Antimalware Doctor bloque tout

bonsoir
oui; tu as été très clair  

Désactive ton antivirus et tout autre type de protection.
Télécharge ComboFix de sUBs :
ComboFix.exe
et sauvegarde le sur ton bureau et pas ailleurs!

Double-clic sur ComboFix, Il va te poser une question, suis les invites puis attends que combofix ait terminé, il est possible que ton PC reboot, c’est normal, un rapport sera créé.Poste le rapport:C:\Combofix.txt
clique dessus pour l'ouvrir, puis édition "sélectionner tout", édition "copier"

viens sur le forum et édition "coller"

AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer

Voici le rapport ce Combofix


ComboFix 10-08-17.04 - fabrizio 18/08/2010 22:42:10.1.2 - x86 MINIMAL
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.33.1036.18.2047.1788 [GMT 2:00]
Lancé depuis: c:\documents and settings\fabrizio\Bureau\Netoyage\ComboFix.exe
AV: AntiVir Desktop *On-access scanning enabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\fabrizio\Application Data\F2733DC2FACDF94F85EEEB8CEA93AF5C
c:\documents and settings\fabrizio\Application Data\F2733DC2FACDF94F85EEEB8CEA93AF5C\enemies-names.txt
c:\documents and settings\fabrizio\Application Data\F2733DC2FACDF94F85EEEB8CEA93AF5C\local.ini
c:\documents and settings\fabrizio\Application Data\F2733DC2FACDF94F85EEEB8CEA93AF5C\lsrslt.ini
c:\documents and settings\fabrizio\Application Data\F2733DC2FACDF94F85EEEB8CEA93AF5C\newsecureapp70700.exe
c:\documents and settings\fabrizio\Application Data\GabPath
c:\documents and settings\fabrizio\Application Data\GabPath\config.cfg
c:\documents and settings\fabrizio\Application Data\GabPath\gabpath.exe
c:\documents and settings\fabrizio\Application Data\GabPath\GPUninstall.exe
c:\documents and settings\fabrizio\Application Data\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk
c:\documents and settings\fabrizio\Application Data\ohydy.exe
c:\documents and settings\fabrizio\Local Settings\Application Data\iufbdxeil
c:\documents and settings\fabrizio\Local Settings\Application Data\iufbdxeil\oppmhclshdw.exe
c:\documents and settings\fabrizio\Local Settings\Application Data\Windows Server
c:\documents and settings\fabrizio\Local Settings\Application Data\Windows Server\admin.txt
c:\documents and settings\fabrizio\Local Settings\Application Data\Windows Server\flags.ini
c:\documents and settings\fabrizio\Local Settings\Application Data\Windows Server\server.dat
c:\documents and settings\fabrizio\Local Settings\Application Data\Windows Server\uses32.dat
c:\documents and settings\fabrizio\x.exe
c:\windows\egiyoqeviwe.dll
c:\windows\sdstsvr.dll
c:\windows\system32\drivers\ndisrd.sys
c:\windows\system32\dumphive.exe
c:\windows\system32\msrun.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe

c:\windows\explorer.exe . . . est infecté!!

c:\windows\system32\winlogon.exe . . . est infecté!!

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SSHNAS


((((((((((((((((((((((((((((( Fichiers créés du 2010-07-18 au 2010-08-18 ))))))))))))))))))))))))))))))))))))
.

