\counter-strike source\\hl2.exe:*:Enabled:hl2"
    "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

    Remaining Files:
    ---------------

    Backups Folder: - C:\DOCUME~1\Quantin\Bureau\SDFix\backups\backups.zip

    Listing Files with Hidden Attributes:

    C:\Documents and Settings\All Users\Documents\Mes vid‚os\Rihanna - Music Of The Sun (2005) - Reggae [www.torrentazos.com]\AlbumArtSmall.jpg
    C:\Documents and Settings\All Users\Documents\Mes vid‚os\Rihanna - Music Of The Sun (2005) - Reggae [www.torrentazos.com]\AlbumArt_{1EDCFEF0-4E7C-40B6-A8B6-F8C808B2BF13}_Large.jpg
    C:\Documents and Settings\All Users\Documents\Mes vid‚os\Rihanna - Music Of The Sun (2005) - Reggae [www.torrentazos.com]\AlbumArt_{1EDCFEF0-4E7C-40B6-A8B6-F8C808B2BF13}_Small.jpg
    C:\Documents and Settings\All Users\Documents\Mes vid‚os\Rihanna - Music Of The Sun (2005) - Reggae [www.torrentazos.com]\desktop.ini
    C:\Documents and Settings\All Users\Documents\Mes vid‚os\Rihanna - Music Of The Sun (2005) - Reggae [www.torrentazos.com]\Folder.jpg
    C:\Documents and Settings\All Users\Documents\Mes vid‚os\Rihanna - Music Of The Sun (2005) - Reggae [www.torrentazos.com]\Thumbs.db
    C:\Documents and Settings\Quantin\SendTo\WLM - big68@msn.com\Desktop.ini
    C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp

    Listing User Accounts:


    Administrateur ASPNET HelpAssistant
    Invit‚ Quantin SUPPORT_388945a0
    La commande s'est termin‚e correctement.


    Finished


    SDFix: Version 1.88

    Run by Quantin on 25/06/2007 at 17:54

    Microsoft Windows XP [version 5.1.2600]

    Running From: C:\DOCUME~1\Quantin\Bureau\SDFix

    Safe Mode:
    Checking Services:






    Restoring Windows Registry Values
    Restoring Windows Default Hosts File
    Restoring Missing Security Center Service
    Restoring Missing SharedAccess Service

    Rebooting...


    Normal Mode:
    Checking Files:

    Below files will be copied to Backups folder then removed:

    C:\DOCUME~1\Quantin\LOCALS~1\Temp\GLFD.tmp.dll - Deleted
    C:\DOCUME~1\Quantin\LOCALS~1\Temp\injs.a9.exe.conf - Deleted
    C:\DOCUME~1\Quantin\LOCALS~1\Temp\injs.aa.exe.conf - Deleted
    C:\WINDOWS\system\smss.exe - Deleted
    C:\WINDOWS\system32\plugin1.dat - Deleted
    C:\WINDOWS\system32\SysPr.prx - Deleted



    Removing Temp Files...

    ADS Check:

    Checking C:\WINDOWS
    C:\WINDOWS
    No streams found.

    Checking C:\WINDOWS\system32
    C:\WINDOWS\system32
    No streams found.

    Checking C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    No streams found.

    Checking C:\WINDOWS\system32\ntoskrnl.exe
    C:\WINDOWS\system32\ntoskrnl.exe
    No streams found.



    Final Check:

    Remaining Services:
    ------------------



    Authorized Application Key Export:

