Voila les logs demandés !
Logfile of random's system information tool 1.06 (written by random/random)
Run by BOB at 2009-03-28 20:01:17
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 9 GB (32%) free of 29 GB
Total RAM: 958 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:01, on 28-03-09
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\PalickSoft\HDD Temperature\HDDTSvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\Logi_MwX.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\HPZinw12.exe
C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\WINDOWS\system32\HPZipm12.exe
D:\telechargt_par_ firefox\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\BOB.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:8800
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://tchat.voila.fr
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{31C66E2F-7C52-475F-9BB8-1F1388028E68}: NameServer = 80.10.246.1,80.10.246.132
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BestSync Service (BestSyncSvc) - RiseFly Software - C:\Program Files\RiseFly\BestSync\BestSyncSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HDD Temperature (HDDTService) - PalickSoft - C:\Program Files\PalickSoft\HDD Temperature\HDDTSvc.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Lettriq Drivers Auto Removal (pr2aqb2b) (pr2aqb2b) - Vocabelum Inc - C:\WINDOWS\system32\pr2aqb2b.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP1\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP1\RpcSandraSrv.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
End of file - 10987 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Maintenance en 1 clic.job
C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll [2008-09-22 66888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - SnagIt - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll [2008-09-22 161096]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-01-24 7311360]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-01-24 86016]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2004-10-27 61952]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2005-05-20 925696]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2005-09-07 716800]
"!AVG Anti-Spyware"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe [2007-06-11 6731312]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2008-01-20 217088]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-02-13 185896]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-07-17 266497]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2007-12-13 919016]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"Logitech Utility"=C:\WINDOWS\Logi_MwX.Exe [2003-12-17 19968]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2008-10-10 69632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-04 1667584]
"Uniblue RegistryBooster 2009"=C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
C:\Program Files\Real\RealPlayer\RealPlay.exe [2008-02-13 214560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-03-01 15872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2006-02-19 288472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^BOB^Menu Démarrer^Programmes^Démarrage^Pinnacle Systems - Studio Family.lnk]
C:\PROGRA~1\Pinnacle\STUDIO~1\EREGIS~1\Remind32.exe [1998-07-23 67584]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
Démarrage rapide de HP Photosmart Premier.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll [2008-11-07 72208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-03 240128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [2007-05-30 79408]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Pando Networks\Pando\pando.exe"="C:\Program Files\Pando Networks\Pando\pando.exe:*:Disabled:pando"
"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe:*:Enabled:Kaspersky Anti-Virus"
"C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 7.0.1.321\English\setup.exe"="C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 7.0.1.321\English\setup.exe:*:Enabled:Kaspersky Anti-Virus 7.0 Setup"
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP1\Win32\RpcDataSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP1\Win32\RpcDataSrv.exe:*:Enabled:SiSoftware Database Agent Service"
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP1\RpcSandraSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP1\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service"
"C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe"="C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe:*:Enabled:Kaspersky AV Scanner"
"F:\setup\HPZNET01.EXE"="F:\setup\HPZNET01.EXE:*:Enabled:hpznet01.exe"
"F:\setup\HPONICIFS01.EXE"="F:\setup\HPONICIFS01.EXE:*:Enabled:hponicifs01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

======List of files/folders created in the last 1 months======

2009-03-28 20:01:17 ----D---- C:\rsit
2009-03-28 17:24:30 ----D---- C:\Documents and Settings\BOB\Application Data\Uniblue
2009-03-28 17:24:10 ----D---- C:\Program Files\Uniblue
2009-03-28 17:23:40 ----HDC---- C:\Documents and Settings\All Users\Application Data\~0
2009-03-20 19:27:33 ----A---- C:\WINDOWS\system32\ssprs.dll
2009-03-20 19:27:33 ----A---- C:\WINDOWS\system32\lsprst7.dll
2009-03-20 19:27:20 ----D---- C:\Program Files\FilmFX2
2009-03-20 19:07:40 ----A---- C:\WINDOWS\system32\SHSMP.DLL
2009-03-20 19:07:38 ----N---- C:\WINDOWS\system32\gear81sd.DLL
2009-03-20 18:46:56 ----A---- C:\WINDOWS\unvise32.exe
2009-03-20 18:46:40 ----D---- C:\Program Files\Alpha Magic
2009-03-12 09:57:29 ----D---- C:\Program Files\Audacity
2009-03-11 15:59:24 ----A---- C:\WINDOWS\HFREP.INI
2009-03-11 15:36:11 ----D---- C:\proShop