2010-08-18 15:38 . 2010-08-18 20:52 783872 ----a-w- c:\windows\system32\drivers\sodlx.sys
2010-08-18 12:47 . 2010-08-18 12:47 -------- d-----w- c:\windows\system32\LogFiles
2010-08-18 08:05 . 2010-08-18 08:05 219648 ----a-w- c:\windows\Fzokua.exe
2010-08-16 22:06 . 2010-08-16 22:06 -------- d-----w- c:\documents and settings\fabrizio\Application Data\Command and Conquer 4
2010-08-15 20:23 . 2010-08-15 21:42 -------- d-----w- c:\documents and settings\fabrizio\Local Settings\Application Data\id Software
2010-08-15 20:09 . 2010-08-15 20:09 -------- d-----w- c:\program files\Activision
2010-08-15 20:08 . 2010-08-15 20:08 -------- d-sh--w- c:\windows\ftpcache
2010-08-15 20:02 . 2010-08-15 20:02 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-08-15 20:02 . 2010-08-15 20:08 -------- d-----w- c:\documents and settings\fabrizio\Application Data\DAEMON Tools Lite
2010-08-15 20:02 . 2010-08-15 20:02 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2010-08-15 15:02 . 2010-08-15 15:02 -------- d-----w- c:\documents and settings\fabrizio\Application Data\NVIDIA
2010-08-14 21:57 . 2010-08-14 21:57 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2010-08-14 21:57 . 2010-08-14 21:57 232968 ----a-w- c:\windows\system32\nvdrsdb0.bin
2010-08-14 21:57 . 2010-08-14 21:57 1 ----a-w- c:\windows\system32\nvdrssel.bin
2010-08-14 21:57 . 2010-08-14 21:57 232968 ----a-w- c:\windows\system32\nvdrsdb1.bin
2010-08-14 21:57 . 2010-08-14 21:57 -------- d-----w- c:\program files\NVIDIA Corporation
2010-08-14 21:56 . 2010-07-09 22:38 61440 ----a-w- c:\windows\system32\OpenCL.dll
2010-08-14 21:56 . 2010-07-09 22:38 2914408 ----a-w- c:\windows\system32\nvcuvid.dll
2010-08-14 21:56 . 2010-07-09 22:38 2506344 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-08-14 21:56 . 2010-07-09 22:38 4595712 ----a-w- c:\windows\system32\nvcuda.dll
2010-08-14 21:56 . 2010-07-09 22:38 2195030 ----a-w- c:\windows\system32\nvdata.bin
2010-08-14 21:56 . 2010-07-09 22:38 10260480 ----a-w- c:\windows\system32\nvcompiler.dll
2010-08-14 21:56 . 2010-08-14 21:56 -------- d-----w- C:\NVIDIA
2010-08-14 15:55 . 2010-07-06 12:12 30528 ----a-w- c:\windows\system32\TURegOpt.exe
2010-08-14 15:55 . 2010-07-06 12:07 30016 ----a-w- c:\windows\system32\uxtuneup.dll
2010-08-14 15:54 . 2010-08-14 15:54 -------- d-----w- c:\documents and settings\fabrizio\Application Data\TuneUp Software
2010-08-14 15:54 . 2010-08-14 15:55 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-08-14 15:54 . 2010-08-14 15:54 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2010-08-14 15:54 . 2010-08-14 15:54 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-08-14 15:34 . 2010-08-14 15:34 -------- d-----w- c:\program files\CCleaner
2010-08-13 22:40 . 2010-08-12 22:59 57608 ----a-w- c:\documents and settings\All Users\Application Data\ResultDns\resultdns111.exe
2010-08-13 22:38 . 2010-08-13 22:44 -------- d-----w- c:\program files\ResultDns
2010-08-13 22:38 . 2010-08-13 22:40 -------- d-----w- c:\documents and settings\All Users\Application Data\ResultDns
2010-08-13 22:08 . 2010-08-13 22:09 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Temp
2010-07-23 21:55 . 2009-11-06 05:04 10377728 ----a-w- c:\documents and settings\fabrizio\Application Data\CocoonSoftware\QMC\ffmpeg.exe
2010-07-23 21:55 . 2008-04-02 10:35 7945216 ----a-w- c:\documents and settings\fabrizio\Application Data\CocoonSoftware\QMC\ffmpegHD.exe
2010-07-23 21:55 . 2010-07-23 21:55 -------- d-----w- c:\documents and settings\All Users\Application Data\QuickMediaConverter
2010-07-23 21:54 . 2010-07-23 21:54 -------- d-----w- c:\documents and settings\fabrizio\Application Data\CocoonSoftware
2010-07-23 21:54 . 2010-07-23 21:54 -------- d-----w- c:\documents and settings\fabrizio\Local Settings\Application Data\WDSetup

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-18 19:54 . 2010-03-29 14:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-08-18 17:19 . 2010-03-30 16:11 -------- d-----w- c:\program files\Steam
2010-08-18 16:03 . 2010-03-29 14:59 -------- d-----w- c:\documents and settings\fabrizio\Application Data\vlc
2010-08-18 15:59 . 2010-04-08 11:32 -------- d-----w- c:\documents and settings\fabrizio\Application Data\Winamp
2010-08-18 15:43 . 2006-03-02 12:00 211072 ----a-w- c:\windows\system32\drivers\ndis.sys
2010-08-18 13:49 . 2010-03-29 13:05 196608 ----a-w- c:\windows\system32\drivers\nStandard.bin
2010-08-18 11:30 . 2010-04-01 15:17 -------- d-----w- c:\documents and settings\fabrizio\Application Data\uTorrent
2010-08-17 20:56 . 2010-07-09 18:11 -------- d-----w- c:\program files\Electronic Arts
2010-08-17 20:41 . 2010-03-29 19:58 -------- d-----w- c:\documents and settings\fabrizio\Application Data\Apple Computer
2010-08-16 21:32 . 2010-03-29 12:53 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-16 21:11 . 2010-04-02 10:20 -------- d-----w- c:\program files\Mount&Blade Warband
2010-08-15 20:02 . 2010-03-30 16:09 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-08-14 22:02 . 2010-03-30 16:09 -------- d-----w- c:\documents and settings\fabrizio\Application Data\DAEMON Tools
2010-08-14 21:58 . 2010-06-11 22:25 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard
2010-08-13 23:31 . 2010-05-12 12:46 0 ----a-w- c:\windows\system32\Access.dat
2010-07-23 21:54 . 2010-03-31 20:11 -------- d-----w- c:\program files\QuickMediaConverter
2010-07-17 21:06 . 2010-03-29 20:24 -------- d-----w- c:\documents and settings\fabrizio\Application Data\dvdcss
2010-07-09 22:38 . 2010-03-29 13:04 604776 ----a-w- c:\windows\system32\nvudisp.exe
2010-07-09 22:38 . 2007-06-28 16:43 6343040 ----a-w- c:\windows\system32\nv4_disp.dll
2010-07-09 22:38 . 2007-06-28 16:43 236136 ----a-w- c:\windows\system32\nvcodins.dll
2010-07-09 22:38 . 2007-06-28 16:43 236136 ----a-w- c:\windows\system32\nvcod.dll
2010-07-09 22:38 . 2007-06-28 16:43 1388544 ----a-w- c:\windows\system32\nvapi.dll
2010-07-09 22:38 . 2007-06-28 16:43 13549568 ----a-w- c:\windows\system32\nvoglnt.dll
2010-07-09 22:38 . 2007-06-28 16:43 10604128 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2010-07-09 21:18 . 2010-07-09 21:18 -------- d-----w- c:\documents and settings\fabrizio\Application Data\La Bataille pour la Terre du Milieu ™ II
2010-07-09 15:24 . 2010-06-24 11:12 -------- d-----w- c:\program files\Virtual CD v9
2010-07-09 15:16 . 2010-06-12 21:57 -------- d-----w- c:\program files\vmntoolbar
2010-07-07 11:46 . 2010-03-29 12:45 604776 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-07-05 16:31 . 2010-07-05 12:53 -------- d-----w- c:\program files\PremiumSoft
2010-07-04 20:35 . 2010-07-04 20:35 131 ----a-w- c:\documents and settings\fabrizio\Local Settings\Application Data\fusioncache.dat
2010-07-01 18:47 . 2010-07-01 18:46 -------- d-----w- c:\program files\Micro Trivial Pursuit
2010-06-30 21:22 . 2010-06-24 18:16 -------- d-----w- c:\program files\LucasArts
2010-06-25 13:08 . 2010-06-25 12:09 -------- d-----w- c:\program files\Divinity II - Ego Draconis
2010-06-25 12:25 . 2010-06-25 12:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Divinity 2
2010-06-24 22:10 . 2006-03-02 12:00 85404 ----a-w- c:\windows\system32\perfc00C.dat
2010-06-24 22:10 . 2006-03-02 12:00 513080 ----a-w- c:\windows\system32\perfh00C.dat
2010-06-24 11:17 . 2010-06-24 11:17 -------- d-----w- c:\program files\Fichiers communs\DirectX
2010-06-22 21:09 . 2010-06-22 21:09 -------- d-----w- c:\program files\WinPcap
2010-06-21 20:40 . 2010-06-12 11:20 -------- d-----w- c:\documents and settings\fabrizio\Application Data\Sites
2010-06-14 14:30 . 2010-03-29 12:38 743936 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-11 22:25 . 2010-06-11 22:25 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys
2010-06-11 22:25 . 2010-06-11 22:25 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2010-06-02 02:55 . 2010-06-24 13:31 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2010-06-02 02:55 . 2010-06-24 13:31 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2010-06-02 02:55 . 2010-06-24 13:31 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2010-05-30 14:32 . 2010-03-29 13:07 75512 ----a-w- c:\documents and settings\fabrizio\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-05-26 09:41 . 2010-06-24 13:31 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2010-05-26 09:41 . 2010-06-24 13:31 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2010-05-26 09:41 . 2010-06-24 13:31 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2010-05-26 09:41 . 2010-06-24 13:31 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2010-05-26 09:41 . 2010-06-24 13:31 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2010-08-13 22:38 . 2010-08-13 22:38 211456 ----a-w- c:\program files\mozilla firefox\components\gpff.dll
.