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
    "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
    "C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\\Program Files\\World of Warcraft\\WoW-1.12.0-frFR-downloader.exe"="C:\\Program Files\\World of Warcraft\\WoW-1.12.0-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
    "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\\Program Files\\NetMeeting\\conf.exe"="C:\\Program Files\\NetMeeting\\conf.exe:*:D isabled:Windows© NetMeeting©"
    "C:\\WINDOWS\\system32\\rtcshare.exe"="C:\\WINDOWS\\system32\\rtcshare.exe:*:Enabled:p artage de l'application RTC"
    "C:\\Program Files\\Reallusion\\CrazyTalk for Skype\\CT4Skype.exe"="C:\\Program Files\\Reallusion\\CrazyTalk for Skype\\CT4Skype.exe:*:Enabled:CrazyTalk"
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\\Program Files\\Google\\Google Talk\\googletalk.exe"="C:\\Program Files\\Google\\Google Talk\\googletalk.exe:*:Enabled:Google Talk"
    "C:\\Program Files\\Warcraft III\\Warcraft III.exe"="C:\\Program Files\\Warcraft III\\Warcraft III.exe:*:Enabled:Warcraft III"
    "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"="C:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
    "C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"="C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\81exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\81exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\85exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\85exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\7exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\7exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\61exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\61exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\65exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\65exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\15exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\15exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\67exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\67exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\86exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\86exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\1exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\1exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\46exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\46exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\33exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\33exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\79exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\79exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\35exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\35exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\20exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\20exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\74exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\74exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\3exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\3exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\95exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\95exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\16exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\16exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\78exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\78exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\55exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\55exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\66exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\66exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\30exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\30exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\24exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\24exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\76exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\76exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\19exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\19exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\87exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\87exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\94exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\94exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
    "C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Ex‚cuter une DLL en tant qu'application"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\13exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\13exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\63exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\63exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\0exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\0exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\18exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\18exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\53exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\53exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\57exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\57exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\11exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\11exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\72exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\72exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\25exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\25exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\40exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\40exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\14exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\14exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\39exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\39exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\34exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\34exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\5exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\5exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\17exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\17exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\52exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\52exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\41exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\41exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\54exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\54exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\77exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\77exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\75exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\75exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\51exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\51exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\6exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\6exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\62exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\62exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\96exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\96exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\37exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\37exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\91exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\91exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\32exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\32exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\21exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\21exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\92exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\92exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\26exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\26exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\69exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\69exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\73exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\73exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\56exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\56exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\36exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\36exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\64exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\64exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\10exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\10exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\50exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\50exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\70exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\70exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\83exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\83exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\58exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\58exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\9exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\9exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\43exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\43exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\45exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\45exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\71exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\71exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\2exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\2exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\8exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\8exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\44exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\44exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\98exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\98exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\97exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\97exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\4exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\4exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\29exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\29exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\31exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\31exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\49exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\49exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\22exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\22exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\99exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\99exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\82exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\82exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\38exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\38exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\68exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\68exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\42exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\42exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\counter-strike\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher"
    "C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\condition zero\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\condition zero\\hl.exe:*:Enabled:Half-Life Launcher"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\93exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\93exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\80exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\80exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\12exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\12exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\deathmatch classic\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\deathmatch classic\\hl.exe:*:Enabled:Half-Life Launcher"
    "C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\ricochet\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\y2s\\ricochet\\hl.exe:*:Enabled:Half-Life Launcher"
    "C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\27exinjs.a9.exe"="C:\\DOCUME~1\\Quantin\\LOCALS~1\\Temp\\27exinjs.a9.exe:*:Enabled:Microsoft Update"
    "C:\\Program Files\\Valve\\Steam\\SteamApps\\magnumstyle\\half-life 2 deathmatch\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\magnumstyle\\half-life 2 deathmatch\\hl2.exe:*:Enabled:hl2"
    "C:\\Program Files\\Valve\\Steam\\SteamApps\\magnumstyle\\counter-strike source\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\magnumstyle\\counter-strike source\\hl2.exe:*:Enabled:hl2"
    "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

    Remaining Files:
    ---------------

    Backups Folder: - C:\DOCUME~1\Quantin\Bureau\SDFix\backups\backups.zip

    Listing Files with Hidden Attributes:

    C:\Documents and Settings\All Users\Documents\Mes vid‚os\Rihanna - Music Of The Sun (2005) - Reggae [www.torrentazos.com]\AlbumArtSmall.jpg
    C:\Documents and Settings\All Users\Documents\Mes vid‚os\Rihanna - Music Of The Sun (2005) - Reggae [www.torrentazos.com]\AlbumArt_{1EDCFEF0-4E7C-40B6-A8B6-F8C808B2BF13}_Large.jpg
    C:\Documents and Settings\All Users\Documents\Mes vid‚os\Rihanna - Music Of The Sun (2005) - Reggae [www.torrentazos.com]\AlbumArt_{1EDCFEF0-4E7C-40B6-A8B6-F8C808B2BF13}_Small.jpg
    C:\Documents and Settings\All Users\Documents\Mes vid‚os\Rihanna - Music Of The Sun (2005) - Reggae [www.torrentazos.com]\desktop.ini
    C:\Documents and Settings\All Users\Documents\Mes vid‚os\Rihanna - Music Of The Sun (2005) - Reggae [www.torrentazos.com]\Folder.jpg
    C:\Documents and Settings\All Users\Documents\Mes vid‚os\Rihanna - Music Of The Sun (2005) - Reggae [www.torrentazos.com]\Thumbs.db
    C:\Documents and Settings\Quantin\SendTo\WLM - big68@msn.com\Desktop.ini
    C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp

    Listing User Accounts:


    Administrateur ASPNET HelpAssistant
    Invit‚ Quantin SUPPORT_388945a0
    La commande s'est termin‚e correctement.


    Finished

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 18:18:04, on 25/06/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\SiteAdvisor\6066\SAService.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Trust\DS-3100A Wireless Optical Deskset\Mouse\mouse32a.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\windows\system32\tdfotagt.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\iPod\bin\iPodService.exe
    c:\progra~1\intern~1\iexplore.exe
    C:\Program Files\Hercules\WiFi Station\WifiStation.exe
    C:\Program Files\Antipub\antipub.exe
    C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Quantin\Bureau\HiJackThis_v2.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [Heck sign dash cash] C:\Documents and Settings\All Users\Application Data\ErrorSkipHeckSign\Media grid.exe
    O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\DS-3100A Wireless Optical Deskset\Mouse\mouse32a.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
    O4 - HKCU\..\Run: [Window Creative] C:\DOCUME~1\Quantin\APPLIC~1\COALGR~1\firstgrimlive.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe
    O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
    O4 - Global Startup: WiFi Station.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\JCA2000\StopPub\StopPub.exe
    O9 - Extra 'Tools' menuitem: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\JCA2000\StopPub\StopPub.exe
    O9 - Extra button: Internet Radio by Endicosoft.com - {1F958B09-3312-7f0e-9723-4C1324C57B20} - C:\Program Files\Internet Radio\Radio.exe (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://big68470.spaces.live.com//PhotoUpload/MsnPUpld.c...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{0D380B64-90EB-473E-9E64-76E94F5CC3A5}: NameServer = 213.216.172.62,212.216.172.62
    O17 - HKLM\System\CCS\Services\Tcpip\..\{68394A03-7B36-419E-B545-4C14AD64590B}: NameServer = 213.36.80.1,212.216.172.62
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D44DF079-0D21-4D52-98B9-398961898F5E}: NameServer = 213.36.80.1,212.216.172.62
    O17 - HKLM\System\CS1\Services\Tcpip\..\{0D380B64-90EB-473E-9E64-76E94F5CC3A5}: NameServer = 213.216.172.62,212.216.172.62
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
    O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
    O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
    O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
    O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
    O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
    O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe
    O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
    O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
    O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
    O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

    --
    End of file - 11470 bytes

    Rapport fait à 18:28:07,15 le 25/06/2007

    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 7C78-46A5

    R‚pertoire de C:\Documents and Settings\All Users\Application Data

    25/05/2007 18:13 <REP> Spybot - Search & Destroy
    17/05/2007 22:55 1755 QTSBandwidthCache
    15/05/2007 18:20 <REP> Microsoft Games
    05/05/2007 22:18 <REP> McAfee
    05/05/2007 22:18 <REP> SiteAdvisor
    11/03/2007 02:43 <REP> TEMP
    10/01/2007 23:00 <REP> Skype
    09/01/2007 23:27 <REP> Messenger Plus!
    31/12/2006 19:59 <REP> Google
    26/12/2006 22:26 <REP> ErrorSkipHeckSign
    23/12/2006 13:52 <REP> Windows Genuine Advantage
    23/12/2006 04:20 <REP> .
    23/12/2006 04:20 <REP> ..
    30/06/2006 04:06 <REP> Microsoft
    30/06/2006 04:06 <REP> CyberLink
    30/06/2006 04:06 <REP> Apple Computer
    30/06/2006 04:06 <REP> Adobe
    26/10/2005 05:40 62 desktop.ini
    2 fichier(s) 1817 octets
    16 R‚p(s) 99553431552 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 7C78-46A5

