Bonjour,

télécharge GenProc http://www.genproc.com/GenProc.exe

double-clique sur GenProc.exe et poste le contenu du rapport qui s'ouvre

Bonsoir, idriss
Excuses E ZULA.....

==> Edit !
a+







Si c'est ton seul problème !° !°!°... sois heureux !².....

Salut merci de me repondre aussi vite

Le log.txt:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Lefeve Catherine at 2009-08-15 21:51:26
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 42 GB (29%) free of 144 GB
Total RAM: 2814 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:51:53, on 15/08/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe­
C:\Windows\ehome\ehtray.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Lefeve Catherine\Downloads\RSIT(3).exe
C:\Program Files\trend micro\Lefeve Catherine.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [WarReg_PopUp] "C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [eScan Install-checker] C:\Windows\system32\eInstall.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - Global Startup: Wireless Configuration Utility.lnk = C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Eset HTTP Server (EHttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: eScan Management-Console (eScan-eServ) - MWTI2 - C:\PROGRA~1\eScan\TRAYESER.EXE
O23 - Service: eScan Server-Updater (eScan-trayicos) - MicroWorld Technologies Inc. - C:\PROGRA~1\eScan\TRAYSSER.EXE
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\bin32\nSvcAppFlt.exe
O23 - Service: Service Google Update (gupdate1c9a0149615d04d) (gupdate1c9a0149615d04d) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MWAgent - MicroWorld Technologies Inc. - C:\Program Files\Common Files\MicroWorld\Agent\MWASER.EXE
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\bin32\nSvcIp.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\Windows\system32\UAService7.exe
End of file - 9021 bytes

======Scheduled tasks folder======

C:\Windows\tasks\eScan Update-Server.job
C:\Windows\tasks\eScan Updater.job
C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\MailScan Dispatcher.job
C:\Windows\tasks\NSSstub.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-07-27 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-07-27 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-07-27 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-07-27 256112]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-02-20 1443072]
"WarReg_PopUp"=C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe [2008-01-29 303104]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-03-26 5369856]
"Google Quick Search Box"=C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2009-05-17 68592]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-03-28 13687328]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-03-28 92704]
"eScan Install-checker"=C:\Windows\system32\eInstall.exe [2005-01-24 508928]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2009-04-29 188728]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-25 39408]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2009-07-27 1644784]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
"Steam"=c:\program files\steam\steam.exe [2009-07-19 1217784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Empowering Technology Monitor]
C:\Program Files\Acer\Empowering Technology\SysMonitor.exe [2008-04-25 319488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray]
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-25 28672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-03-04 526896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EmpoweringTechnology]
C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe [2008-04-25 319488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\filehippo.com]
C:\Program Files\filehippo.com\UpdateChecker.exe /background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe /startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\Windows\system32\NvCpl.dll [2009-03-28 13687328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\Windows\system32\NvMcTray.dll [2009-03-28 92704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMMediaSharing]
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe [2008-01-25 204908]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Wireless Configuration Utility.lnk - C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SynchronousMachineGroupPolicy"=0
"SynchronousUserGroupPolicy"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoViewContextMenu"=0
"NoWinKeys"=0
"NoDriveAutoRun"=FFFFFFFF
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"NoLogOff"=
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Nexon\Combat Arms\CombatArms.exe"="C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms\Engine.exe"="C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe"
"C:\PROGRA~1\COMMON~1\MICROW~1\Agent\MWAGENT.EXE"="C:\PROGRA~1\COMMON~1\MICROW~1\Agent\MWAGENT.EXE:*:Enabled:MicroWorld Management Agent"
"C:\PROGRA~1\eScan\DOWNLOAD.EXE"="C:\PROGRA~1\eScan\DOWNLOAD.EXE:*:Enabled:eScan Update Downloader"
"C:\PROGRA~1\COMMON~1\MICROW~1\eScanRAD\ESCANRAD.EXE"="C:\PROGRA~1\COMMON~1\MICROW~1\eScanRAD\ESCANRAD.EXE:*:Enabled:eScan Remote Administration Tool"
"C:\PROGRA~1\eScan\TRAYICOS.EXE"="C:\PROGRA~1\eScan\TRAYICOS.EXE:*:Enabled:eScan Server Updater"
"C:\PROGRA~1\eScan\ESERV.EXE"="C:\PROGRA~1\eScan\ESERV.EXE:*:Enabled:eScan Management Console"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-08-15 21:43:25 ----SHD---- C:\Config.Msi
2009-08-15 21:41:01 ----D---- C:\Windows\LastGood
2009-08-15 21:16:43 ----A---- C:\Windows\system32\atl.dll
2009-08-15 21:16:38 ----A---- C:\Windows\system32\wkssvc.dll
2009-08-15 21:16:14 ----A---- C:\Windows\system32\mstscax.dll
2009-08-15 21:15:48 ----A---- C:\Windows\system32\avifil32.dll
2009-08-15 21:15:23 ----A---- C:\Windows\system32\kerberos.dll
2009-08-15 21:15:22 ----A---- C:\Windows\system32\wdigest.dll
2009-08-15 21:15:22 ----A---- C:\Windows\system32\msv1_0.dll
2009-08-15 21:15:21 ----A---- C:\Windows\system32\schannel.dll
2009-08-15 21:15:20 ----A---- C:\Windows\system32\lsasrv.dll
2009-08-15 21:15:19 ----A---- C:\Windows\system32\secur32.dll
2009-08-15 21:15:19 ----A---- C:\Windows\system32\lsass.exe
2009-08-15 21:14:43 ----A---- C:\Windows\system32\wmp.dll
2009-08-15 21:14:41 ----A---- C:\Windows\system32\wmpdxm.dll
2009-08-15 21:14:40 ----A---- C:\Windows\system32\dxmasf.dll
2009-08-15 21:14:39 ----A---- C:\Windows\system32\spwmp.dll
2009-08-15 21:14:38 ----A---- C:\Windows\system32\wmploc.DLL
2009-08-15 20:55:01 ----D---- C:\Program Files\Microsoft Sync Framework
2009-08-14 20:29:15 ----D---- C:\ProgramData\NOS
2009-08-14 20:29:15 ----D---- C:\Program Files\NOS
2009-08-07 00:46:59 ----A---- C:\Windows\system32\javaws.exe
2009-08-07 00:46:59 ----A---- C:\Windows\system32\javaw.exe
2009-08-07 00:46:59 ----A---- C:\Windows\system32\java.exe
2009-07-29 20:51:07 ----D---- C:\ProgramData\Yahoo! Companion
2009-07-29 12:53:07 ----A---- C:\Windows\system32\mshtml.dll
2009-07-29 12:53:03 ----A---- C:\Windows\system32\ieframe.dll
2009-07-29 12:53:02 ----A---- C:\Windows\system32\iertutil.dll
2009-07-29 12:53:01 ----A---- C:\Windows\system32\urlmon.dll
2009-07-29 12:53:00 ----A---- C:\Windows\system32\wininet.dll
2009-07-29 12:53:00 ----A---- C:\Windows\system32\occache.dll
2009-07-29 12:53:00 ----A---- C:\Windows\system32\msfeeds.dll
2009-07-29 12:52:59 ----A---- C:\Windows\system32\iedkcs32.dll
2009-07-29 12:52:58 ----A---- C:\Windows\system32\ieui.dll
2009-07-29 12:52:58 ----A---- C:\Windows\system32\iepeers.dll
2009-07-29 12:52:57 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-07-29 12:52:57 ----A---- C:\Windows\system32\jsproxy.dll
2009-07-29 12:52:57 ----A---- C:\Windows\system32\ieUnatt.exe
2009-07-29 12:52:57 ----A---- C:\Windows\system32\iesysprep.dll
2009-07-29 12:52:57 ----A---- C:\Windows\system32\ie4uinit.exe
2009-07-29 12:52:56 ----A---- C:\Windows\system32\msfeedssync.exe
2009-07-29 12:52:56 ----A---- C:\Windows\system32\iesetup.dll
2009-07-29 12:52:56 ----A---- C:\Windows\system32\iernonce.dll
2009-07-25 15:43:52 ----D---- C:\Users\Lefeve Catherine\AppData\Roaming\FUEL Demo
2009-07-25 15:43:37 ----A---- C:\Windows\system32\D3DX9_39.dll
2009-07-25 00:17:12 ----A---- C:\Windows\system32\d3dx10_41.dll
2009-07-25 00:17:12 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2009-07-25 00:17:11 ----A---- C:\Windows\system32\D3DX9_41.dll
2009-07-25 00:17:10 ----A---- C:\Windows\system32\XAudio2_4.dll
2009-07-25 00:17:10 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2009-07-25 00:17:10 ----A---- C:\Windows\system32\xactengine3_4.dll
2009-07-25 00:17:09 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2009-07-25 00:17:08 ----A---- C:\Windows\system32\D3DX9_40.dll
2009-07-25 00:17:08 ----A---- C:\Windows\system32\d3dx10_40.dll
2009-07-25 00:17:08 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2009-07-20 20:02:05 ----D---- C:\rsit
2009-07-19 16:39:30 ----D---- C:\Program Files\LibUSB-Win32-0.1.10.1
2009-07-19 16:39:30 ----A---- C:\Windows\system32\libusb0.dll
2009-07-19 15:01:50 ----D---- C:\Program Files\Common Files\Steam
2009-07-17 19:38:26 ----A---- C:\Windows\system32\pbsvc.exe
2009-07-17 19:29:17 ----D---- C:\Program Files\EA Games

