Bonjour,

J'ai surement un problème de virus...
Mon antivirus, antivir se désactive tout seul de temps en temps alors je suis obligé de le réinstaller...

Voilà mon rapport hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:47:49, on 27/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\vssvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\Thomas\Bureau\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [InnoSetupRegFile.0000000001] "C:\WINDOWS\is-8CRT1.exe" /REG
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe

--
End of file - 4405 bytes


Se fichier:C:\WINDOWS\is-8CRT1.exe à été analysé sur virus total et panda l'a détecté comme " suspect "

Ais-je des virus ?

A+
Merci

Ok je vais l'envoyer.
Le scan ne signale aucun virus.

Que dois-je faire à part ca ?

J'ai envoyé mais il m'a demandé de créer un compte donc je ne sais si c'est ok ?

Je ne trouve pas le fichier et même si je colle la ligne que tu m'as donné il me dis que 0bytes n'as été envoyé

Merci

dsl pour le retard je n'étais pas chez moi.

Merci voilà:

Main.txt

Deckard's System Scanner v20071014.68
Run by Thomas on 2008-07-31 21:52:14
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


Backed up registry hives.
Performed disk cleanup.

[color=red]Percentage of Memory in Use: 89% (more than 75%).[/color]
[color=red]Total Physical Memory: 448 MiB (512 MiB recommended).[/color]


-- HijackThis (run as Thomas.exe) ----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:56:16, on 31/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\vssvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\Thomas\Bureau\dss.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Deckard\SYSTEM~1\backup\DOCUME~1\Thomas\Bureau\Thomas.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe

--
End of file - 4151 bytes

-- File Associations -----------------------------------------------------------

[COLOR=red].cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*[/COLOR]
[COLOR=red].cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*[/COLOR]
[COLOR=red].reg - regfile - shell\open\command - regedit.exe "%1" %*[/COLOR]
[COLOR=red].scr - scrfile - shell\open\command - "%1" %*[/COLOR]


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 sfsync02 (StarForce Protection Synchronization Driver (version 2.x)) - c:\windows\system32\drivers\sfsync02.sys <Not Verified; Protection Technology; StarForce Protection System>

S2 npkcrypt - c:\program files\nexon\europemaplestory\npkcrypt.sys (file missing)
S3 EagleNT - c:\windows\system32\drivers\eaglent.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 AntiVirScheduler (Avira AntiVir Personal – Free Antivirus Scheduler) - "c:\program files\avira\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; AntiVir Workstation>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Fingerprint Sensor
Device ID: USB\VID_08FF&PID_2580\5&3A73E780&0&1
Manufacturer:
Name: Fingerprint Sensor
PNP Device ID: USB\VID_08FF&PID_2580\5&3A73E780&0&1
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Contrôleur de bus USB
Device ID: PCI\VEN_1002&DEV_4386&SUBSYS_30C2103C&REV_00\3&61AAA01&0&9D
Manufacturer:
Name: Contrôleur de bus USB
PNP Device ID: PCI\VEN_1002&DEV_4386&SUBSYS_30C2103C&REV_00\3&61AAA01&0&9D
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ACPI\IFX0102\4&2C4C3B2A&0
Manufacturer:
Name:
PNP Device ID: ACPI\IFX0102\4&2C4C3B2A&0
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ACPI\HPQ0004\3&61AAA01&0
Manufacturer:
Name:
PNP Device ID: ACPI\HPQ0004\3&61AAA01&0
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ACPI\HPQ0006\2&DABA3FF&0
Manufacturer:
Name:
PNP Device ID: ACPI\HPQ0006\2&DABA3FF&0
Service:


-- Files created between 2008-06-30 and 2008-07-31 -----------------------------

2008-07-31 21:53:32 0 d-------- C:\Documents and Settings\Thomas\plugtmp
2008-07-31 21:53:14 0 d-------- C:\Documents and Settings\Thomas\MessengerCache
2008-07-31 21:52:13 0 d--h----- C:\Documents and Settings\Thomas\~emnosto.tmp
2008-07-31 20:51:03 0 d-------- C:\downloads
2008-07-31 20:51:03 0 d-------- C:\Documents and Settings\Thomas\Application Data\FMZilla
2008-07-31 20:49:40 0 d-------- C:\Program Files\Free Music Zilla
2008-07-31 19:37:50 0 --a-----t C:\Documents and Settings\LocalService\etilqs_oyrEYGELYYXPHqa
2008-07-31 19:37:50 512 --a-----t C:\Documents and Settings\LocalService\etilqs_6rZWs6mdlxBoqUZ-journal
2008-07-31 13:33:24 0 d---s---- C:\Documents and Settings\Thomas\Cookies
2008-07-30 20:29:33 82944 --a------ C:\WINDOWS\system32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-07-30 20:29:33 81920 --a------ C:\WINDOWS\system32\404Fix.exe <Not Verified; S!Ri.URZ; 404Fix>
2008-07-29 22:56:47 0 dr-h----- C:\Documents and Settings\Thomas\Recent
2008-07-27 11:33:05 0 d-------- C:\Program Files\Avira
2008-07-26 13:56:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-07-26 12:30:53 0 d-------- C:\WINDOWS\system32\NtmsData
2008-07-25 13:41:16 4980736 --a------ C:\Documents and Settings\Thomas\ntuser.dat
2008-07-22 11:58:36 0 d-------- C:\Documents and Settings\Thomas\Application Data\Groove Games
2008-07-20 15:52:16 0 d-------- C:\Documents and Settings\Thomas\Application Data\dvdcss
2008-07-19 13:45:48 0 d-------- C:\Documents and Settings\Thomas\Application Data\Ahead
2008-07-19 13:42:49 155648 -ra------ C:\WINDOWS\system32\NeroCheck.exe <Not Verified; Ahead Software Gmbh; Ahead Software Gmbh NeroCheck>
2008-07-19 13:40:12 0 d-------- C:\Documents and Settings\All Users\Application Data\Ahead
2008-07-19 13:40:10 106496 -ra------ C:\WINDOWS\system32\TwnLib20.dll <Not Verified; Pegasus Software; TWNLIB20>
2008-07-19 13:40:10 38912 -ra------ C:\WINDOWS\system32\picn20.dll <Not Verified; Pegasus Imaging Corp.; PEGASUS>
2008-07-19 13:40:10 544768 -ra------ C:\WINDOWS\system32\imagx5.dll <Not Verified; Pegasus Software, LLC; ImagXpress>
2008-07-19 13:40:09 569344 -ra------ C:\WINDOWS\system32\imagr5.dll <Not Verified; Pegasus Software,LLC; ImagXpress>
2008-07-19 13:40:07 0 d-------- C:\Program Files\Fichiers communs\Ahead
2008-07-19 13:40:01 0 d-------- C:\Program Files\Ahead
2008-07-17 18:41:50 0 d-------- C:\Program Files\Ubisoft
2008-07-15 12:00:37 0 d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-07-15 12:00:21 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-07-15 11:59:52 11264 --a------ C:\WINDOWS\system32\SpOrder.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows NT(TM) Operating System>
2008-07-15 11:57:16 0 d-------- C:\WINDOWS\Internet Logs
2008-07-14 22:10:49 0 d-------- C:\Documents and Settings\Thomas\Application Data\Malwarebytes
2008-07-14 22:10:46 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-14 22:10:45 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-14 14:19:34 0 d-------- C:\Program Files\Sports Interactive
2008-07-14 09:59:30 25600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-07-14 09:59:30 289144 --a------ C:\WINDOWS\system32\VCCLSID.exe <Not Verified; S!Ri; >
2008-07-14 09:59:30 86528 --a------ C:\WINDOWS\system32\VACFix.exe <Not Verified; S!Ri.URZ; VACFix>
2008-07-14 09:59:30 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2008-07-14 09:59:30 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility>
2008-07-14 09:59:30 51200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-07-13 23:22:01 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-12 20:27:26 0 d--h----- C:\WINDOWS\$hf_mig$
2008-07-01 17:31:21 0 d-------- C:\Program Files\Astase
2008-06-30 18:28:23 68096 --a------ C:\WINDOWS\zip.exe
2008-06-30 18:28:23 49152 --a------ C:\WINDOWS\VFind.exe
2008-06-30 18:28:23 161792 --a------ C:\WINDOWS\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-06-30 18:28:23 98816 --a------ C:\WINDOWS\sed.exe
2008-06-30 18:28:23 80412 --a------ C:\WINDOWS\grep.exe
2008-06-30 18:28:23 89504 --a------ C:\WINDOWS\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-06-30 18:28:22 212480 --a------ C:\WINDOWS\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-06-30 18:28:22 136704 --a------ C:\WINDOWS\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-06-30 16:50:58 0 d-------- C:\Program Files\Mozilla Thunderbird
2008-06-30 12:46:01 0 d-------- C:\Program Files\CCleaner