======List of files/folders modified in the last 1 months======

2009-03-28 20:01:20 ----D---- C:\WINDOWS\Prefetch
2009-03-28 19:28:53 ----D---- C:\WINDOWS\Internet Logs
2009-03-28 19:02:07 ----D---- C:\Program Files\Mozilla Thunderbird
2009-03-28 17:30:30 ----D---- C:\Program Files\Mozilla Firefox
2009-03-28 17:28:36 ----D---- C:\Program Files\Lettriq
2009-03-28 17:28:09 ----SHD---- C:\WINDOWS\Installer
2009-03-28 17:28:09 ----HD---- C:\Config.Msi
2009-03-28 17:24:28 ----D---- C:\WINDOWS\Temp
2009-03-28 17:24:10 ----RD---- C:\Program Files
2009-03-28 16:50:57 ----D---- C:\WINDOWS
2009-03-28 16:45:40 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-03-26 22:36:27 ----D---- C:\Program Files\PKR
2009-03-25 19:00:08 ----D---- C:\Documents and Settings\BOB\Application Data\Adobe
2009-03-25 19:00:08 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-03-24 23:48:58 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-03-24 08:27:53 ----D---- C:\WINDOWS\system32
2009-03-22 20:08:29 ----D---- C:\WINDOWS\Help
2009-03-20 19:14:23 ----HD---- C:\Program Files\InstallShield Installation Information
2009-03-17 13:22:25 ----D---- C:\Program Files\Adobe
2009-03-13 20:34:43 ----A---- C:\WINDOWS\NeroDigital.ini
2009-03-06 16:03:18 ----RSD---- C:\WINDOWS\Fonts
2009-03-04 21:24:17 ----A---- C:\WINDOWS\PhotoSnapViewer.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys []
R1 AvgAsCln;AVG Anti-Spyware Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgAsCln.sys [2007-05-30 10872]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-11-26 75072]
R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-01-20 33292]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2007-12-13 394952]
R2 LBeepKE;LBeepKE; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2008-09-26 10384]
R2 PCLEPCI;PCLEPCI; C:\WINDOWS\system32\drivers\PCLEPCI.sys [2000-07-27 14235]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2005-10-05 141312]
R3 AEAudioService;AEAudio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2005-03-04 127872]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 CTL511Plus;Video Blaster WebCam 3/WebCam Plus (WDM); C:\WINDOWS\system32\DRIVERS\webc3vid.sys [2001-11-07 166504]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-10-27 138240]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2008-09-26 20240]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-09-26 35472]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-09-26 37392]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2008-09-26 28816]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-01-24 3535520]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-02-17 34176]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-02-17 13056]
R3 SDVPlus;Pinnacle Studio DVplus WDM Renderer; C:\WINDOWS\system32\DRIVERS\SDVPlus.sys [2000-09-26 63862]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2005-08-11 393088]
R3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2004-08-03 48128]
S3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN); C:\WINDOWS\system32\DRIVERS\alcan5wn.sys [2003-12-08 53600]
S3 alcaudsl;SpeedTouch ADSL Modem ATM Transport; C:\WINDOWS\system32\DRIVERS\alcaudsl.sys [2003-12-08 70688]
S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2004-08-03 38912]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-10-27 145920]
S3 L8042PR2;Logitech PS/2 Mouse Filter Driver; C:\WINDOWS\System32\Drivers\l8042pr2.sys [2003-12-17 51729]
S3 LHidFlt2;Logitech HID/USB Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys [2003-12-17 25505]
S3 LHidUsb;Logitech USB Receiver device driver; C:\WINDOWS\System32\Drivers\LHidUsb.Sys [2003-12-17 37887]
S3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\WINDOWS\System32\Drivers\LMouFlt2.sys [2003-12-17 70801]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2004-08-03 51328]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 ST330;ST330; C:\WINDOWS\system32\drivers\st330.sys [2006-11-23 30464]
S3 STBUS;STBUS; C:\WINDOWS\system32\drivers\stbus.sys [2006-11-23 12672]
S3 stppp;Speedtouch PPP Adapter Adapter; C:\WINDOWS\system32\DRIVERS\stppp.sys [2006-11-23 32000]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-08-02 611664]
R2 AntiVirScheduler;AntiVir PersonalEdition Classic Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-23 68865]
R2 AntiVirService;AntiVir PersonalEdition Classic Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-23 151297]
R2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe [2007-05-30 312880]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2005-09-30 96341]
R2 HDDTService;HDD Temperature; C:\Program Files\PalickSoft\HDD Temperature\HDDTSvc.exe [2004-11-24 384512]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-01-24 131139]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2004-08-03 14336]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2007-12-13 75304]
S2 BestSyncSvc;BestSync Service; C:\Program Files\RiseFly\BestSync\BestSyncSvc.exe [2007-11-17 487424]
S2 pr2aqb2b;Lettriq Drivers Auto Removal (pr2aqb2b); C:\WINDOWS\system32\pr2aqb2b.exe [2008-06-06 415088]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-11-23 68096]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2006-02-04 654848]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe [2008-11-07 121360]
S3 SandraDataSrv;SiSoftware Database Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP1\Win32\RpcDataSrv.exe [2007-12-12 213176]
S3 SandraTheSrv;SiSoftware Sandra Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP1\RpcSandraSrv.exe [2007-12-12 1253568]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2008-10-20 355584]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S4 Oebc550;Oebc550; C:\WINDOWS\system32\drivers\aeaudio.sys [2005-03-04 127872]