======List of files/folders modified in the last 1 months======

2009-08-15 21:51:40 ----D---- C:\Windows\Temp
2009-08-15 21:51:38 ----D---- C:\Program Files\trend micro
2009-08-15 21:49:57 ----SHD---- C:\Windows\Installer
2009-08-15 21:49:56 ----D---- C:\Windows\winsxs
2009-08-15 21:49:30 ----D---- C:\Windows\System32
2009-08-15 21:46:21 ----SHD---- C:\System Volume Information
2009-08-15 21:45:28 ----D---- C:\Windows\system32\catroot
2009-08-15 21:45:09 ----D---- C:\ProgramData\WLInstaller
2009-08-15 21:43:43 ----RD---- C:\Program Files
2009-08-15 21:41:01 ----D---- C:\Windows\inf
2009-08-15 21:41:01 ----D---- C:\Windows
2009-08-15 21:29:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-08-15 21:27:04 ----D---- C:\Program Files\Steam
2009-08-15 21:26:06 ----D---- C:\Windows\system32\LogFiles
2009-08-15 21:26:04 ----D---- C:\Windows\Debug
2009-08-15 21:25:11 ----D---- C:\Windows\Tasks
2009-08-15 21:25:11 ----D---- C:\Windows\system32\Tasks
2009-08-15 21:22:56 ----D---- C:\Program Files\eScan
2009-08-15 21:22:56 ----A---- C:\Windows\win.ini
2009-08-15 21:20:40 ----D---- C:\Windows\system32\drivers
2009-08-15 21:20:39 ----D---- C:\Program Files\Windows Media Player
2009-08-15 21:19:22 ----D---- C:\Windows\system32\catroot2
2009-08-15 21:19:13 ----D---- C:\Program Files\Windows Mail
2009-08-15 21:08:08 ----D---- C:\ProgramData\Google Updater
2009-08-15 21:05:40 ----D---- C:\Program Files\Common Files\microsoft shared
2009-08-15 21:05:38 ----D---- C:\Windows\system32\Msdtc
2009-08-15 21:05:32 ----D---- C:\Windows\system32\wbem
2009-08-15 21:04:53 ----D---- C:\Windows\system32\config
2009-08-15 21:04:34 ----D---- C:\Windows\system32\spool
2009-08-15 21:04:34 ----D---- C:\Windows\system32\CodeIntegrity
2009-08-15 21:04:24 ----D---- C:\Windows\registration
2009-08-15 20:55:29 ----DC---- C:\Windows\system32\DRVSTORE
2009-08-15 20:55:28 ----D---- C:\Program Files\Windows Live
2009-08-15 20:54:51 ----SD---- C:\ProgramData\Microsoft
2009-08-15 20:51:15 ----D---- C:\Program Files\Microsoft Silverlight
2009-08-15 16:21:11 ----D---- C:\Windows\Prefetch
2009-08-14 20:29:15 ----HD---- C:\ProgramData
2009-08-14 14:41:14 ----D---- C:\Windows\Minidump
2009-08-12 15:28:03 ----D---- C:\Program Files\Mozilla Firefox
2009-08-11 22:09:47 ----A---- C:\Windows\system32\PnkBstrB.exe
2009-08-07 01:39:44 ----RSD---- C:\Windows\assembly
2009-08-07 00:46:52 ----D---- C:\Program Files\Java
2009-07-30 02:49:14 ----A---- C:\Windows\system32\mrt.exe
2009-07-29 23:32:36 ----D---- C:\Windows\system32\migration
2009-07-29 23:32:35 ----D---- C:\Program Files\Internet Explorer
2009-07-29 20:51:04 ----D---- C:\Program Files\Yahoo!
2009-07-25 05:23:00 ----A---- C:\Windows\system32\deploytk.dll
2009-07-20 12:24:24 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-07-19 15:01:50 ----D---- C:\Program Files\Common Files
2009-07-19 13:19:52 ----D---- C:\Users\Lefeve Catherine\AppData\Roaming\SystemRequirementsLab
2009-07-19 02:12:54 ----A---- C:\TCleaner.txt