-- Find3M Report ---------------------------------------------------------------

2008-07-31 21:52:52 0 d-------- C:\Documents and Settings\Thomas\Application Data\Mozilla
2008-07-31 19:10:15 0 d-------- C:\Program Files\e-anim
2008-07-31 13:31:10 0 d-------- C:\Program Files\7-Zip
2008-07-19 19:05:08 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-07-19 13:40:07 0 d-------- C:\Program Files\Fichiers communs
2008-07-19 10:25:02 0 d-------- C:\Program Files\Java
2008-07-13 11:53:45 713728 --a------ C:\WINDOWS\system32\opengl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-04 23:07:26 0 d-------- C:\Program Files\RegSeeker
2008-07-01 08:42:20 0 -r-hs---- C:\config.sys
2008-06-27 23:09:18 0 d-------- C:\Program Files\PC Inspector File Recovery
2008-06-26 23:11:16 0 d-------- C:\Documents and Settings\Thomas\Application Data\Adobe
2008-06-26 23:10:16 0 d-------- C:\Program Files\Fichiers communs\Adobe
2008-06-25 17:34:41 0 d-------- C:\Program Files\AusLogics Disk Defrag
2008-06-23 19:35:00 0 d--h----- C:\Program Files\WindowsUpdate
2008-06-23 18:53:14 0 d-------- C:\Program Files\Movie Maker
2008-06-23 18:49:11 0 d-------- C:\Program Files\Windows NT
2008-06-23 10:48:39 0 d-------- C:\Program Files\VideoLAN
2008-06-23 09:29:06 0 d-------- C:\Documents and Settings\Thomas\Application Data\gtk-2.0
2008-06-20 20:33:06 0 d-------- C:\Program Files\Fichiers communs\InstallShield
2008-06-20 15:21:45 0 d-------- C:\Program Files\ATI Technologies
2008-06-20 13:24:37 0 d-------- C:\Documents and Settings\Thomas\Application Data\Macromedia
2008-06-20 09:25:10 0 d-------- C:\Program Files\Analog Devices
2008-06-20 09:16:42 0 d-------- C:\Program Files\Hewlett-Packard
2008-06-20 09:02:45 0 d-------- C:\Program Files\Common Files
2008-06-20 09:00:22 0 d-------- C:\Documents and Settings\Thomas\Application Data\ATI
2008-06-20 08:59:57 0 --a------ C:\WINDOWS\ativpsrm.bin
2008-06-20 08:46:30 0 d-------- C:\Program Files\Microsoft Visual Studio .NET
2008-06-19 22:52:27 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-06-19 21:18:36 2925 --a------ C:\WINDOWS\mozver.dat
2008-06-19 21:16:38 0 d-------- C:\Program Files\Messenger Plus! Live
2008-06-19 21:12:36 0 d-------- C:\Program Files\Windows Live
2008-06-19 21:12:19 0 d--hs--c- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-06-19 21:02:19 0 d-------- C:\Program Files\OOoHG
2008-06-19 21:00:19 0 d-------- C:\Program Files\OpenOffice.org 2.1
2008-06-19 20:58:01 0 d-------- C:\Program Files\Fichiers communs\Java
2008-06-19 20:53:47 0 --a------ C:\WINDOWS\nsreg.dat
2008-06-19 20:23:31 0 d-------- C:\Program Files\Broadcom
2008-06-19 20:23:28 0 d-------- C:\Documents and Settings\Thomas\Application Data\InstallShield
2008-06-19 20:18:02 0 d-------- C:\Program Files\Drivers
2008-06-19 20:02:29 0 d-------- C:\Program Files\Fichiers communs\ODBC
2008-06-19 20:02:26 0 d-------- C:\Program Files\Fichiers communs\SpeechEngines
2008-06-19 19:29:01 0 d-------- C:\Program Files\Inventel
2008-06-19 19:29:00 278528 --a------ C:\Program Files\Fichiers communs\FDEUnInstaller.exe <Not Verified; ; FDEUninstaller>
2008-06-19 19:18:37 0 d-------- C:\Documents and Settings\Thomas\Application Data\Identities
2008-06-19 19:11:57 0 d-------- C:\Program Files\microsoft frontpage
2008-06-19 19:11:38 0 -rahs---- C:\MSDOS.SYS
2008-06-19 19:11:38 0 -rahs---- C:\IO.SYS
2008-06-19 19:10:27 0 d-------- C:\Program Files\Services en ligne
2008-06-19 19:09:12 0 d-------- C:\Program Files\Fichiers communs\MSSoap
2008-06-19 19:08:40 21892 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-06-19 19:07:58 0 d-------- C:\Program Files\MSN Gaming Zone
2008-06-02 21:05:00 593920 -----n--- C:\WINDOWS\system32\ati2sgag.exe <Not Verified; ; ATI Smart>


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [10/11/2006 12:35]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [05/01/2007 22:36]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [10/06/2008 04:27]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [12/02/2008 10:06]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
"DisableRegistryTools"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ClearRecentDocsOnExit"=0100000000000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Notification Packages"= scecli scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Thomas^Menu Démarrer^Programmes^Démarrage^Raccourci vers Nett_auto_user.lnk]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc

*Newly Created Service* - USNJSVC



-- End of Deckard's System Scanner: finished at 2008-07-31 21:57:07 ------------

Ce n'est pas ça ?

Il n'est pas présent.

C'est pareil