------- Sigcheck -------

[-] 2010-08-18 15:43 . !HASH: COULD NOT OPEN FILE !!!!! . 211072 . . [------] . . c:\windows\system32\drivers\ndis.sys
[-] 2010-08-18 15:43 . !HASH: COULD NOT OPEN FILE !!!!! . 211072 . . [------] . . c:\windows\system32\dllcache\ndis.sys
[-] 2008-04-13 19:20 . !HASH: COULD NOT OPEN FILE !!!!! . 182656 . . [------] . . c:\windows\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\ndis.sys

[-] 2008-04-14 . DD73D6B9F6B4CB630CF35B438B540174 . 512000 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\winlogon.exe
[-] 2006-03-02 . 8427097371D511F1C83B46E7E91D314B . 506368 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe

[-] 2008-04-14 . F2317622D29F9FF0F88AEECD5F60F0DD . 1037824 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\explorer.exe
[-] 2006-03-02 . 4AE82BBD878D474FA738E1462AC7E0E7 . 1036288 . . [6.00.2900.2180] . . c:\windows\explorer.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 61952]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2005-05-21 925696]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-07-22 28160]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 49152]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-03-30 149280]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2009-01-21 92168]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2008-06-10 1442888]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-01-13 37888]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2010-04-20 202256]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2010-03-30 1820040]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1753192]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-01-07 1394000]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-02 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-3-29 528384]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide du logiciel HP Image Zone.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide du logiciel HP Image Zone.lnk
backup=c:\windows\pss\Démarrage rapide du logiciel HP Image Zone.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSGamerOSD]
2007-07-12 08:03 380928 ----a-w- c:\program files\ASUS\GamerOSD\GamerOSD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-02-15 16:07 141608 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
2010-03-29 13:10 32768 ----a-w- c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2010-03-30 09:16 1820040 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2004-08-19 14:22 1667584 ------w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 13:57 153136 ----a-w- c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2007-08-07 00:05 200704 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-10 21:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Registry Cleaner Scheduler]
2004-09-25 04:13 90112 ----a-w- c:\program files\CleanMyPC\Registry Cleaner\RCScheduler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 14:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TunngleService"=2 (0x2)
"Hamachi2Svc"=2 (0x2)
"ATKKeyboardService"=2 (0x2)
"Apple Mobile Device"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\Fichiers communs\\Ahead\\Nero Web\\SetupX.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Steam\\steam.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Steam\\SteamApps\\hunter0014\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\Tunngle\\TnglCtrl.exe"=
"c:\\Program Files\\Tunngle\\Tunngle.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\WINDOWS\\system32\\javaw.exe"=
"c:\\wamp\\bin\\apache\\Apache2.2.11\\bin\\httpd.exe"=
"c:\\Program Files\\Electronic Arts\\La Bataille pour la Terre du Milieu II\\game.dat"=
"c:\\Program Files\\Activision\\Wolfenstein\\MP\\Wolf2MP.exe"=
"c:\\Program Files\\Activision\\Wolfenstein\\MP\\Wolf2MPLite.exe"=
"c:\\Program Files\\Steam\\SteamApps\\hunter0014\\day of defeat source\\hl2.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [15/08/2010 22:02 691696]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [29/03/2010 16:44 135336]
S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [13/05/2010 16:22 136176]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [20/10/2009 20:19 50704]
S2 ResultDns Service;ResultDns Service;c:\documents and settings\All Users\Application Data\ResultDns\resultdns111.exe [14/08/2010 0:40 57608]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [6/07/2010 14:10 1051968]
S2 wrgkmklo;IEEE-1284.4 HPZid412Support;c:\windows\System32\svchost.exe -k netsvcs [2/03/2006 14:00 14336]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\drivers\tap0901t.sys [12/05/2010 14:45 27136]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [24/02/2010 14:41 10064]
S4 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [30/03/2010 11:16 1107336]
S4 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [12/05/2010 14:45 679672]