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 easdrv;easdrv; C:\Windows\system32\DRIVERS\easdrv.sys [2008-02-20 29704]
R1 epfwtdir;epfwtdir; C:\Windows\system32\DRIVERS\epfwtdir.sys [2008-02-20 33800]
R1 KLIF;KLIF; C:\Windows\system32\DRIVERS\klif.sys [2007-03-16 119576]
R2 eamon;EAMON; C:\Windows\system32\DRIVERS\eamon.sys [2008-02-20 39944]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2008-04-25 15392]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-03-04 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-03-04 60464]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2006-11-10 18688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-03-26 2103512]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-01-29 1042464]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-04-22 43552]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-03-28 7738816]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-10-12 13312]
R3 RTL8187B;TRENDnet TEW-424UB 54M USB Dongle; C:\Windows\system32\DRIVERS\RTL8187B.sys [2007-07-19 281088]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2009-03-26 64000]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 athrusb6;Atheros Wireless LAN USB device driver 6 Series; C:\Windows\system32\DRIVERS\athru6.sys [2007-05-16 871936]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-03-17 101632]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1; C:\Windows\system32\drivers\libusb0.sys [2005-03-09 33792]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\lvusbsta.sys [2005-01-31 22016]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-01-01 47360]
S3 PID_0920;Logitech QuickCam Express(PID_0920); C:\Windows\system32\DRIVERS\LV532AV.SYS [2005-01-31 163328]
S3 TSP;TSP; \??\C:\Windows\system32\drivers\klif.sys [2007-03-16 119576]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 XPADFL02;XPAD Filter Service 02; C:\Windows\system32\DRIVERS\xpadfl02.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-02-06 109056]
R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service; C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2008-01-25 269448]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-03-04 500784]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-02-20 472320]
R2 eScan-eServ;eScan Management-Console; C:\PROGRA~1\eScan\TRAYESER.EXE [2007-04-17 49664]
R2 eScan-trayicos;eScan Server-Updater; C:\PROGRA~1\eScan\TRAYSSER.EXE [2007-04-17 50688]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-04-25 24576]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\bin32\nSvcAppFlt.exe [2008-01-29 598016]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MWAgent;MWAgent; C:\Program Files\Common Files\MicroWorld\Agent\MWASER.EXE [2007-04-07 414208]
R2 nSvcIp;ForceWare IP service; C:\Program Files\bin32\nSvcIp.exe [2008-01-29 163840]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 45056]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 131072]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-03-28 207392]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-07-05 75064]
R2 UserAccess7;SecuROM User Access Service (V7); C:\Windows\system32\UAService7.exe [2009-05-21 122880]
R3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-08-12 312568]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
R3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S2 gupdate1c9a0149615d04d;Service Google Update (gupdate1c9a0149615d04d); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-08 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-25 183280]
S3 EHttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-02-20 19200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-21 21504]

-----------------EOF-----------------

E zula voilà ce que tu m'a demandé

Rapport GenProc 2.615 [1] - 15/08/2009 à 21:58:14
@ Windows Vista Service Pack 2 - Mode normal
@ Mozilla Firefox (3.0.13) [Navigateur par défaut]

~~ CM DISK ERROR ~~

GenProc n'a détecté aucune infection caractéristique et suggère de suivre la procédure suivante :