    R‚pertoire de C:\Documents and Settings\Default User\Application Data

    23/12/2006 04:20 <REP> ..
    23/12/2006 04:20 <REP> .
    22/12/2006 19:30 <REP> Adobe
    22/12/2006 19:30 <REP> Apple Computer
    22/12/2006 19:30 <REP> CyberLink
    22/12/2006 19:30 <REP> SampleView
    30/06/2006 04:06 <REP> Microsoft
    30/06/2006 04:06 <REP> Identities
    26/10/2005 05:40 62 desktop.ini
    1 fichier(s) 62 octets
    8 R‚p(s) 99553431552 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 7C78-46A5

    R‚pertoire de C:\Documents and Settings\Quantin\Application Data

    19/05/2007 16:01 <REP> Atari
    15/05/2007 17:44 <REP> Microsoft Games
    05/05/2007 22:18 <REP> SiteAdvisor
    04/05/2007 23:08 <REP> Talkback
    06/04/2007 14:52 <REP> Mozilla
    06/04/2007 14:45 <REP> SecondLife
    20/03/2007 22:32 <REP> Screenshot Sender
    06/02/2007 20:59 <REP> OpenOffice.org2
    06/02/2007 14:17 <REP> ATI
    31/01/2007 01:07 <REP> Help
    30/01/2007 23:36 2171 QuickZip45.ini
    28/01/2007 15:08 <REP> Reallusion
    27/01/2007 23:47 <REP> MessengerSkinner
    23/01/2007 22:18 24 fc_location.txt
    21/01/2007 21:18 <REP> MSNInstaller
    10/01/2007 23:00 <REP> Skype
    05/01/2007 22:44 <REP> teamspeak2
    31/12/2006 19:58 <REP> Sun
    31/12/2006 19:57 <REP> Google
    26/12/2006 22:26 <REP> Coalgreatsave
    23/12/2006 23:05 <REP> BitTorrent
    23/12/2006 16:24 <REP> Macromedia
    23/12/2006 11:07 <REP> InstallShield
    22/12/2006 19:36 <REP> AdobeUM
    22/12/2006 19:32 62 desktop.ini
    22/12/2006 19:32 <REP> Adobe
    22/12/2006 19:32 <REP> Apple Computer
    22/12/2006 19:32 <REP> CyberLink
    22/12/2006 19:32 <REP> Identities
    22/12/2006 19:32 <REP> Microsoft
    22/12/2006 19:32 <REP> SampleView
    22/12/2006 19:32 <REP> ..
    22/12/2006 19:32 <REP> .
    3 fichier(s) 2257 octets
    30 R‚p(s) 99553431552 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 7C78-46A5

    R‚pertoire de C:\Documents and Settings\system

    ******************************************
    Recherche des taches planifiées dans C:\WINDOWS\tasks

    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 7C78-46A5

    R‚pertoire de C:\WINDOWS\Tasks

    27/03/2007 23:51 284 AppleSoftwareUpdate.job
    26/02/2007 20:03 272 A90FDD5391845603.job
    30/06/2006 04:05 <REP> ..
    30/06/2006 04:05 <REP> .
    26/10/2005 10:52 6 SA.DAT
    26/10/2005 05:33 65 desktop.ini
    4 fichier(s) 627 octets
    2 R‚p(s) 99ÿ553ÿ427ÿ456 octets libres

    ******************************************
    Listing des dossiers dans C:\Program Files

    3DO
    Adobe
    Adverts
    Alwil Software
    Antipub
    Apple Software Update
    Atari
    ATI Technologies
    AV Vcs 5.5 DIAMOND
    Browster
    Coalgreatsave
    ComPlus Applications
    CONEXANT
    CyberLink
    DaftTV
    Diablo II
    directx
    Fichiers communs
    Google
    Hercules
    Internet Explorer
    Internet Radio
    InternetGameBox
    iPod
    iTunes
    Java
    JCA2000
    Lavalys
    Messenger
    Messenger Plus! Live
    MessengerSkinner
    microsoft frontpage
    Microsoft Games
    Movie Maker
    Mozilla Firefox
    MSN
    MSN Gaming Zone
    MSN Messenger
    NetMeeting
    Online Services
    OpenOffice.org 2.1
    otron.net
    Outlook Express
    QuickTime
    Realtek AC97
    Services en ligne
    SiteAdvisor
    Skype
    Spybot - Search & Destroy
    Teamspeak2_RC2
    TrackMania Nations ESWC
    Trust
    Valve
    VIA
    VirtualDJ
    Warcraft III
    Windows Media Connect 2
    Windows Media Player
    Windows NT
    WinRAR
    World of Warcraft
    WowCartographe
    xerox
    ******************************************
    Recherche des dossiers/fichiers LOP