info.txt logfile of random's system information tool 1.06 2009-03-28 20:01:23

======Uninstall list======

-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe After Effects 5.0-->MsiExec.exe /I{5FAB6A66-2DAC-11D4-8524-00C04F602FD3}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe MPEG Encoder-->MsiExec.exe /I{9811A185-3D3D-11D6-9E14-00036D172B00}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c
Adobe Premiere 6.5-->C:\WINDOWS\UNIN040C.EXE -f"C:\Program Files\Adobe\Premiere 6.5\DeIsL1.isu" -c"C:\Program Files\Adobe\Premiere 6.5\Uninst.dll"
Adobe Premiere Pro CS3 Functional Content-->MsiExec.exe /I{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}
Adobe Premiere Pro CS3 Third Party Content-->MsiExec.exe /I{485ACF57-F364-440A-8496-E1E81C8FA1AA}
Adobe Premiere Pro CS3-->C:\Program Files\Fichiers communs\Adobe\Installers\32fdd767b4383606e8168e834af5d90\Setup.exe
Adobe Premiere Pro CS3-->MsiExec.exe /I{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}
Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Adobe Setup-->MsiExec.exe /I{BB81360F-041C-4CF7-B15E-71380D154244}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe XMP DVA Panels CS3-->MsiExec.exe /I{0224CACC-994D-45F8-B973-D65056EA9C2F}
Adobe XMP Panels CS3-->MsiExec.exe /I{D5A31AB1-345D-47C7-A87B-036A669F6DF1}
adsl TV-->C:\Program Files\adslTV\Uninstal.exe
Advanced RealMedia Export Plug-in for Premiere 6.0-->C:\Program Files\Adobe\Premiere 6.5\Plug-ins\RNCompiler\rnuninst.exe RealNetworks|RNCompiler|6.0
Alpha Magic Demo-->C:\WINDOWS\unvise32.exe C:\Program Files\Alpha Magic\uninstal.log
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
AVG Anti-Spyware 7.5-->C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Azureus Vuze-->C:\Program Files\Azureus\uninstall.exe
BestSync® 2008-->MsiExec.exe /I{517EEBB8-8F61-4218-8E2B-5CFCF09DB874}
Canon Camera Access Library-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini"
Canon Camera Support Core Library-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini"
Canon Camera Window DC_DV 5 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini"
Canon Camera Window DC_DV 6 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"
Canon Camera Window MC 6 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowMC\Uninst.ini"
Canon i550-->C:\WINDOWS\system32\CNMCP49.exe "-PRINTERNAMECanon i550" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon i550 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon i550 Installer\Inst2\cnmi040c.dll"
CANON iMAGE GATEWAY Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CRWUnInstall.ini"
Canon Internet Library for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CIGUnInstall.ini"
Canon PhotoRecord-->MsiExec.exe /X{BEF56F2D-56ED-4176-BF72-7B68D4A3B98D}
Canon RAW Image Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini"
Canon RemoteCapture Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"
Canon RemoteCapture Task for ZoomBrowser EX-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{2811B04D-5AAB-4117-8FF8-79529D54634F}
Canon Utilities Digital Photo Professional 2.2-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\Digital Photo Professional\Uninst.ini"
Canon Utilities EOS Utility-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini"
Canon Utilities PhotoStitch-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini"
Canon Utilities ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini"
CarteSurTable Demo-->"C:\Program Files\CarteSurTable\Uninstall.exe" "C:\Program Files\CarteSurTable\install.log" -u
CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}
Creative Video Blaster WebCam 3 USB/WebCam Plus Driver-->C:\WINDOWS\ctdrvins.exe -uninstall usb\vid_05a9&pid_a511 -plugin webc3pin.dll -pluginres webc3pin.crl
DebugMode FrameServer-->"C:\Program Files\Adobe\Adobe Premiere Pro CS3\Plug-ins\fr_FR\fsuninst.exe"
DebugMode Wink-->"C:\Program Files\DebugMode\Wink\uninst.exe"
DG834-->C:\WINDOWS\uninst.exe -f"C:\Program Files\Netgear\DG834\DeIsL1.isu" -c"C:\Program Files\Netgear\DG834\_ISREG32.DLL"
DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVD-lab PRO 2.1-->"C:\Program Files\DVDlabPro2\unins000.exe"
EVEREST Ultimate Edition v4.50-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
FilmFX 2.25.731-->C:\WINDOWS\unvise32.exe C:\Program Files\FilmFX2\uninstal.log
HD Tune 2.10-->"C:\Program Files\HD Tune\unins000.exe"
HDD Temperature-->MsiExec.exe /I{6C8F4EAB-CC57-42C5-9BAD-B5605675D69D}
High Definition Audio Driver Package - KB888111-->C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
HP Customer Participation Program 7.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Document Viewer 7.0-->C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP Imaging Device Functions 7.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Premier Software 6.5-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Photosmart, Officejet and Deskjet 7.0.A-->C:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\setup\hpzscr01.exe -datfile hposcr11.dat
HP Scanjet 4070-->C:\Program Files\HP\Digital Imaging\{7DB9BF65-46AC-4803-82AA-14EFCA927789}\setup\hpzscr01.exe -datfile hpgscr01.dat
HP Software Update-->MsiExec.exe /X{457791C5-D702-4143-A7B2-2744BE9573F2}
HP Solution Center 7.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
InterActual Player-->C:\Program Files\InterActual\InterActual Player\inuninst.exe
Java(TM) 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Kaspersky Online Scanner-->C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
KC Softwares VideoInspector-->"C:\Program Files\KC Softwares\VideoInspector\unins000.exe"
KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}
Language pack for Ad-Aware SE-->C:\PROGRA~1\Lavasoft\AD-AWA~2\Plugins\Langs\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~2\Plugins\Langs\INSTALL.LOG
Logitech MouseWare 9.79.1 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\Setup.exe" -l0x40c -l040c UNINSTALL
Logitech SetPoint-->"C:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe" -runfromtemp -l0x040c -removeonly
Ludiclub.com-->C:\WINDOWS\system32\GKSUI20.EXE C:\Program Files\Ludiclub\UninstallEF3E.DAT
Ma-Config.com plugin-->MsiExec.exe /I{6F06A42D-525C-49ED-8622-E16790956CD8}
Magic ISO Maker v5.4 (build 0251)-->C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
Magic Tools Print Folder 1.0.0.353-->"C:\Program Files\Magic Tools Print Folder\unins000.exe"
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Micro Application - 3 500 Cliparts Vectoriels 2-->C:\WINDOWS\unin040c.exe -fC:\MicroApp\Cliparts2\DeIsL1.isu
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office PowerPoint Viewer 2007 (English)-->MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mozilla Firefox (2.0.0.20)-->C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.21)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Nero 6 Ultra Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Nero Digital-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
NVIDIA Drivers-->C:\WINDOWS\system32\nvuide.exe UninstallGUI
OCR Software by I.R.I.S 7.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
PanaVue ImageAssembler 3.4.0-->MsiExec.exe /I{52D6EA6F-3751-4064-BF86-900FC9BB9E46}
PKR-->"C:\Program Files\PKR\uninstall-pkr.exe"
Plus de 200 000 Cliparts et Photos-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{D01940CE-8BD3-4258-B4E2-42F185AE1968}
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
Presentation To Video Converter-->"C:\Program Files\GeoVid\Presentation To Video Converter\unins000.exe"
PresenterSoft PowerVideoMaker 2.0.1-->"C:\Program Files\Presentersoft PowerVideoMaker\unins000.exe"
Readiris Pro 9-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3CA9D105-113C-11D8-AB3E-000102B0F79A}\setup.exe" -l0x40c
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Scrapbooking-->"C:\Program Files\Anuman Interactive\Scrapbooking\unins000.exe"
SiSoftware Sandra Lite XII.SP1-->"C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP1\unins000.exe"
SnagIt 9-->MsiExec.exe /I{2FADA80A-5D89-4CC8-9ED7-445527754A83}
SoundMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x40c -removeonly
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Studio DV-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Pinnacle\Studio DV Plus\SDVPlus.isu" -cC:\WINDOWS\SDVPlus.dll
TC Native Essentials 2.02-->C:\PROGRA~1\TCWorks\TCNativeEssentials202\UninstallTCEssentials.exe C:\PROGRA~1\TCWorks\TCNativeEssentials202\INSTALL.LOG
TitleDeko Pro for Premiere-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{60D53C80-E413-4512-8D48-09777CE832C7}\Setup.exe" UNINSTALL
TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
Unlocker 1.8.5-->C:\Program Files\Unlocker\uninst.exe
VideoPPT-->"C:\Program Files\VideoPPT\VideoPPT\unins000.exe"
Virtual Earth 3D (Bêta)-->MsiExec.exe /I{3CCB26F5-E2A7-4C91-8340-9149D7B7C2BE}
WaveLab-->"C:\Program Files\Steinberg\WaveLab\Unwise.exe" C:\PROGRA~1\STEINB~1\WaveLab\install.log
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Wondershare PPT2DVD 5.1.1.200 Trial-->"C:\Program Files\Wondershare\PPT2DVD\unins000.exe"
Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Toolbar avec bloqueur de fenêtres pop-up-->C:\PROGRA~1\Yahoo!\Common\unyt.exe
ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

=====HijackThis Backups=====

O2 - BHO: (no name) - {EDEE8F3F-6B4E-4CFC-8514-91A82D94D2EB} - C:\WINDOWS\system32\awvvs.dll (file missing) [2008-02-07]
O20 - Winlogon Notify: awtuutr - C:\WINDOWS\ [2008-02-11]

======Security center information======

AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic

======System event log======

Computer Name: NEUF
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Pml Driver HPZ12.

Record Number: 66829
Source Name: Service Control Manager
Time Written: 20090321085532.000000+060
Event Type: Informations
User: NEUF\BOB

Computer Name: NEUF
Event Code: 7036
Message: Le service Pml Driver HPZ12 est entré dans l'état : arrêté.