Poste un rapport NanoScan http://www.micro-astuce.com/securite/NanoScan-Panda





~~~~ INFORMATION COMPLEMENTAIRE ~~~~


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:00:16, on 15/08/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe­
C:\Windows\ehome\ehtray.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Genproc\outil\Lefeve Catherine_GenProc.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [WarReg_PopUp] "C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [eScan Install-checker] C:\Windows\system32\eInstall.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - Global Startup: Wireless Configuration Utility.lnk = C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Eset HTTP Server (EHttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: eScan Management-Console (eScan-eServ) - MWTI2 - C:\PROGRA~1\eScan\TRAYESER.EXE
O23 - Service: eScan Server-Updater (eScan-trayicos) - MicroWorld Technologies Inc. - C:\PROGRA~1\eScan\TRAYSSER.EXE
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\bin32\nSvcAppFlt.exe
O23 - Service: Service Google Update (gupdate1c9a0149615d04d) (gupdate1c9a0149615d04d) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MWAgent - MicroWorld Technologies Inc. - C:\Program Files\Common Files\MicroWorld\Agent\MWASER.EXE
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\bin32\nSvcIp.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\Windows\system32\UAService7.exe
End of file - 9062 bytes

----------------------------------------------------------------------
Sites officiels GenProc : www.alt-shift-return.org et www.genproc.com
----------------------------------------------------------------------

~~ Fin à 22:00:30 ~~

Fais ceci stp:
télécharge GenProc http://www.genproc.com/GenProc.exe

a+
Si c'est ton seul problème !° !°!°... sois heureux !².....

Je suggèrerais le scan nanoscan proposé par GenProc histoire de farfouiller un peu plus (bien qu'ayant une petite idée du problème).

Ok je ferais cela demain la je vais me couché soyez là demain svp merci bonne nuit

Bonjour voila le rapport :

Trj/CI.A Virus
Latent(e)
Masquer +Infos
1. C:\Users\Lefeve Catherine\Downloads\jaCombo.exe

Niveau de risque faible (1)
Application/Ps... Application de surveillance
Latent(e)
Masquer +Infos
Non désinfectable
1. C:\Users\Lefeve Catherine\Downloads\jaCombo.exe[32788R22FWJFW\psexec.cfexe]


Fichiers suspects (3)
C:\Users\Lefeve Catherine\Downloads\mvc.zip[setup.exe]
C:\Program Files\eScan\MWAVSCAN.EXE
C:\Program Files\eScan\MWAVSCAN.COM

ça te sert à quoi jaCombo.exe ?
sinon tu n'as pas des fenêtres publicitaires ou des redirections intemestives ?

détaille un peu plus ton problème

Bonne question pour jacombo ...Et les problèmes sont que mon ordi n'arrête pas de bugger il ne rpondent plus les pages internet se chargent très lentement et je n'ais pas de redirection intempestives mais lorsque j'utilise IE et que j'ouvre un nouvel onglet une page avec le moteur de recherche lost s'ouvre alors que je ne connais pas ce moteur de recherche voilà j'espère que tu as plus ou moins compris mon problème.

En ce qui concerne lost, on y reviendra plus tard, c'est chiant mais ça reste secondaire.
Télécharge sur ton bureau ce fichier, exécute-le http://www2.gmer.net/catchme.exe
un rapport sera généré sur le bureau, poste-le quand c'est terminé

Disk not found C:\

please note that you need administrator rights to perform deep scan
disk not found C:\

please note that you need administrator rights to perform deep scan
disk not found C:\

please note that you need administrator rights to perform deep scan

Ok. Télécharge combofix (sUBs) http://download.bleepingcomputer.com/sUBs/ComboFix.exe sur ton Bureau
Double clique combofix.exe et suis les instructions.
Installe la console de récupération si proposé et continue.
Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

Bonjour voila le rapport

ComboFix 09-08-10.06 - Lefeve Catherine 17/08/2009 0:30.3.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.2814.1859 [GMT 2:00]
Running from: c:\users\Lefeve Catherine\Downloads\ComboFix.exe
AV: eScan Virus Control (VC) for Windows *On-access scanning disabled* (Updated) {E25EE26A-7512-411E-BAF6-D9AFA504A475}
AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
SP: eScan Virus Control (VC) for Windows *disabled* (Outdated) {E25EE26A-7512-411E-BAF6-D9AFA504A475}
SP: ESET NOD32 Antivirus 3.0 *enabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-2760852498-2543259003-1422614318-10­00
c:\$recycle.bin\S-1-5-21-361662847-2979653976-3885516880-500­
c:\users\Lefeve Catherine\AppData\Roaming\.#
c:\windows\Installer\1ec4a9.msi
c:\windows\patchw32.dll
c:\windows\regedit.com
c:\windows\system32\taskmgr.com


.
((((((((((((((((((((((((( Files Created from 2009-07-16 to 2009-08-16 )))))))))))))))))))))))))))))))
.

2009-08-16 22:48 . 2009-08-16 22:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-08-15 20:56 . 2009-08-15 20:56 -------- d-----w- c:\program files\Panda Security
2009-08-15 19:58 . 2009-08-15 19:58 -------- d-----w- C:\Genproc
2009-08-15 19:16 . 2009-07-17 13:54 71680 ----a-w- c:\windows\system32\atl.dll
2009-08-15 19:16 . 2009-06-10 11:42 160256 ----a-w- c:\windows\system32\wkssvc.dll
2009-08-15 19:16 . 2009-06-04 12:07 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-08-15 19:15 . 2009-06-10 11:38 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-08-15 19:15 . 2009-06-15 14:52 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-08-15 19:15 . 2009-06-15 14:54 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-08-15 19:15 . 2009-06-15 14:53 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-08-15 19:15 . 2009-06-15 14:53 270848 ----a-w- c:\windows\system32\schannel.dll
2009-08-15 19:15 . 2009-06-15 14:52 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2009-08-15 19:15 . 2009-06-15 23:15 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys­
2009-08-15 19:15 . 2009-06-15 14:53 72704 ----a-w- c:\windows\system32\secur32.dll
2009-08-15 19:15 . 2009-06-15 12:48 9728 ----a-w- c:\windows\system32\lsass.exe
2009-08-15 19:14 . 2009-07-15 12:39 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-08-15 19:14 . 2009-07-15 12:39 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-08-15 19:14 . 2009-07-15 12:39 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-08-15 19:14 . 2009-07-15 12:40 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-08-15 18:55 . 2009-08-15 18:55 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-08-14 18:29 . 2009-08-14 19:32 -------- d-----w- c:\programdata\NOS