    C:\Program Files\Adverts Présent !
    C:\WINDOWS\tasks\A90FDD5391845603.job Présent !
    ******************************************
    Recherche d'infections connues

    C:\WINDOWS\System32\Nvs2.inf Egdaccess possible !
    ******************************************
    Vérification du fichier HOSTS

    Fichier Hosts : Propre
    *************** Fin du Rapport - Version 0.9 ****************

    Re,

    Télécharge Navilog1.exe (IL-MAFIOSO)
    Enregistre-le sur ton Bureau.
    Lance l'installation en double cliquant sur navilog.exe.
    Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
    (Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)

    Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
    [#ff0000]! N'utilise pas l'option 2, 3 et 4 sans notre accord ![/#f]
    Patiente jusqu'à l'apparition de ce message :
    "*** Analyse Termine le ..... ***"
    Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste-nous son contenu de cette manière :

    -> Edition / Sélectionner tout
    -> Edition / Copier
    -> Clique-Droit / Coller dans ta réponse


    NOTE : Le rapport se trouve également ici : C:\fixnavi.txt

    Rapport fait à 18:28:07,15 le 25/06/2007

    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 7C78-46A5

    R‚pertoire de C:\Documents and Settings\All Users\Application Data

    25/05/2007 18:13 <REP> Spybot - Search & Destroy
    17/05/2007 22:55 1755 QTSBandwidthCache
    15/05/2007 18:20 <REP> Microsoft Games
    05/05/2007 22:18 <REP> McAfee
    05/05/2007 22:18 <REP> SiteAdvisor
    11/03/2007 02:43 <REP> TEMP
    10/01/2007 23:00 <REP> Skype
    09/01/2007 23:27 <REP> Messenger Plus!
    31/12/2006 19:59 <REP> Google
    26/12/2006 22:26 <REP> ErrorSkipHeckSign
    23/12/2006 13:52 <REP> Windows Genuine Advantage
    23/12/2006 04:20 <REP> .
    23/12/2006 04:20 <REP> ..
    30/06/2006 04:06 <REP> Microsoft
    30/06/2006 04:06 <REP> CyberLink
    30/06/2006 04:06 <REP> Apple Computer
    30/06/2006 04:06 <REP> Adobe
    26/10/2005 05:40 62 desktop.ini
    2 fichier(s) 1817 octets
    16 R‚p(s) 99553431552 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 7C78-46A5

    R‚pertoire de C:\Documents and Settings\Default User\Application Data

    23/12/2006 04:20 <REP> ..
    23/12/2006 04:20 <REP> .
    22/12/2006 19:30 <REP> Adobe
    22/12/2006 19:30 <REP> Apple Computer
    22/12/2006 19:30 <REP> CyberLink
    22/12/2006 19:30 <REP> SampleView
    30/06/2006 04:06 <REP> Microsoft
    30/06/2006 04:06 <REP> Identities
    26/10/2005 05:40 62 desktop.ini
    1 fichier(s) 62 octets
    8 R‚p(s) 99553431552 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 7C78-46A5

    R‚pertoire de C:\Documents and Settings\Quantin\Application Data

    19/05/2007 16:01 <REP> Atari
    15/05/2007 17:44 <REP> Microsoft Games
    05/05/2007 22:18 <REP> SiteAdvisor
    04/05/2007 23:08 <REP> Talkback
    06/04/2007 14:52 <REP> Mozilla
    06/04/2007 14:45 <REP> SecondLife
    20/03/2007 22:32 <REP> Screenshot Sender
    06/02/2007 20:59 <REP> OpenOffice.org2
    06/02/2007 14:17 <REP> ATI
    31/01/2007 01:07 <REP> Help
    30/01/2007 23:36 2171 QuickZip45.ini
    28/01/2007 15:08 <REP> Reallusion
    27/01/2007 23:47 <REP> MessengerSkinner
    23/01/2007 22:18 24 fc_location.txt
    21/01/2007 21:18 <REP> MSNInstaller
    10/01/2007 23:00 <REP> Skype
    05/01/2007 22:44 <REP> teamspeak2
    31/12/2006 19:58 <REP> Sun
    31/12/2006 19:57 <REP> Google
    26/12/2006 22:26 <REP> Coalgreatsave
    23/12/2006 23:05 <REP> BitTorrent
    23/12/2006 16:24 <REP> Macromedia
    23/12/2006 11:07 <REP> InstallShield
    22/12/2006 19:36 <REP> AdobeUM
    22/12/2006 19:32 62 desktop.ini
    22/12/2006 19:32 <REP> Adobe
    22/12/2006 19:32 <REP> Apple Computer
    22/12/2006 19:32 <REP> CyberLink
    22/12/2006 19:32 <REP> Identities
    22/12/2006 19:32 <REP> Microsoft
    22/12/2006 19:32 <REP> SampleView
    22/12/2006 19:32 <REP> ..
    22/12/2006 19:32 <REP> .
    3 fichier(s) 2257 octets
    30 R‚p(s) 99553431552 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 7C78-46A5