--- Autres Services/Pilotes en mémoire ---

*Deregistered* - sodlx

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
wrgkmklo
.
Contenu du dossier 'Tâches planifiées'

2010-07-23 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2010-08-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-13 14:22]

2010-08-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-13 14:22]

2010-08-18 c:\windows\Tasks\HPpromotions journeysoftware.job
- c:\program files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe [2005-04-22 15:36]

2010-08-18 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-790525478-842925246-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]

2010-08-18 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-790525478-842925246-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://eu.ask.com?o=15780&l=dis
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = http=127.0.0.1:6522
IE: E&xporter vers Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\fabrizio\Application Data\Mozilla\Firefox\Profiles\00kcw5ep.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.be
FF - component: c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\fabrizio\Application Data\Mozilla\plugins\np-mswmp.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- PARAMETRES FIREFOX ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-GabPath - c:\documents and settings\fabrizio\Application Data\GabPath\gabpath.exe
HKCU-Run-Mwihuwi - c:\windows\sdstsvr.dll
HKCU-Run-newsecureapp70700.exe - c:\documents and settings\fabrizio\Application Data\F2733DC2FACDF94F85EEEB8CEA93AF5C\newsecureapp70700.exe
HKCU-Run-atsohtbv - c:\documents and settings\fabrizio\Local Settings\Application Data\iufbdxeil\oppmhclshdw.exe
HKLM-Run-atsohtbv - c:\documents and settings\fabrizio\Local Settings\Application Data\iufbdxeil\oppmhclshdw.exe
AddRemove-advantage_DAEM - c:\documents and settings\fabrizio\Application Data\advantage\AdVUninst.exe
AddRemove-GabPath - c:\documents and settings\fabrizio\Application Data\GabPath\GPUninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-18 22:51
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe >>UNKNOWN [0x8A2E50E0]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf763bfc3
\Driver\ACPI -> ACPI.sys @ 0xf74a2cb8
\Driver\atapi -> atapi.sys @ 0xf78567b4
IoDeviceObjectType -> ParseProcedure -> ntoskrnl.exe @ 0x80579c89
\Device\Harddisk0\DR0 -> ParseProcedure -> ntoskrnl.exe @ 0x80579c89
user & kernel MBR OK
PE file found in sector at 0x013153ECF !

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\sodlx]

.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(1812)
c:\windows\system32\msi.dll
c:\program files\Nero\Nero 7\Nero BackItUp\NBShell.dll
c:\program files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll
c:\program files\WinRAR\rarext.dll
c:\program files\Avira\AntiVir Desktop\shlext.dll
c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\MFC90FRA.DLL
c:\program files\PowerISO\PWRISOSH.DLL
c:\program files\Malwarebytes' Anti-Malware\mbamext.dll
c:\windows\system32\browselc.dll
c:\windows\system32\shdoclc.dll
c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
.
Heure de fin: 2010-08-18 22:55:26 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-08-18 20:55

Avant-CF: 39.613.562.880 octets libres
Après-CF: 39.534.977.024 octets libres

- - End Of File - - C92F9EBEA698A4636F19ADFEFC4B695D

bonsoir


je pense que ce ne sont pas les seuls...
donc on va utiliser un outil qui nous permettra de naviguer sur ton pc sans être sous windows. du coup; après le scan, on fera des remplacements des fichiers infectés...
Télécharge OTLPENet.
Prépare un CD vierge et lance OTLPENet, cela va te permettre de graver une mage iso.
Note : Le CD gravé, il faut maintenant redémarrer la machine sur le lecteur CDROM
Pour se faire suivre ce lien : Booter sur un CD.
Tuto OTLPE

Tu lances l'iso d'OTLPENet que tu as gravé.

une fois le bureau de reatogo chargé , tu lances OTLPE , l'icône jaune

Double-clique sur l'icone OTLPE

quand demandé "Do you wish to load the remote registry", select Yes

quand demandé "Do you wish to load remote user profile(s) for scanning", select Yes

vérifier que "Automatically Load All Remaining Users" est sélectionné et press OK

sous Custom Scan box
1 copie_colle le contenu du cadre ci dessous:

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
cdrom.sys
disk.sys
ndis.sys
mountmgr.sys
aec.sys
rasacd.sys
mrxsmb10.sys
mrxsmb20.sys
termdd.sys
mrxsmb.sys
win32k.sys
storport.sys
IdeChnDr.sys
viasraid.sys
explorer.exe
winlogon.exe
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT

copie colle ce texte dans un fichier texte|bloc note que tu enregistres sur clé usb que tu brancheras sous reatogo tu pourras alors facilement le copier\coller.

2 Clic Run Scan pour démarrer le scan.

Une fois terminé , le fichier se trouve là C:\OTL.txt

Copie_colle le contenu dans ta prochaine réponse.