2009-08-14 18:29 . 2009-08-14 19:32 -------- d-----w- c:\program files\NOS
2009-07-29 18:51 . 2009-07-29 18:54 -------- d-----w- c:\programdata\Yahoo! Companion
2009-07-29 10:53 . 2009-07-21 21:52 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-29 10:52 . 2009-07-21 21:47 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-29 10:52 . 2009-07-21 20:13 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-29 10:52 . 2009-07-21 21:47 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-25 13:43 . 2009-07-25 13:44 -------- d-----w- c:\users\Lefeve Catherine\AppData\Roaming\FUEL Demo
2009-07-25 13:43 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2009-07-24 22:17 . 2009-03-09 13:27 453456 ----a-w- c:\windows\system32\d3dx10_41.dll
2009-07-24 22:17 . 2009-03-09 13:27 1846632 ----a-w- c:\windows\system32\D3DCompiler_41.dl­l
2009-07-24 22:17 . 2009-03-09 13:27 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2009-07-24 22:17 . 2009-03-16 12:18 69448 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2009-07-24 22:17 . 2009-03-16 12:18 517448 ----a-w- c:\windows\system32\XAudio2_4.dll
2009-07-24 22:17 . 2009-03-16 12:18 235352 ----a-w- c:\windows\system32\xactengine3_4.dll
2009-07-24 22:17 . 2009-03-16 12:18 22360 ----a-w- c:\windows\system32\X3DAudio1_6.dll
2009-07-24 22:17 . 2008-10-15 04:22 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2009-07-24 22:17 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2009-07-24 22:17 . 2008-10-15 04:22 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dl­l
2009-07-20 18:02 . 2009-07-20 18:02 -------- d-----w- C:\rsit
2009-07-19 14:39 . 2009-07-19 15:11 -------- d-----w- c:\program files\LibUSB-Win32-0.1.10.1
2009-07-19 14:39 . 2005-03-09 18:50 33792 ----a-w- c:\windows\system32\drivers\libusb0.sys­
2009-07-19 14:39 . 2005-03-09 18:50 46592 ----a-w- c:\windows\system32\libusb0.dll
2009-07-19 13:01 . 2009-08-15 19:09 -------- d-----w- c:\program files\Common Files\Steam

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-16 22:48 . 2009-06-23 14:08 79371296 --sha-w- c:\windows\system32\drivers\fidbox.d­at
2009-08-16 22:48 . 2008-01-21 08:40 49234 ----a-w- c:\windows\system32\perfh00C.dat
2009-08-16 22:48 . 2008-01-21 08:40 11514 ----a-w- c:\windows\system32\perfc00C.dat
2009-08-16 18:23 . 2009-05-02 17:39 -------- d-----w- c:\program files\Steam
2009-08-16 18:08 . 2009-06-23 13:45 -------- d-----w- c:\program files\eScan
2009-08-16 17:49 . 2009-06-23 14:08 1064252 --sha-w- c:\windows\system32\drivers\fidbox.id­x
2009-08-15 22:33 . 2009-03-01 12:59 9052 ----a-w- c:\users\Lefeve Catherine\AppData\Local\d3d9caps.dat
2009-08-15 19:54 . 2009-05-05 18:12 -------- d-----w- c:\program files\trend micro
2009-08-15 19:45 . 2009-05-25 23:18 -------- d-----w- c:\programdata\WLInstaller
2009-08-15 19:19 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-08-15 19:08 . 2009-01-25 20:56 -------- d-----w- c:\programdata\Google Updater
2009-08-15 18:55 . 2008-12-26 20:23 -------- d-----w- c:\program files\Windows Live
2009-08-15 18:51 . 2009-01-24 13:42 -------- d-----w- c:\program files\Microsoft Silverlight
2009-08-11 20:09 . 2009-06-03 16:02 137544 ----a-w- c:\windows\system32\drivers\PnkBstrK.s­ys
2009-08-11 20:09 . 2009-06-03 16:02 189480 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-08-10 18:21 . 2009-06-03 16:02 22328 ----a-w- c:\users\Lefeve Catherine\AppData\Roaming\PnkBstrK.sys
2009-08-10 18:21 . 2009-06-03 16:02 22328 ----a-w- c:\users\Lefeve Catherine\AppData\Roaming\PnkBstrK.sys
2009-08-10 18:21 . 2009-07-17 17:38 2506752 ----a-w- c:\windows\system32\pbsvc.exe
2009-08-06 22:46 . 2009-07-13 12:03 -------- d-----w- c:\program files\Java
2009-07-29 18:51 . 2009-05-08 00:39 -------- d-----w- c:\program files\Yahoo!
2009-07-25 03:23 . 2009-01-30 23:38 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-07-20 10:24 . 2009-04-02 16:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-20 10:24 . 2009-04-09 10:22 3775176 ----a-w- c:\programdata\Malwarebytes\Malwareby­tes' Anti-Malware\mbam-setup.exe
2009-07-19 11:19 . 2009-07-14 17:54 -------- d-----w- c:\users\Lefeve Catherine\AppData\Roaming\SystemRequirementsLab
2009-07-17 17:29 . 2009-07-17 17:29 -------- d-----w- c:\program files\EA Games
2009-07-14 17:54 . 2009-05-30 12:19 -------- d-----w- c:\program files\SystemRequirementsLab
2009-07-14 17:54 . 2009-07-14 17:54 207872 ----a-w- c:\users\Lefeve Catherine\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl­_4.dll
2009-07-14 17:54 . 2009-07-14 17:54 207872 ----a-w- c:\users\Lefeve Catherine\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl­_3.dll
2009-07-14 17:54 . 2009-07-14 17:54 207872 ----a-w- c:\users\Lefeve Catherine\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl­_2.dll
2009-07-14 17:54 . 2009-07-14 17:54 207872 ----a-w- c:\users\Lefeve Catherine\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl­_1.dll
2009-07-13 11:36 . 2009-04-02 16:31 38160 ----a-w- c:\windows\system32\drivers\mbamswissar­my.sys
2009-07-13 11:36 . 2009-04-02 16:31 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-13 00:23 . 2009-07-13 00:20 16938150 ----a-w- c:\windows\REGBK01.ZIP
2009-07-07 20:36 . 2009-06-27 10:47 -------- d-----w- c:\program files\DivX
2009-07-05 14:22 . 2009-06-03 16:02 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-07-01 11:27 . 2008-12-26 18:18 -------- d-----w- c:\program files\Google
2009-07-01 11:26 . 2009-06-27 10:48 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-07-01 11:19 . 2009-07-01 11:17 16866703 ----a-w- c:\windows\REGBK00.ZIP
2009-06-30 22:42 . 2009-06-08 18:57 -------- d-----w- c:\users\Lefeve Catherine\AppData\Roaming\Todae
2009-06-30 22:34 . 2009-05-12 22:10 -------- d-----w- c:\users\Lefeve Catherine\AppData\Roaming\vlc
2009-06-30 22:34 . 2009-06-27 10:53 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-06-30 22:34 . 2009-06-03 15:26 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-30 22:34 . 2009-06-25 16:59 -------- d-----w- c:\program files\Common Files\ArcSoft
2009-06-30 22:34 . 2009-06-23 13:45 -------- d-----w- c:\program files\Common Files\MicroWorld
2009-06-30 22:34 . 2009-01-26 22:08 -------- d-----w- c:\program files\CCleaner
2009-06-30 22:34 . 2009-06-25 16:59 -------- d-----w- c:\program files\ArcSoft
2009-06-30 12:33 . 2009-06-30 12:33 -------- d-----w- c:\users\Lefeve Catherine\AppData\Roaming\InstallShield
2009-06-30 12:30 . 2009-06-30 12:30 -------- d-----w- c:\program files\ArcSoft(55)
2009-06-28 20:54 . 2009-06-28 20:54 -------- d-----w- c:\users\Lefeve Catherine\AppData\Roaming\Media Player Classic