Record Number: 66828
Source Name: Service Control Manager
Time Written: 20090321085411.000000+060
Event Type: Informations
User:

Computer Name: NEUF
Event Code: 7036
Message: Le service Pml Driver HPZ12 est entré dans l'état : en cours d'exécution.

Record Number: 66827
Source Name: Service Control Manager
Time Written: 20090321085410.000000+060
Event Type: Informations
User:

Computer Name: NEUF
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Pml Driver HPZ12.

Record Number: 66826
Source Name: Service Control Manager
Time Written: 20090321085410.000000+060
Event Type: Informations
User: NEUF\BOB

Computer Name: NEUF
Event Code: 7036
Message: Le service Pml Driver HPZ12 est entré dans l'état : arrêté.

Record Number: 66825
Source Name: Service Control Manager
Time Written: 20090321085247.000000+060
Event Type: Informations
User:

=====Application event log=====

Computer Name: NEUF
Event Code: 101
Message: wuauclt (284) Le moteur de base de données est arrêté.

Record Number: 14482
Source Name: ESENT
Time Written: 20090123165036.000000+060
Event Type: Informations
User:

Computer Name: NEUF
Event Code: 103
Message: wuaueng.dll (284) SUS20ClientDataStore: Le moteur de base de données a arrêté une instance (0).

Record Number: 14481
Source Name: ESENT
Time Written: 20090123165036.000000+060
Event Type: Informations
User:

Computer Name: NEUF
Event Code: 102
Message: msnmsgr (3724) \\.\C:\Documents and Settings\BOB\Local Settings\Application Data\Microsoft\Messenger\bre.tagne@hotmail.fr\SharingMetadata\Working\database_38A4_8857_A488_1990\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).

Record Number: 14480
Source Name: ESENT
Time Written: 20090123164845.000000+060
Event Type: Informations
User:

Computer Name: NEUF
Event Code: 100
Message: msnmsgr (3724) Le moteur de base de données 5.01.2600.2180 est démarré.

Record Number: 14479
Source Name: ESENT
Time Written: 20090123164845.000000+060
Event Type: Informations
User:

Computer Name: NEUF
Event Code: 12001
Message: The Messenger Sharing USN Journal Reader service started successfully.

Record Number: 14478
Source Name: usnjsvc
Time Written: 20090123164843.000000+060
Event Type:
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 79 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=4f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SAN_DIR"=C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP1
"tvdumpflags"=8

-----------------EOF-----------------

Voila qui est fait :
par contre je n'ai pas mis à jour IE car d'une part mon XP n'est pas "officiel" (lol) et d'autre part je ne l'utilise pratiquement pas

Malwarebytes' Anti-Malware 1.35
Version de la base de données: 1911
Windows 5.1.2600 Service Pack 2

29-03-09 00:48:34
mbam-log-2009-03-29 (00-48-34).txt

Type de recherche: Examen complet (C:\|D:\|E:\|)
Eléments examinés: 169467
Temps écoulé: 1 hour(s), 44 minute(s), 35 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Documents and Settings\BOB\Application Data\Desktopicon\eBayShortcuts.exe (Trojan.Agent) -> Quarantined and deleted successfully.

Avira AntiVir Personal
Report file date: 2009-03-29 12:00

Scanning for 1328914 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: NEUF

Version information:
BUILD.DAT : 8.2.0.347 16934 Bytes 2009-03-16 14:45:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 2008-11-26 18:14:05
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-07-17 13:14:55
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-07-17 13:14:55
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-07-17 13:14:55
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 2008-10-27 10:10:40
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 2009-02-11 15:01:06
ANTIVIR2.VDF : 7.1.2.199 1008640 Bytes 2009-03-22 11:02:20
ANTIVIR3.VDF : 7.1.2.228 257024 Bytes 2009-03-27 11:01:24
Engineversion : 8.2.0.129
AEVDF.DLL : 8.1.1.0 106868 Bytes 2009-01-30 22:35:06
AESCRIPT.DLL : 8.1.1.70 369019 Bytes 2009-03-27 11:01:36
AESCN.DLL : 8.1.1.8 127346 Bytes 2009-03-05 18:53:34
AERDL.DLL : 8.1.1.3 438645 Bytes 2008-11-06 13:20:50
AEPACK.DLL : 8.1.3.11 397687 Bytes 2009-03-26 11:01:29
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 2009-02-27 18:52:15
AEHEUR.DLL : 8.1.0.111 1679736 Bytes 2009-03-26 11:01:27
AEHELP.DLL : 8.1.2.2 119158 Bytes 2009-02-27 18:52:08
AEGEN.DLL : 8.1.1.31 340341 Bytes 2009-03-27 11:01:34
AEEMU.DLL : 8.1.0.9 393588 Bytes 2008-10-15 16:38:09
AECORE.DLL : 8.1.6.6 176501 Bytes 2009-02-18 14:56:39
AEBB.DLL : 8.1.0.3 53618 Bytes 2008-10-15 16:38:07
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-17 13:14:55
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-07-17 13:14:55
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-07-31 15:51:28
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-07-17 13:14:55
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-04-24 11:37:22
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-07-17 13:14:55
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-04-24 11:37:23
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-07-17 13:14:56
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-04-24 11:37:23
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-07-17 13:14:50
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-07-17 13:14:50

Configuration settings for the scan:
Jobname..........................: Local Hard Disks
Configuration file...............: C:\Program Files\Avira\AntiVir PersonalEdition Classic\alldiscs.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, E:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2009-03-29 12:00

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'ssmypics.scr' - '1' Module(s) have been scanned
Scan process 'HPZipm12.exe' - '1' Module(s) have been scanned
Scan process 'HPZinw12.exe' - '1' Module(s) have been scanned
Scan process 'hpqste08.exe' - '1' Module(s) have been scanned
Scan process 'hpqimzone.exe' - '1' Module(s) have been scanned
Scan process 'hpqnrs08.exe' - '1' Module(s) have been scanned
Scan process 'KHALMNPR.exe' - '1' Module(s) have been scanned
Scan process 'thunderbird.exe' - '1' Module(s) have been scanned
Scan process 'SetPoint.exe' - '1' Module(s) have been scanned
Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'LOGI_MWX.EXE' - '1' Module(s) have been scanned
Scan process 'zlclient.exe' - '0' Module(s) have been scanned
Scan process 'hpcmpmgr.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'PWRISOVM.EXE' - '1' Module(s) have been scanned
Scan process 'SMax4.exe' - '1' Module(s) have been scanned
Scan process 'smax4pnp.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'CALMAIN.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'HDDTSvc.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'vsmon.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
43 processes with 43 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '64' files ).