Okay je vai faire ca et je te poste la réponse dès que possible , merci

sauvegarde tes données car ça risque d'être rock'n'roll  

Rock n Roll tu dis j'adore \m/_ je le grave a l'instant et j'effectue le scan je te dirai quoi demain car après je vais dormir ^^ bonne nuit et merci

Voici le rapport du scan:

OTL logfile created on: 8/20/2010 12:13:58 AM - Run
OTLPE by OldTimer - Version 3.1.40.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 87.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 40.25 Gb Free Space | 27.01% Space Free | Partition Type: NTFS
Drive D: | 465.75 Gb Total Space | 458.07 Gb Free Space | 98.35% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 990.72 Mb Total Space | 868.91 Mb Free Space | 87.70% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 433.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet002

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto] -- C:\WINDOWS\System32\jherzqp.dll -- (wrgkmklo)
SRV - File not found [On_Demand] -- C:\Program Files\WinPcap\rpcapd.exe -d -f %ProgramFiles%\WinPcap\rpcapd.ini -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - File not found [Auto] -- C:\ComboFix\PEV.cfx -- (PEVSystemStart)
SRV - File not found [Disabled] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [Auto] -- C:\DOCUME~1\fabrizio\Bureau\VPNCLI~1\INSTAL~1.EXE -- (CiscoVpnInstallService)
SRV - File not found [On_Demand] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/08/14 11:55:13 | 000,435,008 | ---- | M] (TuneUp Software) [On_Demand] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010/08/12 18:59:42 | 000,057,608 | ---- | M] () [Auto] -- C:\Documents and Settings\All Users\Application Data\ResultDns\resultdns111.exe -- (ResultDns Service)
SRV - [2010/07/06 08:10:24 | 001,051,968 | ---- | M] (TuneUp Software) [Auto] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010/07/06 08:07:34 | 000,030,016 | ---- | M] (TuneUp Software) [Auto] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010/04/19 11:47:48 | 000,267,432 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/04/16 02:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Disabled] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/30 05:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) [Disabled] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010/02/24 03:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/12/11 13:40:04 | 000,679,672 | ---- | M] (Tunngle.net GmbH) [Disabled] -- C:\Program Files\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2009/06/17 05:18:42 | 006,582,912 | ---- | M] () [On_Demand] -- c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe -- (wampmysqld)
SRV - [2008/12/09 19:10:14 | 000,024,636 | ---- | M] (Apache Software Foundation) [On_Demand] -- c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe -- (wampapache)
SRV - [2007/07/12 10:30:42 | 000,257,024 | ---- | M] (ASUSTeK COMPUTER INC.) [Disabled] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService)
SRV - [2007/06/27 13:04:00 | 000,279,848 | ---- | M] (Nero AG) [On_Demand] -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2006/12/13 20:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/12/13 20:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/12/13 19:46:16 | 000,057,344 | ---- | M] () [On_Demand] -- C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006/10/26 13:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 08:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/04/03 18:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/09/29 06:14:36 | 000,069,632 | ---- | M] (HP) [Auto] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- C:\DOCUME~1\fabrizio\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010/08/19 17:02:42 | 000,783,872 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\sodlx.sys -- (sodlx)
DRV - [2010/08/18 11:43:28 | 000,211,072 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2010/08/15 16:02:35 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010/07/09 18:38:00 | 010,604,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010/06/11 18:25:52 | 000,281,760 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2010/06/11 18:25:51 | 000,025,888 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010/03/01 03:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/02/24 08:41:50 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010/02/16 07:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/02/03 09:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/09/16 01:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)
DRV - [2009/05/11 05:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/05/11 03:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/01/13 13:13:52 | 000,049,160 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2009/01/13 13:13:44 | 000,014,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2009/01/13 13:13:28 | 000,029,192 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2009/01/13 13:13:20 | 000,019,336 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2008/11/16 12:39:44 | 000,131,984 | ---- | M] (Deterministic Networks, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2007/08/06 20:15:07 | 000,033,052 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2007/07/12 04:03:42 | 000,012,416 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\asusgsb.sys -- (asusgsb)
DRV - [2007/07/12 04:03:40 | 000,010,752 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Video3D32.sys -- (Video3D)
DRV - [2007/07/12 04:03:38 | 000,012,288 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2007/07/12 04:03:38 | 000,011,136 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)
DRV - [2007/06/29 08:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2007/01/18 14:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2006/07/12 09:38:30 | 000,020,480 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/07/12 09:38:28 | 000,057,856 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006/07/01 16:42:58 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/10/11 12:07:38 | 000,393,088 | R--- | M] (Sensaura) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2005/10/06 13:21:10 | 000,141,312 | R--- | M] (Analog Devices, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2005/08/10 09:48:26 | 000,329,072 | R--- | M] (Jungo) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2005/07/22 17:41:46 | 000,026,112 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe)
DRV - [2005/07/22 17:41:42 | 000,068,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2004/10/27 09:21:36 | 000,138,240 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004/10/27 09:21:30 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004/08/03 17:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2002/08/08 09:51:32 | 000,038,951 | ---- | M] (Sony Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NETMDUSB.sys -- (NETMDUSB)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\fabrizio_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\fabrizio_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\fabrizio_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>



========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.be"
FF - prefs.js..extensions.enabledItems: {71328583-3CA7-4809-B4BA-570A85818FBB}:0.6.3
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3
FF - prefs.js..extensions.enabledItems: {1A615EA8-4C56-49EE-BE83-F9A264B79997}:1.0
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/04/20 11:20:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/19 10:47:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/14 09:14:38 | 000,000,000 | ---D | M]