2009-06-27 16:48 . 2009-06-27 11:06 -------- d-----w- c:\users\Lefeve Catherine\AppData\Roaming\DivX
2009-06-26 19:07 . 2009-06-25 17:05 -------- d-----w- c:\programdata\ArcSoft
2009-06-25 18:20 . 2009-06-25 18:15 -------- d-----w- c:\users\Lefeve Catherine\AppData\Roaming\ArcSoft
2009-06-25 14:36 . 2009-07-17 17:28 1291640 ----a-w- c:\users\Lefeve Catherine\AppData\Roaming\Mozilla\Firefox\Profiles\d66ixnv4.­default\extensions\battlefieldheroespatcher@ea.com\platform\­WINNT_x86-msvc\plugins\BFHUpdater.exe
2009-06-25 14:36 . 2009-07-17 17:28 729088 ----a-w- c:\users\Lefeve Catherine\AppData\Roaming\Mozilla\Firefox\Profiles\d66ixnv4.­default\extensions\battlefieldheroespatcher@ea.com\platform\­WINNT_x86-msvc\plugins\npBFHUpdater.dll
2009-06-23 20:24 . 2009-06-23 20:24 45 ---h--w- c:\windows\dace4368.dat
2009-06-23 14:02 . 2009-06-23 14:02 28260 ----a-w- c:\windows\WSSPORD.DAT
2009-06-23 13:59 . 2009-06-23 13:59 6288 ----a-w- c:\windows\system32\eInstall.dat
2009-06-23 13:45 . 2009-06-23 13:45 29754 ----a-w- c:\windows\winsbak.reg
2009-06-23 13:45 . 2009-06-23 13:45 256026 ----a-w- c:\windows\winsbak2.reg
2009-06-23 13:45 . 2009-06-23 13:45 -------- d-----w- c:\programdata\OEM Links
2009-06-15 14:53 . 2009-07-15 10:53 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-06-15 14:52 . 2009-07-15 10:53 23552 ----a-w- c:\windows\system32\lpk.dll
2009-06-15 14:52 . 2009-07-15 10:53 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-06-15 14:51 . 2009-07-15 10:52 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-06-15 12:42 . 2009-07-15 10:53 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-06-10 18:15 . 2009-06-10 18:15 15256 ----a-w- c:\users\Lefeve Catherine\AppData\Roaming\Microsoft\IdentityCRL\PROD\ppcrlco­nfig.dll
2009-06-06 03:57 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-06-06 03:49 . 2006-11-02 12:37 37665 ----a-w- c:\windows\Fonts\GlobalUserInterface.Co­mpositeFont
2009-06-03 16:21 . 2009-02-25 01:10 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-05-29 15:30 . 2009-05-29 15:30 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2009-05-29 15:30 . 2009-05-29 15:30 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2009-05-27 13:36 . 2009-01-08 19:38 278 ----a-w- c:\users\Lefeve Catherine\AppData\Roaming\wklnhst.dat
2009-05-21 19:45 . 2009-02-27 14:40 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2009-05-21 18:49 . 2009-05-21 18:49 0 ----a-w- c:\windows\nsreg.dat
2009-05-21 09:43 . 2009-05-21 09:43 122880 ----a-w- c:\windows\system32\UAService7.exe
2009-05-20 23:34 . 2009-05-20 23:34 4096 ----a-w- c:\windows\d3dx.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-03-04 21:38 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-25 39408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2009-07-27 1644784]
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"Steam"="c:\program files\steam\steam.exe" [2009-07-19 1217784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-02-20 1443072]
"WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-05-17 68592]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-27 13687328]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 92704]
"eScan Install-checker"="c:\windows\system32\eInstall.exe" [2005-01-24 508928]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-04-29 188728]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-03-26 5369856]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Wireless Configuration Utility.lnk - c:\program files\TRENDnet\TEW-424UB\WlanCU.exe [2007-4-29 434176]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe\0SsiEfr.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):98,a6,1b,18,5c,e6,c9,01

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{D0C4BE1C-C5B4-4EDF-8FAE-55F438D2DD45}"= c:\program files\Acer Arcade Live\Acer Arcade Live Main Page\Acer Arcade Live.exe:Acer Arcade Live
"{D90364C1-473F-4313-B223-9241901080C1}"= c:\program files\Acer Arcade Live\Acer DV Magician\Acer DV Magician.exe:Acer DV Magician
"{AA766C76-F16E-4FE2-A422-7D2BC7C139D9}"= c:\program files\Acer Arcade Live\Acer SlideShow DVD\Acer SlideShow DVD.exe:Acer SlideShow DVD
"{42C706D2-3910-46FE-98CE-7F03D2047D4F}"= c:\program files\Acer Arcade Live\Acer VideoMagician\Acer VideoMagician.exe:Acer VideoMagician
"{5649A2D4-F7CA-4F7C-97E2-374C5D2FDF1C}"= c:\program files\Acer Arcade Live\Acer HomeMedia\Acer HomeMedia.exe:Acer HomeMedia
"{DEDBB5C9-7C94-4700-B32A-CE4BFF5B1973}"= c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Acer HomeMedia Connect.exe:Acer HomeMedia Connect
"{FB16079E-B65F-45E2-8AEC-A6FAD42159A2}"= c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.EXE:Acer HomeMedia Connect Service
"{88149B78-7766-4162-8F83-D8B6FC8BC0C6}"= c:\program files\Acer Arcade Live\Acer HomeMedia Trial Creator\Acer HomeMedia Trial Creator.exe:Acer HomeMedia Trial Creator
"{7ACC89C8-89F3-4312-9C9F-199767E21D32}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{C579C023-D32A-41D7-8B1A-6026E5BF1B7B}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{B1E1D851-ED4E-43FF-BD3F-080B20BDC023}"= c:\program files\Acer Arcade Live\Acer DVDivine\Acer DVDivine.exe:Acer DVDivine
"{140386EE-96E0-4FEF-A02F-6FAC37BDD3A7}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe
"{EF4F573B-DB47-4635-B3BF-FEB2070B6865}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe
"{38BFF5AF-2C45-4A78-A138-33101997BA94}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe
"{6AEEC8E4-82E8-4C7B-A265-0761020E8073}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe
"{DD76C2F8-89EE-4986-880C-2661D4ACB58C}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe
"{6A18787C-34F5-43E8-BD37-A88FF14BAB64}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe
"TCP Query User{31C61B21-AE01-4E77-85E9-96789B8B5A4D}c:\\program files\\ares\\ares.exe"= UDP:c:\program files\ares\ares.exe:Ares p2p for windows
"UDP Query User{50D0F718-542A-460D-8184-1C4206EE79F3}c:\\program files\\ares\\ares.exe"= TCP:c:\program files\ares\ares.exe:Ares p2p for windows
"{51BAE3D8-02DB-48AB-977D-87107DDEC428}"= UDP:c:\programdata\NexonEU\NGM\NGM.exe:Nexon Game Manager
"{FFF78D28-7B36-4908-B770-EEAF68A0A748}"= TCP:c:\programdata\NexonEU\NGM\NGM.exe:Nexon Game Manager
"{5FFD5943-2747-46A8-B556-EC457898BCE8}"= UDP:c:\users\Lefeve Catherine\AppData\Local\Temp\PurpleBean.exe:PurpleBean.exe
"{B2D256CF-569C-4406-9E62-4508F8A21F30}"= TCP:c:\users\Lefeve Catherine\AppData\Local\Temp\PurpleBean.exe:PurpleBean.exe