Starting the file scan:

Begin scan in 'C:\' < >
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{C841693A-A920-40B9-A067-C9C7EB118E03}\RP724\A0167107.exe
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4a00577f.qua'!
Begin scan in 'D:\' < >
Begin scan in 'E:\' < >

le log du test avec AVIRA de ce jour
j'ai mis en quarantaine le fichier infecté
puis je le supprimer ?


End of the scan: 2009-03-29 13:30
Used time: 1:29:55 Hour(s)

The scan has been done completely.

7826 Scanning directories
342731 Files were scanned
1 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
1 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
342729 Files not concerned
4114 Archives were scanned
1 Warnings
1 Notes

Bsr
mon PC continue de freezer de temps en temps
pendant qqs secondes plus de contrôle du PC (mais les applications restent affichées à l'écran) ... la souris n'est plus active .... et ça dure entre 3/4 s et 20s environ
Que puis je contrôler d'autre ??
à priori les tensions (données par EVEREST) sont corrects
Pourrait il s'agir d'un malware ou d'un virus ?
sinon quel forum est le mieux adapté pour poser un nouveau post HULO?

J'ai réalisé ce que tu m'as conseillé
aucun problème lors des différentes manips
le résultat ? .... à voir dans le temps ... je te tiens au courant
je ne clos pas le post de suite
a+
2 questions qd même :
1- as tu détecté dans les différents logs un pb d'infection ?
2- est ce que je peux refaire les manips sans pb si j'ai de nouveaux doutes ? ou faut il suivre l'avis de spécialistes sur le forum ?

Bsr
voila le log de combofix

ComboFix 09-04-01.01 - BOB 2009-04-02 20:17:30.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.958.522 [GMT 2:00]
Lancé depuis: c:\documents and settings\BOB\Bureau\ComboFix.exe
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated)
* Un nouveau point de restauration a été créé

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\patch.exe
c:\windows\system32\kmd.exe
c:\windows\system32\lsprst7.dll
c:\windows\system32\ssprs.dll
.
---- Exécution préalable -------
.
c:\windows\images.zip
c:\windows\system32\lsprst7.dll
c:\windows\system32\ssprs.dll
c:\windows\system32\svvwa.ini
c:\windows\system32\svvwa.ini2

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-03-02 au 2009-04-02 ))))))))))))))))))))))))))))))))))))
.

2009-04-02 20:12 . 2006-03-03 00:42 73,728 --a------ C:\pv.exe
2009-03-28 22:42 . 2009-03-28 22:42 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-03-28 22:42 . 2009-03-28 22:42 <REP> d-------- c:\documents and settings\BOB\Application Data\Malwarebytes
2009-03-28 22:42 . 2009-03-28 22:42 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-03-28 22:42 . 2009-03-26 17:49 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-28 22:42 . 2009-03-26 17:49 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-03-28 21:01 . 2009-03-28 21:01 <REP> d-------- C:\rsit
2009-03-28 18:24 . 2009-03-28 18:24 <REP> d-------- c:\program files\Uniblue
2009-03-28 18:24 . 2009-03-28 18:24 <REP> d-------- c:\documents and settings\BOB\Application Data\Uniblue
2009-03-20 20:27 . 2009-03-20 20:30 <REP> d-------- c:\program files\FilmFX2
2009-03-20 20:07 . 1999-10-06 15:25 1,089,536 --------- c:\windows\system32\gear81sd.DLL
2009-03-20 20:07 . 2001-02-13 04:30 120,032 --a------ c:\windows\system32\SHSMP.DLL
2009-03-20 19:46 . 2009-03-20 19:59 <REP> d-------- c:\program files\Alpha Magic
2009-03-20 19:46 . 1999-04-05 12:48 86,016 --a------ c:\windows\unvise32.exe
2009-03-20 19:45 . 2009-03-20 19:45 56 --a------ c:\windows\system32\571348.dlx
2009-03-13 00:07 . 2009-03-13 00:19 50,498 --a------ C:\eqp19510829.jpg
2009-03-13 00:06 . 2009-03-13 00:18 48,480 --a------ C:\eqp19501019.jpg
2009-03-12 11:01 . 2009-03-12 11:01 1,822,238 --a------ C:\Audacity_tutoriel.pdf
2009-03-12 10:57 . 2009-03-12 10:57 <REP> d-------- c:\program files\Audacity
2009-03-11 16:59 . 2009-04-02 00:18 64 --a------ c:\windows\HFREP.INI
2009-03-11 16:36 . 2009-04-02 02:01 <REP> d-------- C:\proShop

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-02 18:21 32,825,376 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-04-02 18:03 --------- d-----w c:\program files\Mozilla Thunderbird
2009-04-02 00:03 387,596 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-03-29 19:07 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-03-29 18:58 --------- d-----w c:\program files\CCleaner
2009-03-28 23:48 --------- d-----w c:\documents and settings\BOB\Application Data\Desktopicon
2009-03-28 20:40 --------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard
2009-03-28 20:39 --------- d-----w c:\program files\Lavasoft
2009-03-28 16:28 --------- d-----w c:\program files\Lettriq
2009-03-26 21:36 --------- d-----w c:\program files\PKR
2009-03-24 22:48 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-03-20 19:45 50,456 ----a-w c:\documents and settings\BOB\Application Data\GDIPFONTCACHEV1.DAT
2009-03-20 18:14 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-26 07:13 9,610,653 ----a-w c:\windows\Internet Logs\tvDebug.zip
2009-02-04 19:03 --------- d-----w c:\program files\Virtual Earth 3D
2009-01-31 01:27 2,759,168 ----a-w c:\windows\Internet Logs\xDB4.tmp
2008-12-19 21:38 67,688 ----a-w c:\program files\mozilla firefox\components\jar50.dll
2008-12-19 21:38 54,368 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll
2008-12-19 21:38 34,944 ----a-w c:\program files\mozilla firefox\components\myspell.dll
2008-12-19 21:38 46,712 ----a-w c:\program files\mozilla firefox\components\spellchk.dll
2008-12-19 21:38 172,136 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-04 1667584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-01-24 7311360]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-01-24 86016]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-01-20 217088]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-02-13 185896]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-17 266497]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-12-13 919016]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"nwiz"="nwiz.exe" [2006-01-24 c:\windows\system32\nwiz.exe]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 c:\windows\system32\HdAShCut.exe]
"Logitech Utility"="Logi_MwX.Exe" [2003-12-17 c:\windows\LOGI_MWX.EXE]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-10-10 c:\windows\KHALMNPR.Exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2006-11-23 113664]
D‚marrage rapide de HP Photosmart Premier.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2006-02-10 73728]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-01-30 809488]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-11-07 17:41 72208 c:\program files\Fichiers communs\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.dfsc"= dfsc.dll
"msacm.dfscacm"= dfscacm.dll
"VIDC.HFYU"= huffyuv.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^BOB^Menu Démarrer^Programmes^Démarrage^Pinnacle Systems - Studio Family.lnk]
path=c:\documents and settings\BOB\Menu Démarrer\Programmes\Démarrage\Pinnacle Systems - Studio Family.lnk
backup=c:\windows\pss\Pinnacle Systems - Studio Family.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-01-19 12:55 5674352 c:\program files\MSN Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 12:50 155648 c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
--a------ 2008-02-13 14:41 214560 c:\program files\Real\RealPlayer\realplay.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
--a------ 2008-03-01 07:10 15872 c:\program files\Unlocker\UnlockerAssistant.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.321\\English\\setup.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XII.SP1\\Win32\\RpcDataSrv.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XII.SP1\\RpcSandraSrv.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R2 HDDTService;HDD Temperature;c:\program files\PalickSoft\HDD Temperature\HDDTSvc.exe [2004-11-24 384512]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2009-01-30 10384]
R3 CTL511Plus;Video Blaster WebCam 3/WebCam Plus (WDM);c:\windows\system32\drivers\webc3vid.sys [2008-11-12 166504]
R3 SDVPlus;Pinnacle Studio DVplus WDM Renderer;c:\windows\system32\drivers\SDVPlus.sys [2006-11-23 63862]
S2 BestSyncSvc;BestSync Service;c:\program files\RiseFly\BestSync\BestSyncSvc.exe [2007-11-17 487424]
S3 ST330;ST330;c:\windows\system32\drivers\st330.sys [2006-11-23 30464]
S3 STBUS;STBUS;c:\windows\system32\drivers\stbus.sys [2006-11-23 12672]
S3 stppp;Speedtouch PPP Adapter Adapter;c:\windows\system32\drivers\stppp.sys [2006-11-23 32000]
S4 Oebc550;Oebc550;c:\windows\system32\drivers\aeaudio.sys [2006-11-22 127872]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenu du dossier 'Tâches planifiées'