    R‚pertoire de C:\Documents and Settings\system

    ******************************************
    Recherche des taches planifiées dans C:\WINDOWS\tasks

    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 7C78-46A5

    R‚pertoire de C:\WINDOWS\Tasks

    27/03/2007 23:51 284 AppleSoftwareUpdate.job
    26/02/2007 20:03 272 A90FDD5391845603.job
    30/06/2006 04:05 <REP> ..
    30/06/2006 04:05 <REP> .
    26/10/2005 10:52 6 SA.DAT
    26/10/2005 05:33 65 desktop.ini
    4 fichier(s) 627 octets
    2 R‚p(s) 99ÿ553ÿ427ÿ456 octets libres

    ******************************************
    Listing des dossiers dans C:\Program Files

    3DO
    Adobe
    Adverts
    Alwil Software
    Antipub
    Apple Software Update
    Atari
    ATI Technologies
    AV Vcs 5.5 DIAMOND
    Browster
    Coalgreatsave
    ComPlus Applications
    CONEXANT
    CyberLink
    DaftTV
    Diablo II
    directx
    Fichiers communs
    Google
    Hercules
    Internet Explorer
    Internet Radio
    InternetGameBox
    iPod
    iTunes
    Java
    JCA2000
    Lavalys
    Messenger
    Messenger Plus! Live
    MessengerSkinner
    microsoft frontpage
    Microsoft Games
    Movie Maker
    Mozilla Firefox
    MSN
    MSN Gaming Zone
    MSN Messenger
    NetMeeting
    Online Services
    OpenOffice.org 2.1
    otron.net
    Outlook Express
    QuickTime
    Realtek AC97
    Services en ligne
    SiteAdvisor
    Skype
    Spybot - Search & Destroy
    Teamspeak2_RC2
    TrackMania Nations ESWC
    Trust
    Valve
    VIA
    VirtualDJ
    Warcraft III
    Windows Media Connect 2
    Windows Media Player
    Windows NT
    WinRAR
    World of Warcraft
    WowCartographe
    xerox
    ******************************************
    Recherche des dossiers/fichiers LOP

    C:\Program Files\Adverts Présent !
    C:\WINDOWS\tasks\A90FDD5391845603.job Présent !
    ******************************************
    Recherche d'infections connues

    C:\WINDOWS\System32\Nvs2.inf Egdaccess possible !
    ******************************************
    Vérification du fichier HOSTS

    Fichier Hosts : Propre
    *************** Fin du Rapport - Version 0.9 ****************

    A oups mais j'ai posté celui qui c'est affiché tanpis de toute façon il ma dit que sa allais mieu donc c'est pas grave.Merci.

    Mais j'aurais une question mon pc est louche depuis quelque temps,tu aurais pas une solution de verifier apart un scan avec mon antivirus?

    Ok cette aprem je vais voir chez mon ami pour faire l'étape que j'ai zappé mais pourtant j'ai eu un rapport et je les mis bizar bref je verais chez lui.

    Je vais juste te poster mon scan hijackthis et dit moi si il y'a quelque chose de louche.

    merci.

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 12:27:12, on 26/06/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\momo\Bureau\HiJackThis_v2.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: (no name) - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - (no file)
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?0b23295e3ca04d43b2c4210580043c9e
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?0b23295e3ca04d43b2c4210580043c9e
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
    O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
    O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
    O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
    O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
    O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
    O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
    O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
    O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
    O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
    O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe

    --
    End of file - 8548 bytes

    Mais tu n'a pas compris hier soir j'étais chez un ami qui avais des virus et la je ne suis plus chez lui donc je ne peut pas te donner son rapport navilog.

    A moin que c'est moi qui n'a pas compris et que tu veut le rapport navilog de mon pc.
    Lassé par la pub ? Créez un compte
    Tom's guide dans le monde