"{1463CA75-8796-40A6-84D8-09210B23F0C4}"= UDP:c:\program files\Pando Networks\Media Booster\PMB.exe:Pando Media Booster
"{9CF97287-D046-4DCE-9DDC-DE10B1766E6B}"= TCP:c:\program files\Pando Networks\Media Booster\PMB.exe:Pando Media Booster
"{FDC70AA3-02AB-48A1-9FEB-355F1CF0B077}"= UDP:c:\programdata\NexonUS\NGM\NGM.exe:Nexon Game Manager
"{5B594A7E-415D-460B-AF44-ECD848BF847C}"= TCP:c:\programdata\NexonUS\NGM\NGM.exe:Nexon Game Manager
"{3CEF4C33-C280-405D-BE24-F694C40C2BE1}"= UDP:c:\nexon\Combat Arms EU\NMService.exe:Nexon Messenger Core
"{C3444528-921E-4961-9600-E53559818200}"= TCP:c:\nexon\Combat Arms EU\NMService.exe:Nexon Messenger Core
"{4FEEED50-0F2A-4049-ADFC-B5E4A131093A}"= UDP:c:\program files\Steam\steamapps\common\men of war - demo\mow_demo.exe:Men of War - Demo
"{84025048-6366-46CC-9B11-42098B15CF62}"= TCP:c:\program files\Steam\steamapps\common\men of war - demo\mow_demo.exe:Men of War - Demo
"{7F0E62F7-A480-45E5-9990-9D858ECFA929}"= UDP:c:\program files\Steam\steamapps\common\making history the calm and the storm demo\bin\makehist.exe:Making History: The Calm and The Storm Demo
"{519B675A-3936-479B-B9D8-B5B387E9A07C}"= TCP:c:\program files\Steam\steamapps\common\making history the calm and the storm demo\bin\makehist.exe:Making History: The Calm and The Storm Demo
"{63C4BFA0-FCC2-4F20-A3E5-119C7BBBCDEA}"= UDP:c:\program files\Steam\steamapps\idrissio08\stcc demo\STCC_Demo_Steam.exe:STCC - The Game - Demo
"{E15B84F9-1FA5-49AC-991F-A202858F50C2}"= TCP:c:\program files\Steam\steamapps\idrissio08\stcc demo\STCC_Demo_Steam.exe:STCC - The Game - Demo
"{5858EE39-14B6-4DB1-98C2-99514727AB39}"= UDP:c:\program files\Steam\steamapps\idrissio08\stcc demo\Config.exe:STCC - The Game - Demo
"{E8E96C7D-52BB-47B1-95B6-E293C63C71F7}"= TCP:c:\program files\Steam\steamapps\idrissio08\stcc demo\Config.exe:STCC - The Game - Demo
"{FD0B7739-6A50-432B-B6DC-DCBE8B63E699}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{B1976682-1B7A-494E-9395-87FEDF95AD31}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{38D9B09E-DEA4-41BD-97BF-86252E9FA398}"= UDP:c:\program files\THQ\Frontlines-Fuel of War\Binaries\FFOW.exe:Frontlines Game
"{3B2B079D-AB92-479A-9C52-DBB5638C6474}"= TCP:c:\program files\THQ\Frontlines-Fuel of War\Binaries\FFOW.exe:Frontlines Game
"{D6CBFD44-A447-4C1A-B9AD-778CBC89475A}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{C1CF67FD-7437-4AAE-B954-4A091FBC5EE5}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{7473F943-D047-4DD5-B2B7-2D17CB7A0AE4}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{D055F971-BEED-4CA7-A628-02D596443D79}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{5201AEDA-487F-4547-A313-211B387AA20D}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{43F0EAB9-0F97-496A-8A76-928D0F1C9106}"= UDP:c:\program files\Steam\steamapps\common\light of altair demo\Altair.exe:Light of Altair Demo
"{4283A27A-53E8-4F06-A399-D51CFEA15BC5}"= TCP:c:\program files\Steam\steamapps\common\light of altair demo\Altair.exe:Light of Altair Demo
"TCP Query User{39508617-4927-4BC8-B5A2-BB569520F9F0}c:\\download\\steamapps\\idrissio08\\insurgency\\hl2.exe"= UDP:c:\download\steamapps\idrissio08\insurgency\hl2.exe:hl2
"UDP Query User{432995EB-7832-49EA-A175-C92C6A399C18}c:\\download\\steamapps\\idrissio08\\insurgency\\hl2.exe"= TCP:c:\download\steamapps\idrissio08\insurgency\hl2.exe:hl2
"TCP Query User{4A2E787F-0BCE-4D50-8EC0-E558C73948A8}c:\\download\\steamapps\\idrissio08\\zombie panic! source\\hl2.exe"= UDP:c:\download\steamapps\idrissio08\zombie panic! source\hl2.exe:hl2
"UDP Query User{D15350E8-6EB6-4CAE-8BF5-41EEDE351008}c:\\download\\steamapps\\idrissio08\\zombie panic! source\\hl2.exe"= TCP:c:\download\steamapps\idrissio08\zombie panic! source\hl2.exe:hl2
"TCP Query User{1E857CD9-7ECF-4CC1-9FA9-0613E949BD8A}c:\\download\\steamapps\\idrissio08\\condition zero\\hl.exe"= UDP:c:\download\steamapps\idrissio08\condition zero\hl.exe:Half-Life Launcher
"UDP Query User{F8257C6D-2768-400D-8731-D07F7194782C}c:\\download\\steamapps\\idrissio08\\condition zero\\hl.exe"= TCP:c:\download\steamapps\idrissio08\condition zero\hl.exe:Half-Life Launcher
"{BBCDAEE1-7A94-43AF-965E-9903A3F1DFC9}"= UDP:c:\download\steamapps\common\america's army 3 dedicated server\Binaries\myrunserver.bat:America's Army 3 Dedicated Server
"{BD2C1225-ADD1-4701-8203-BDA00BBFCAA0}"= TCP:c:\download\steamapps\common\america's army 3 dedicated server\Binaries\myrunserver.bat:America's Army 3 Dedicated Server
"{58E0A80F-139F-4CF6-9017-0563F7143F9C}"= UDP:c:\download\steamapps\common\america's army 3\Binaries\AA3Game.exe:America's Army 3
"{DE34FC89-EF0D-48D6-AFE8-5BF10FE6DF71}"= TCP:c:\download\steamapps\common\america's army 3\Binaries\AA3Game.exe:America's Army 3
"{2833E19E-20DB-4316-8163-4DAECE30173E}"= UDP:c:\download\steamapps\common\left 4 dead\srcds.exe:Left 4 Dead Dedicated Server
"{A033B6BD-94F0-4746-B25B-29DCA1E6237F}"= TCP:c:\download\steamapps\common\left 4 dead\srcds.exe:Left 4 Dead Dedicated Server
"{F2C6D2CC-4A6A-41CE-AA4E-6F5B8793B6AF}"= UDP:c:\download\steamapps\common\left 4 dead\bin\SDKLauncher.exe:Left 4 Dead Authoring Tools
"{E641229A-CE19-4DFA-B454-7AFC081309F2}"= TCP:c:\download\steamapps\common\left 4 dead\bin\SDKLauncher.exe:Left 4 Dead Authoring Tools
"{DEB1B0E3-1374-4E2A-BDFE-90A4761D0BF6}"= UDP:c:\download\steamapps\common\left 4 dead\left4dead.exe:Left 4 Dead
"{63FBC690-6C4E-4575-B5A4-B73F1BBD7EA5}"= TCP:c:\download\steamapps\common\left 4 dead\left4dead.exe:Left 4 Dead
"TCP Query User{60D71378-9EA7-403A-9048-198D2E25E8FF}c:\\program files\\steam\\steamapps\\idrissio08\\day of defeat source\\hl2.exe"= UDP:c:\program files\steam\steamapps\idrissio08\day of defeat source\hl2.exe:hl2
"UDP Query User{B3DA1894-B496-4BD9-BC34-F94B7A8D358A}c:\\program files\\steam\\steamapps\\idrissio08\\day of defeat source\\hl2.exe"= TCP:c:\program files\steam\steamapps\idrissio08\day of defeat source\hl2.exe:hl2
"{8C7693E5-AFA0-4BF6-B6F9-98F205C31DB5}"= UDP:c:\program files\Steam\steamapps\common\left 4 dead\srcds.exe:Left 4 Dead Dedicated Server
"{72F0322A-694A-4C81-A6D3-2BEEF1B39B86}"= TCP:c:\program files\Steam\steamapps\common\left 4 dead\srcds.exe:Left 4 Dead Dedicated Server
"{8B3BC2CE-FCBC-4334-9EDF-6292AC3905A3}"= UDP:c:\program files\Steam\steamapps\common\arma 2 demo\ArmA2Demo.exe:ARMA 2 Demo
"{C755C92C-32F2-468A-B5DC-D69381F12E7E}"= TCP:c:\program files\Steam\steamapps\common\arma 2 demo\ArmA2Demo.exe:ARMA 2 Demo
"{8D62F9CA-9F41-4C40-9EA6-51B576EA9803}"= UDP:c:\program files\Steam\steamapps\common\america's army 3\Binaries\AA3Game.exe:America's Army 3