[2010/03/31 16:01:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fabrizio\Application Data\Mozilla\Extensions
[2010/03/31 16:01:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fabrizio\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/08/19 13:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fabrizio\Application Data\Mozilla\Firefox\Profiles\00kcw5ep.default\extensions
[2010/08/15 09:33:59 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\fabrizio\Application Data\Mozilla\Firefox\Profiles\00kcw5ep.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/29 15:53:48 | 000,000,000 | ---D | M] (CacheViewer) -- C:\Documents and Settings\fabrizio\Application Data\Mozilla\Firefox\Profiles\00kcw5ep.default\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}
[2010/08/15 09:34:00 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\fabrizio\Application Data\Mozilla\Firefox\Profiles\00kcw5ep.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/05/16 14:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fabrizio\Application Data\Mozilla\Firefox\Profiles\00kcw5ep.default\extensions\radiobar@toolbar
[2010/08/06 07:50:01 | 000,002,252 | ---- | M] () -- C:\Documents and Settings\fabrizio\Application Data\Mozilla\Firefox\Profiles\00kcw5ep.default\searchplugins\askcom.xml
[2010/08/19 13:58:40 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/13 18:38:38 | 000,000,000 | ---D | M] (ResultDns) -- C:\Program Files\Mozilla Firefox\extensions\{1A615EA8-4C56-49EE-BE83-F9A264B79997}
[2010/04/01 13:07:29 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/04/01 13:07:29 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/04/01 13:07:29 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/02/15 16:49:16 | 000,000,940 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\vmndtxtb.xml
[2010/04/01 13:07:29 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/04/01 13:07:29 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2010/08/19 12:51:32 | 000,000,792 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKU\fabrizio_ON_C\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [combofix] C:\ComboFix\CF7561.cfx File not found
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\fabrizio_ON_C..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\fabrizio_ON_C..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKLM..\RunOnce: [combofix] C:\ComboFix\CF7561.cfx File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\fabrizio_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\fabrizio_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-wind... (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-wind... (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-wind... (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-wind... (Java Plug-in 1.6.0_17)
O18 - Protocol\Handler\bw+0 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw+0s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw-0 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw00 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw00s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw-0s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw10 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw10s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw20 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw20s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw30 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw30s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw40 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw40s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw50 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw50s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw60 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw60s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw70 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw70s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw80 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw80s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw90 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw90s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwa0 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwa0s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwb0 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwb0s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwc0 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwc0s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwd0 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwd0s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwe0 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwe0s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwf0 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwf0s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwg0 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwg0s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwh0 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwh0s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwi0 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwi0s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwj0 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwj0s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwk0 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwk0s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwl0 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwl0s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwm0 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwm0s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwn0 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwn0s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwo0 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwo0s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwp0 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwp0s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwq0 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwq0s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwr0 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwr0s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bws0 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bws0s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwt0 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwt0s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwu0 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwu0s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwv0 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwv0s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bww0 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bww0s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwx0 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwx0s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwy0 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwy0s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwz0 {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwz0s {8eb99e16-992b-4a70-91d4-444068d50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\offline-8876480 {8EB99E16-992B-4A70-91D4-444068D50062} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/08/19 10:55:58 | 000,000,004 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/08/19 23:15:58 | 000,000,089 | -HS- | M] () - F:\autorun.inf -- [ FAT ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: wrgkmklo - C:\WINDOWS\System32\jherzqp.dll File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

MsConfig - Services: "TunngleService"
MsConfig - Services: "Hamachi2Svc"
MsConfig - Services: "ATKKeyboardService"
MsConfig - Services: "Apple Mobile Device"
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe - (Logitech)
MsConfig - StartUpReg: ASUSGamerOSD - hkey= - key= - C:\Program Files\ASUS\GamerOSD\GamerOSD.exe (ASUSTeK Computer Inc.)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: LDM - hkey= - key= - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech)
MsConfig - StartUpReg: LogMeIn Hamachi Ui - hkey= - key= - C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe (Nero AG)
MsConfig - StartUpReg: PWRISOVM.EXE - hkey= - key= - C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: Registry Cleaner Scheduler - hkey= - key= - C:\Program Files\CleanMyPC\Registry Cleaner\RCScheduler.exe (CleanMyPC Software)
MsConfig - StartUpReg: SpybotSD TeaTimer - hkey= - key= - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - C:\ComboFix\PEV.cfx File not found
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: NDIS - C:\WINDOWS\System32\drivers\ndis.sys ()
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetBT - File not found
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - C:\ComboFix\PEV.cfx File not found
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error.
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Lecteur Windows Media Microsoft 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Logiciel de navigation hors connexion
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP E /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Aide sur Internet Explorer
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Outils d'installation Internet Explorer
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Améliorations pour la navigation
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - Accès au site MSN
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {72AD53CC-CCC0-3757-8480-9EE176866A7C} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Liaison de données Dynamic HTML
ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Polices de base Internet Explorer
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - Aide HTML
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Ligos Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Ligos Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()