2009-04-02 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:23]

2009-04-02 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job
- c:\program files\Spybot - Search & Destroy\SpybotSD.exe [2008-07-30 14:45]
.
- - - - ORPHELINS SUPPRIMES - - - -

WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)


.
------- Examen supplémentaire -------
.
uInternet Settings,ProxyOverride = *.local;<local>
uInternet Settings,ProxyServer = localhost:8800
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
Trusted Zone: voila.fr\tchat
TCP: {31C66E2F-7C52-475F-9BB8-1F1388028E68} = 80.10.246.1,80.10.246.132
FF - ProfilePath - c:\documents and settings\BOB\Application Data\Mozilla\Firefox\Profiles\o57hfwp3.Utilisateur par défaut\
FF - prefs.js: browser.startup.homepage - hxxp://www.olweb.fr
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-02 20:20:56
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HDDTService]
"ImagePath"="c:\program files\PalickSoft\HDD Temperature\HDDTSvc.exe /startedbyscm:916B11C7-40E287F3-HDDTService"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:87,2b,b0,8d,4f,2f,9b,60,95,50,e2,7c,07,18,27,a9,81,ad,83,b8,8a,
8a,57,6c,05,65,02,0c,89,98,fa,23,53,a4,f4,44,ce,ad,a3,af,3b,d1,23,3b,ec,be,\

[HKEY_LOCAL_MACHINE\software\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:87,2b,b0,8d,4f,2f,9b,60,95,50,e2,7c,07,18,27,a9,81,ad,83,b8,8a,
8a,57,6c,05,65,02,0c,89,98,fa,23,53,a4,f4,44,ce,ad,a3,af,3b,d1,23,3b,ec,be,\
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(756)
c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll
c:\program files\fichiers communs\logishrd\bluetooth\LBTServ.dll
.
Heure de fin: 2009-04-02 20:23:33
ComboFix-quarantined-files.txt 2009-04-02 18:23:31

Avant-CF: 12,650,385,408 octets libres
Après-CF: 12,710,359,040 octets libres

215

Voili voilou :

Fichier pv.exe reçu le 2009.04.02 19:13:53 (CET)
Situation actuelle: terminé
Résultat: 1/40 (2.50%)
Formaté Formaté
Impression des résultats Impression des résultats
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.04.02 -
AhnLab-V3 5.0.0.2 2009.04.02 -
AntiVir 7.9.0.129 2009.04.02 -
Antiy-AVL 2.0.3.1 2009.04.02 -
Authentium 5.1.2.4 2009.04.01 -
Avast 4.8.1335.0 2009.04.02 -
AVG 8.5.0.285 2009.04.02 -
BitDefender 7.2 2009.04.02 -
CAT-QuickHeal 10.00 2009.04.01 -
ClamAV 0.94.1 2009.04.02 -
Comodo 1093 2009.04.01 -
DrWeb 4.44.0.09170 2009.04.02 -
eSafe 7.0.17.0 2009.04.02 -
eTrust-Vet 31.6.6432 2009.04.02 -
F-Prot 4.4.4.56 2009.04.01 -
F-Secure 8.0.14470.0 2009.04.02 -
Fortinet 3.117.0.0 2009.04.02 -
GData 19 2009.04.02 -
Ikarus T3.1.1.49.0 2009.04.02 -
K7AntiVirus 7.10.690 2009.04.01 -
Kaspersky 7.0.0.125 2009.04.02 -
McAfee 5572 2009.04.02 -
McAfee+Artemis 5572 2009.04.02 -
McAfee-GW-Edition 6.7.6 2009.04.01 -
Microsoft 1.4502 2009.04.02 -
NOD32 3984 2009.04.02 -
Norman 6.00.06 2009.04.02 -
nProtect 2009.1.8.0 2009.04.02 -
Panda 10.0.0.14 2009.04.02 -
PCTools 4.4.2.0 2009.04.02 -
Prevx1 V2 2009.04.02 -
Rising 21.23.32.00 2009.04.02 -
Sophos 4.40.0 2009.04.02 -
Sunbelt 3.2.1858.2 2009.04.02 -
Symantec 1.4.4.12 2009.04.02 -
TheHacker 6.3.4.0.298 2009.04.01 -
TrendMicro 8.700.0.1004 2009.04.02 -
VBA32 3.12.10.2 2009.04.02 -
ViRobot 2009.4.2.1673 2009.04.02 Spyware.Bancos.73728
VirusBuster 4.6.5.0 2009.04.02 -
Information additionnelle
Tamano archivo: 73728 bytes
MD5...: 92bd80f82fe8a28385b7d9d3f215e8b3
SHA1..: e1ec40d4458b269d009d9c60344de3d187385290
SHA256: 5fc1b8e1cdd4d80b9818b854f70c009b7c182824e22c8eed7f524b4da2c6­0f4a
SHA512: 32a0d8551a4861f7ce40a9b4c127dfaace92eaf9d20407441714c475e1e0­110c
1225f5cc508999d832458d7e940f8711dee8853e49c1c963ffb0aaa884a9­4a2a
ssdeep: 1536:KpopZrrT/SNCS9+GP/+PbgF2rPeuJ8gVgl:F5/6V8bzJ8Fl
PEiD..: -
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x741f
timedatestamp.....: 0x4407c93f (Fri Mar 03 04:42:39 2006)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xb41e 0xc000 6.40 157423e6206e1edbcc8e6dfcdf910263
.rdata 0xd000 0x34ae 0x4000 4.59 3921bbf4266fccfda942a7943d8f10a4
.data 0x11000 0x2da4 0x1000 1.77 32fd2c6d195740195502f09e6b5b955f