========== Files/Folders - Created Within 30 Days ==========

[2010/08/19 14:55:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\fabrizio\Recent
[2010/08/19 11:09:44 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/08/19 11:08:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/08/19 10:47:41 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010/08/19 08:54:37 | 000,000,000 | ---D | C] -- C:\Kill'em
[2010/08/19 08:54:32 | 000,000,000 | ---D | C] -- C:\Program Files\List_Kill'em
[2010/08/18 16:37:09 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/08/18 16:37:09 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/08/18 16:37:09 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/08/18 16:37:09 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/08/18 16:37:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/08/18 16:35:24 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/08/18 16:32:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\fabrizio\Bureau\Netoyage
[2010/08/18 08:47:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010/08/18 06:18:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\fabrizio\Bureau\Skins dod
[2010/08/18 04:05:52 | 000,219,648 | ---- | C] (ApexDC++ Development Team) -- C:\WINDOWS\Fzokua.exe
[2010/08/16 18:06:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\fabrizio\Application Data\Command and Conquer 4
[2010/08/16 17:38:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\fabrizio\Bureau\OST cdz
[2010/08/15 17:42:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\fabrizio\Mes documents\id Software
[2010/08/15 16:23:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\fabrizio\Local Settings\Application Data\id Software
[2010/08/15 16:09:01 | 000,000,000 | ---D | C] -- C:\Program Files\Activision
[2010/08/15 16:08:23 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2010/08/15 16:02:35 | 000,691,696 | ---- | C] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/08/15 16:02:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\fabrizio\Application Data\DAEMON Tools Lite
[2010/08/15 15:43:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\fabrizio\Bureau\WolfenStein
[2010/08/15 11:02:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\fabrizio\Application Data\NVIDIA
[2010/08/14 17:57:04 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/08/14 17:56:40 | 002,914,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll
[2010/08/14 17:56:40 | 002,506,344 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll
[2010/08/14 17:56:40 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2010/08/14 17:56:38 | 010,260,480 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll
[2010/08/14 17:56:38 | 004,595,712 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuda.dll
[2010/08/14 17:56:31 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010/08/14 12:39:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\fabrizio\Bureau\Command and Conquer
[2010/08/14 11:55:14 | 000,030,528 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2010/08/14 11:55:13 | 000,030,016 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2010/08/14 11:54:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\fabrizio\Application Data\TuneUp Software
[2010/08/14 11:54:46 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2010
[2010/08/14 11:53:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\fabrizio\Bureau\TuneUp
[2010/08/14 11:34:09 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/08/13 18:08:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp
[2010/07/23 17:54:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\fabrizio\Application Data\CocoonSoftware
[2010/07/23 17:54:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\fabrizio\Local Settings\Application Data\WDSetup
[2005/05/11 17:36:48 | 000,012,288 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\Fonts\RandFont.dll
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\fabrizio\Mes documents\*.tmp files -> C:\Documents and Settings\fabrizio\Mes documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/08/19 17:02:43 | 000,229,376 | -H-- | M] () -- C:\Documents and Settings\NetworkService\NTUSER.DAT
[2010/08/19 17:02:42 | 000,783,872 | ---- | M] () -- C:\WINDOWS\System32\drivers\sodlx.sys
[2010/08/19 17:02:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/19 17:02:39 | 007,340,032 | -H-- | M] () -- C:\Documents and Settings\fabrizio\NTUSER.DAT
[2010/08/19 17:02:39 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\fabrizio\ntuser.ini
[2010/08/19 12:51:32 | 000,000,792 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010/08/19 11:07:23 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/08/19 10:55:58 | 000,000,004 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/08/19 08:54:36 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\fabrizio\Bureau\List_Kill'em.lnk
[2010/08/18 15:35:50 | 000,000,795 | ---- | M] () -- C:\WINDOWS\lsrslt.ini
[2010/08/18 13:25:41 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/18 13:22:44 | 000,229,376 | -H-- | M] () -- C:\Documents and Settings\LocalService\NTUSER.DAT
[2010/08/18 13:22:39 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/18 13:18:12 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/18 13:18:11 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-790525478-842925246-725345543-1004.job
[2010/08/18 12:00:24 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/08/18 11:43:28 | 000,211,072 | ---- | M] () -- C:\WINDOWS\System32\drivers\ndis.sys
[2010/08/18 11:43:27 | 000,211,072 | ---- | M] () -- C:\WINDOWS\System32\dllcache\ndis.sys
[2010/08/18 11:32:00 | 000,001,058 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/18 11:06:13 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-790525478-842925246-725345543-1004.job
[2010/08/18 10:00:00 | 000,000,372 | ---- | M] () -- C:\WINDOWS\tasks\HPpromotions journeysoftware.job
[2010/08/18 09:49:22 | 000,196,608 | ---- | M] () -- C:\WINDOWS\System32\drivers\nStandard.bin
[2010/08/18 09:15:54 | 000,072,192 | ---- | M] () -- C:\Documents and Settings\fabrizio\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/18 04:05:45 | 000,219,648 | ---- | M] (ApexDC++ Development Team) -- C:\WINDOWS\Fzokua.exe
[2010/08/17 17:06:56 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\fabrizio\Bureau\iTunes.lnk
[2010/08/17 17:06:34 | 003,670,759 | ---- | M] () -- C:\Documents and Settings\fabrizio\Bureau\The Beatles - Yesterday_converted.mp3
[2010/08/17 08:00:34 | 735,541,248 | ---- | M] () -- C:\Documents and Settings\fabrizio\Bureau\Le Maitre d ecole ( par stall ).avi
[2010/08/16 19:21:16 | 000,166,568 | ---- | M] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/08/15 16:23:27 | 000,000,868 | ---- | M] () -- C:\Documents and Settings\fabrizio\Bureau\Wolf2.lnk
[2010/08/15 16:02:35 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/08/14 17:57:12 | 000,232,968 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/08/14 17:57:12 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/08/14 17:57:09 | 000,232,968 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/08/14 17:57:09 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk
[2010/08/14 11:34:11 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\fabrizio\Bureau\CCleaner.lnk
[2010/08/14 09:33:51 | 000,000,628 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/08/14 09:33:51 | 000,000,345 | RHS- | M] () -- C:\boot.ini
[2010/08/13 19:31:28 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\Access.dat
[2010/08/13 18:41:37 | 010,866,688 | ---- | M] () -- C:\Documents and Settings\fabrizio\Mes documents\vlc-1.1.2-win32.exe
[2010/07/23 17:59:05 | 000,000,746 | ---- | M] () -- C:\Documents and Settings\fabrizio\Bureau\QuickMediaConverter.lnk
[2010/07/23 17:55:39 | 000,000,752 | ---- | M] () -- C:\Documents and Settings\fabrizio\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickMediaConverter.lnk
[2010/07/23 16:46:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/07/21 17:29:19 | 000,002,575 | ---- | M] () -- C:\Documents and Settings\fabrizio\Bureau\Microsoft Office Word 2007.lnk
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\fabrizio\Mes documents\*.tmp files -> C:\Documents and Settings\fabrizio\Mes documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/19 08:54:36 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\fabrizio\Bureau\List_Kill'em.lnk
[2010/08/18 16:37:09 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/08/18 16:37:09 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/08/18 16:37:09 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/08/18 16:37:09 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/08/18 16:37:09 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/08/18 11:38:33 | 000,783,872 | ---- | C] () -- C:\WINDOWS\System32\drivers\sodlx.sys
[2010/08/18 09:15:57 | 735,541,248 | ---- | C] () -- C:\Documents and Settings\fabrizio\Bureau\Le Maitre d ecole ( par stall ).avi
[2010/08/17 17:06:30 | 003,670,759 | ---- | C] () -- C:\Documents and Settings\fabrizio\Bureau\The Beatles - Yesterday_converted.mp3
[2010/08/16 19:21:16 | 000,166,568 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/08/15 16:23:27 | 000,000,868 | ---- | C] () -- C:\Documents and Settings\fabrizio\Bureau\Wolf2.lnk
[2010/08/14 17:57:12 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/08/14 17:57:09 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/08/14 17:57:09 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/08/14 17:57:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk
[2010/08/14 17:56:40 | 000,007,959 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2010/08/14 17:56:38 | 002,195,030 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010/08/14 11:34:11 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\fabrizio\Bureau\CCleaner.lnk
[2010/08/13 18:41:37 | 010,866,688 | ---- | C] () -- C:\Documents and Settings\fabrizio\Mes documents\vlc-1.1.2-win32.exe
[2010/07/23 17:59:05 | 000,000,746 | ---- | C] () -- C:\Documents and Settings\fabrizio\Bureau\QuickMediaConverter.lnk
[2010/07/19 06:02:53 | 000,000,795 | ---- | C] () -- C:\WINDOWS\lsrslt.ini
[2010/07/09 14:06:44 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\fabrizio\default.pls
[2010/07/05 08:53:26 | 001,589,248 | ---- | C] () -- C:\WINDOWS\System32\libmysql_d.dll
[2010/07/04 16:35:36 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\fabrizio\Local Settings\Application Data\fusioncache.dat
[2010/06/30 17:25:07 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2010/06/12 17:59:44 | 000,002,560 | ---- | C] () -- C:\Documents and Settings\fabrizio\Application Data\Par défaut.cls
[2010/06/12 07:20:46 | 000,012,800 | ---- | C] () -- C:\Documents and Settings\fabrizio\Application Data\Settings.cfg
[2010/06/12 06:49:29 | 000,006,397 | ---- | C] () -- C:\Documents and Settings\fabrizio\x.log
[2010/06/11 18:25:52 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010/06/11 18:25:51 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010/05/18 11:19:03 | 000,000,038 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010/05/01 11:04:12 | 000,290,904 | R--- | C] () -- C:\WINDOWS\System32\vc6-re200l.dll
[2010/04/26 16:10:26 | 000,000,263 | ---- | C] () -- C:\WINDOWS\MPLAB.INI
[2010/04/20 10:58:44 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2010/04/20 10:58:44 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2010/04/10 13:29:56 | 000,532,480 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Sony.dll
[2010/03/29 10:58:45 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/03/29 10:58:41 | 000,072,192 | ---- | C] () -- C:\Documents and Settings\fabrizio\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8

re
le rapport est incomplet
utilise ceci:
http://www.sendspace.com/

Désolé je n'avais pas fais attention ^^ , voici le liens

http://www.sendspace.com/file/v9i7t3

Bonsoir
Démarre OTLPENet à partir du CD comme tu viens de le faire.
Copie le fichier Fix.txt sur ta clé USB.
http://www.sendspace.com/file/1waoyx

Insère ta clé USB avec le fichier Fix.txt dans ton PC

Démarre OTLPE

Fais un glisser/déposer du fichier Fix.txt dans la boîte de dialogue Custom scans and fixes.

Si cela ne marche pas, clique sur Run Fix et une boîte de dialogue s'ouvrira pour te demander de selectionner un endroit, déroule jusqu'au fichier Fix.txt qui est sur ta clé USB.

Puis clique sur Run Fix

Laisse l'outil travailler.

Poste un nouveau rapport OTL ( Ne coche pas les cases LOP et Purity cette fois )

+++++++++++++++++++++++++++++++++++++


Rends toi sur ce lien : Virus Total
analyse le fichier en gras et poste le rapport stp
C:\WINDOWS\Fzokua.exe

Très bien mon problème est résolu ^^.
Comment dois-je faire pour noter le poste comme résolu ?

'soir
j'attends tes rapports.  
il y a de fortes chances que l'on doive virer Fzokua.exe mais j'aimerais qu'il soit remonté aux editeurs d'antivirus avant .