( 4 imports )
> VERSION.dll: VerQueryValueA, GetFileVersionInfoSizeA, GetFileVersionInfoA
> KERNEL32.dll: GetVersion, GetCurrentProcess, GetProcAddress, LoadLibraryA, CloseHandle, GetModuleHandleA, SetPriorityClass, OpenProcess, WaitForSingleObject, TerminateProcess, GetCurrentProcessId, Sleep, WaitForMultipleObjectsEx, lstrlenA, IsBadStringPtrA, GetLastError, UnmapViewOfFile, lstrcpynA, MapViewOfFile, CreateFileMappingA, CreateFileA, ReadProcessMemory, VirtualQueryEx, GetPriorityClass, QueryPerformanceCounter, lstrcpyA, GetEnvironmentVariableA, MultiByteToWideChar, WideCharToMultiByte, GetSystemTimeAsFileTime, GetTimeFormatA, GetDateFormatA, FileTimeToSystemTime, FileTimeToLocalFileTime, GetFileTime, VerLanguageNameA, GetACP, HeapSize, SetStdHandle, SetFilePointer, ReadFile, GetSystemInfo, VirtualProtect, GetCPInfo, GetOEMCP, GetLocaleInfoA, GetEnvironmentStringsW, FreeEnvironmentStringsW, GetEnvironmentStrings, GetTickCount, GetCurrentThreadId, lstrcmpiA, SetEndOfFile, HeapAlloc, ExitProcess, HeapFree, HeapReAlloc, RtlUnwind, GetCommandLineA, GetVersionExA, SetHandleCount, GetStdHandle, GetFileType, GetStartupInfoA, LCMapStringA, LCMapStringW, WriteFile, FlushFileBuffers, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, GetStringTypeA, GetStringTypeW, InterlockedExchange, VirtualQuery, GetModuleFileNameA, UnhandledExceptionFilter, FreeEnvironmentStringsA
> USER32.dll: GetDlgItem, SetWindowTextA, wsprintfW, GetWindowTextA, GetDesktopWindow, SendMessageA, SetForegroundWindow, GetWindow, GetWindowThreadProcessId, GetWindowLongA, CharNextExA, wsprintfA
> ADVAPI32.dll: RegQueryValueExW, RegQueryValueExA, GetSecurityDescriptorOwner

( 0 exports )
RDS...: NSRL Reference Data Set
-

Fichier eqp19501019.jpg reçu le 2009.04.02 21:20:34 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 0/40 (0%)
en train de charger les informations du serveur...
Votre fichier est dans la file d'attente, en position: 4.
L'heure estimée de démarrage est entre 63 et 90 secondes.
Ne fermez pas la fenêtre avant la fin de l'analyse.
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Formaté
Impression des résultats Impression des résultats
Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.

Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
Email:

Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.04.02 -
AhnLab-V3 5.0.0.2 2009.04.02 -
AntiVir 7.9.0.129 2009.04.02 -
Antiy-AVL 2.0.3.1 2009.04.02 -
Authentium 5.1.2.4 2009.04.02 -
Avast 4.8.1335.0 2009.04.02 -
AVG 8.5.0.285 2009.04.02 -
BitDefender 7.2 2009.04.02 -
CAT-QuickHeal 10.00 2009.04.01 -
ClamAV 0.94.1 2009.04.02 -
Comodo 1093 2009.04.01 -
DrWeb 4.44.0.09170 2009.04.02 -
eSafe 7.0.17.0 2009.04.02 -
eTrust-Vet 31.6.6432 2009.04.02 -
F-Prot 4.4.4.56 2009.04.02 -
F-Secure 8.0.14470.0 2009.04.02 -
Fortinet 3.117.0.0 2009.04.02 -
GData 19 2009.04.02 -
Ikarus T3.1.1.49.0 2009.04.02 -
K7AntiVirus 7.10.690 2009.04.01 -
Kaspersky 7.0.0.125 2009.04.02 -
McAfee 5572 2009.04.02 -
McAfee+Artemis 5572 2009.04.02 -
McAfee-GW-Edition 6.7.6 2009.04.01 -
Microsoft 1.4502 2009.04.02 -
NOD32 3984 2009.04.02 -
Norman 6.00.06 2009.04.02 -
nProtect 2009.1.8.0 2009.04.02 -
Panda 10.0.0.14 2009.04.02 -
PCTools 4.4.2.0 2009.04.02 -
Prevx1 V2 2009.04.02 -
Rising 21.23.32.00 2009.04.02 -
Sophos 4.40.0 2009.04.02 -
Sunbelt 3.2.1858.2 2009.04.02 -
Symantec 1.4.4.12 2009.04.02 -
TheHacker 6.3.4.0.298 2009.04.01 -
TrendMicro 8.700.0.1004 2009.04.02 -
VBA32 3.12.10.2 2009.04.02 -
ViRobot 2009.4.2.1673 2009.04.02 -
VirusBuster 4.6.5.0 2009.04.02 -
Information additionnelle
File size: 48480 bytes
MD5...: b3b4e69979b80646099c74520c6d44c0
SHA1..: e04058d6786419390fad5b3a31a7ed5476ab6925
SHA256: 4c8ee1f7fd1811e4135d73c7f80d866a4dafdbc04a086d0bc840d9a02df7cd5b
SHA512: abe8fb6b3e71ea8ac7ba4e472c0e96b7ec085765cb521c671ed598355b3c2036
db62a39d2a30a7504af9e98c4683ed6f6d1aec7cb22aa49216911cfcb97fce7e
ssdeep: 768:p857uFhhL57uFhhF70ykqsFBQE9sSSNAVkvulBcbTialxfpaYpmB/TooZzD7
c8iJ:6gdgzkNZuZTvi+vgYSTomD7Fny
PEiD..: -
TrID..: File type identification
JFIF-EXIF JPEG Bitmap (32.2%)
JFIF JPEG Bitmap (25.8%)
JPEG Bitmap (19.3%)
MP3 audio (ID3 v1.x tag) (16.1%)
MP3 audio (6.4%)
PEInfo: -
RDS...: NSRL Reference Data Set


Fichier eqp19510829.jpg reçu le 2009.04.02 21:22:44 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 0/40 (0%)
en train de charger les informations du serveur...
Votre fichier est dans la file d'attente, en position: ___.
L'heure estimée de démarrage est entre ___ et ___ .
Ne fermez pas la fenêtre avant la fin de l'analyse.
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Formaté
Impression des résultats Impression des résultats
Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.

Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
Email:

Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.04.02 -
AhnLab-V3 5.0.0.2 2009.04.02 -
AntiVir 7.9.0.129 2009.04.02 -
Antiy-AVL 2.0.3.1 2009.04.02 -
Authentium 5.1.2.4 2009.04.02 -
Avast 4.8.1335.0 2009.04.02 -
AVG 8.5.0.285 2009.04.02 -
BitDefender 7.2 2009.04.02 -
CAT-QuickHeal 10.00 2009.04.01 -
ClamAV 0.94.1 2009.04.02 -
Comodo 1093 2009.04.01 -
DrWeb 4.44.0.09170 2009.04.02 -
eSafe 7.0.17.0 2009.04.02 -
eTrust-Vet 31.6.6432 2009.04.02 -
F-Prot 4.4.4.56 2009.04.02 -
F-Secure 8.0.14470.0 2009.04.02 -
Fortinet 3.117.0.0 2009.04.02 -
GData 19 2009.04.02 -
Ikarus T3.1.1.49.0 2009.04.02 -
K7AntiVirus 7.10.690 2009.04.01 -
Kaspersky 7.0.0.125 2009.04.02 -
McAfee 5572 2009.04.02 -
McAfee+Artemis 5572 2009.04.02 -
McAfee-GW-Edition 6.7.6 2009.04.01 -
Microsoft 1.4502 2009.04.02 -
NOD32 3984 2009.04.02 -
Norman 6.00.06 2009.04.02 -
nProtect 2009.1.8.0 2009.04.02 -
Panda 10.0.0.14 2009.04.02 -
PCTools 4.4.2.0 2009.04.02 -
Prevx1 V2 2009.04.02 -
Rising 21.23.32.00 2009.04.02 -
Sophos 4.40.0 2009.04.02 -
Sunbelt 3.2.1858.2 2009.04.02 -
Symantec 1.4.4.12 2009.04.02 -
TheHacker 6.3.4.0.298 2009.04.01 -
TrendMicro 8.700.0.1004 2009.04.02 -
VBA32 3.12.10.2 2009.04.02 -
ViRobot 2009.4.2.1673 2009.04.02 -
VirusBuster 4.6.5.0 2009.04.02 -
Information additionnelle
File size: 50498 bytes
MD5...: 4f04ebb5694944f658ab2f2a1e0fcf4b
SHA1..: 6424dbb31d1e8bfa75797cc0412a837eecb62352
SHA256: 1e5da3cb94b31a6b116ab01c73b8a54dc042c83bc5c3fa0722444936b521b02b
SHA512: dac96b9c3daae8b807d0949e2e632a0c3ea2c9df0a045eaabb50bfe27df54b69
28d5439634307293de668c4cfdcbe54339399aae2b203676c776665b9bc40ac0
ssdeep: 768:su8mZ6KrG2w8mZ6KrG2u7xzDnLhpDW8fL064vyAg27LktkW0GTagNeimUIpX
kd6:53G53GNDtsl6eWnYC8XA6
PEiD..: -
TrID..: File type identification
JFIF-EXIF JPEG Bitmap (32.2%)
JFIF JPEG Bitmap (25.8%)
JPEG Bitmap (19.3%)
MP3 audio (ID3 v1.x tag) (16.1%)
MP3 audio (6.4%)
PEInfo: -
RDS...: NSRL Reference Data Set
-

Re
voila le rapport demandé
au sujet des post précédents .... est ce que les 3 fichiers que tu m'a fitscanner ... sont dangereux ? je n'ose pas les ouvrir , d'autant que je ne sais pas ce que c'est .


[ Rapport ToolsCleaner version 2.3.3 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\Combofix.txt: trouvé !
C:\Qoobox: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\BOB\Bureau\ComboFix.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !

---------------------------------
--> Suppression:

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\BOB\Bureau\ComboFix.exe: ERREUR DE SUPPRESSION !!
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\Combofix.txt: supprimé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\Qoobox: supprimé !
C:\Rsit: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !

J'ai ouvert les 2 fichiers JPEG .... no pb ... j'ai reconnu les images !! ... c'était bien moi qui les avait faites !!!
par contre le pv.exe ... si je l'ouvre ....ça m'ouvre une fenêtre noire type dos ... pendant 1-2 sec ;... puis retour a Windows !!!! sa
sq'ap paremment qq chose ne se passe /////
sinon pour le "freeze" je te tiens au courant

Bsr
mon pb n'est pas résolu
le PC freeze tjrs de temps en temps ( souris inopérante pendant qqs secondes) et ce soir j'ai même eut droit à un blocage complet :
- Firefox, thunderbird et word ouverts. Je travalliais sur un fichier word et en voulant cliquer sur l'ascenseur vertical ... sablier et plus d'action possible ( possibilité de déplacer la souris ;... mais clic inopérant). j'ai ouvert le gestionnaire de progr : UC utilisée à 100% ... et dans les processus ... tous à 0% sauf word à 99%. J'ai fermé thunderbird et fiirefox par "fin de tache" ;... rien de changé. j'ai été obligé de faire "fin de tache" pour word également .... ce qui a tout débloqué : UC utiisée à 0 % et souris opérationnelle. J'ai réouvert word ... et m^rmr pb !!!
Est ce que ça peut venir de Word ? c'est une version crackée ... mais depuis qqs années que je l'ai ... je n'ai jamais eut de pb !!!
faut il la désinstaller et la réinstaller ?
slt

Une précision
les freeze passagers (quelques secondes) se produisent même si word n'est pas ouvert
les symptômes : plus d'action de clic avec la souris ;... mais par contre possibilité de la déplacer !!!!
pourrait t'il s'agir d'un pb de souris ou de pilote de la souris ?

Bsr
c'est une souris filaire donc pas de pile .... par contre j'ai contrôlé que j'avais bien le dernier pilote à jour ... c'est bon !
Et élément nouveau qui, à mon avis, élimine un pb de souris, c'est que pendant les "freeze" .... le clavier est également inactif !!
Et l'UC étant utilisée à 100% ..... ça pourrait être un pb de hard ?
slt
si qqun a une idée de piste de recherche ?