"{EBA13C83-4A23-4951-A88C-13D3B4715D31}"= TCP:c:\program files\Steam\steamapps\common\america's army 3\Binaries\AA3Game.exe:America's Army 3
"{4AEB00BA-05C3-4C26-A057-09A829307F2A}"= UDP:c:\program files\Steam\steamapps\common\killingfloor\System\KillingFloor.exe:Killing Floor
"{00AB42F2-D6C3-41F3-AFF9-E71B430AB426}"= TCP:c:\program files\Steam\steamapps\common\killingfloor\System\KillingFloor.exe:Killing Floor
"{EAF07CD0-48DD-49D2-896E-EBD521B43A2A}"= UDP:c:\program files\Steam\steamapps\common\killingfloor\System\KFEd.exe:Killing Floor SDK
"{0FC12A9F-12D8-46B6-BDA7-B7B819D81D23}"= TCP:c:\program files\Steam\steamapps\common\killingfloor\System\KFEd.exe:Killing Floor SDK
"{D3ACBCB1-D964-473C-A597-049288A5B217}"= UDP:c:\program files\Steam\steamapps\common\america's army 3 dedicated server\Binaries\myrunserver.bat:America's Army 3 Dedicated Server
"{C8FE5422-ABF0-421B-8B11-87C00E5D6E31}"= TCP:c:\program files\Steam\steamapps\common\america's army 3 dedicated server\Binaries\myrunserver.bat:America's Army 3 Dedicated Server
"{E716F320-BE28-40B7-9B60-DB2B22BC7AC0}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{CD53C1BC-AED9-4196-83F0-C93E89F7C4F3}"= UDP:c:\program files\Steam\steamapps\common\left 4 dead\left4dead.exe:Left 4 Dead
"{7EE76A9B-01EB-47EE-B879-4A3322BA393D}"= TCP:c:\program files\Steam\steamapps\common\left 4 dead\left4dead.exe:Left 4 Dead

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Nexon\\Combat Arms EU\\CombatArms.exe"= c:\nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe
"c:\\Nexon\\Combat Arms EU\\Engine.exe"= c:\nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe
"c:\\Nexon\\Combat Arms\\CombatArms.exe"= c:\nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe
"c:\\Nexon\\Combat Arms\\Engine.exe"= c:\nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe
"c:\\PROGRA~1\\COMMON~1\\MICROW~1\\Agent\\MWAGENT.EXE"= c:\progra~1\COMMON~1\MICROW~1\Agent\MWAGENT.EXE:*:Enabled:MicroWorld Management Agent
"c:\\PROGRA~1\\eScan\\DOWNLOAD.EXE"= c:\progra~1\eScan\DOWNLOAD.EXE:*:Enabled:eScan Update Downloader
"c:\\PROGRA~1\\COMMON~1\\MICROW~1\\eScanRAD\\ESCANRAD.EXE"= c:\progra~1\COMMON~1\MICROW~1\eScanRAD\ESCANRAD.EXE:*:Enabled:eScan Remote Administration Tool
"c:\\PROGRA~1\\eScan\\TRAYICOS.EXE"= c:\progra~1\eScan\TRAYICOS.EXE:*:Enabled:eScan Server Updater
"c:\\PROGRA~1\\eScan\\ESERV.EXE"= c:\progra~1\eScan\ESERV.EXE:*:Enabled:eScan Management Console

R0 pavboot;pavboot;c:\windows\System32\drivers\pavboot.sys [16/05/2009 18:05 28544]
R0 ssfs0bbc;ssfs0bbc;c:\windows\System32\drivers\ssfs0bbc.sys [09/08/2008 15:42 29808]
R1 epfwtdir;epfwtdir;c:\windows\System32\drivers\epfwtdir.sys [20/02/2008 12:11 33800]
R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [09/05/2008 04:03 269448]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [03/03/2008 13:11 16384]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [20/02/2008 12:08 472320]
R2 eScan-eServ;eScan Management-Console;c:\progra~1\eScan\TRAYESER.EXE [23/06/2009 15:45 49664]
R2 eScan-trayicos;eScan Server-Updater;c:\progra~1\eScan\TRAYSSER.EXE [23/06/2009 15:45 50688]
R2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [09/05/2008 03:53 24576]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [25/04/2008 21:36 45056]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [25/04/2008 21:36 131072]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [08/05/2008 21:18 43552]
R3 RTL8187B;TRENDnet TEW-424UB 54M USB Dongle;c:\windows\System32\drivers\RTL8187B.sys [19/07/2007 01:40 281088]
S2 gupdate1c9a0149615d04d;Service Google Update (gupdate1c9a0149615d04d);c:\program files\Google\Update\GoogleUpdate.exe [08/03/2009 19:37 133104]
S3 athrusb6;Atheros Wireless LAN USB device driver 6 Series;c:\windows\System32\drivers\athru6.sys [06/06/2009 18:21 871936]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\System32\drivers\libusb0.sys [19/07/2009 16:39 33792]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\System32\drivers\PCAMp50.sys [26/12/2008 20:52 28224]
S3 PID_0920;Logitech QuickCam Express(PID_0920);c:\windows\System32\drivers\LV532AV.SYS [31/01/2005 11:13 163328]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-06-23 c:\windows\Tasks\eScan Update-Server.job
- c:\progra~1\eScan\ESERV.EXE [2009-06-23 08:38]

2009-06-23 c:\windows\Tasks\eScan Updater.job
- c:\progra~1\eScan\TRAYICOS.EXE [2009-06-23 14:27]

2009-08-16 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-25 23:58]

2009-08-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-08 17:37]

2009-08-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-08 17:37]

2009-06-23 c:\windows\Tasks\MailScan Dispatcher.job
- c:\progra~1\eScan\launch.exe [2009-06-23 14:02]
.
.
------- Supplementary Scan -------
.
mSearch bar = hxxp://www.google.com/ie
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: %SystemRoot%\system32\mwtsp.dll
LSP: %SYSTEMROOT%\system32\nvLsp.dll
FF - ProfilePath - c:\users\Lefeve Catherine\AppData\Roaming\Mozilla\Firefox\Profiles\d66ixnv4.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/webhp?hl=fr
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIAWB1&q=
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\Lefeve Catherine\AppData\Roaming\Mozilla\Firefox\Profiles\d66ixnv4.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-17 00:49
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"

[HKEY_USERS\S-1-5-21-361662847-2979653976-3885516880-1000\Software\SecuRom\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"????????????????????????"=hex:25,3e,da,3e,9b,55,63,79,aa,2c,11,16,1e,2e,33,76,
25,ab,d8,25,24,30,06,06,70,f0,60,e9,24,25,70,70,00,00,00,00,00,00,00,00,00,\

[HKEY_USERS\S-1-5-21-361662847-2979653976-3885516880-1000\Software\SecuRom\License information*]
"datasecu"=hex:3a,63,f1,ef,ae,5e,e7,62,bc,07,22,cb,2e,ce,3a,01,9e,59,58,30,0a,
b5,51,04,fa,4e,94,c0,8d,f9,2f,e3,0d,d5,da,d0,9f,f4,a4,f7,ad,93,22,aa,8b,cb,\
"rkeysecu"=hex:c6,71,1f,76,fb,c4,8f,28,23,cd,2c,6b,4f,ae,9e,17

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2009-08-16 0:54
ComboFix-quarantined-files.txt 2009-08-16 22:54

Pre-Run: 50 749 046 784 octets libres
Post-Run: 50 637 582 336 octets libres

374 --- E O F --- 2009-08-15 19:20

Clic droit sur le dossier C:\qoobox et zippe-le, ensuite envoie le ici : genproc.n.j@gmail.com stp
si ça a fonctionné, relance combofix et poste son nouveau rapport

Désolé mais n'etant pas très fort en informatique peux-tu détaillé stp parce que là je nage merci

Télécharge 7-zip ici http://downloads.sourceforge.net/sevenzip/7z465.exe et installe-le
ensuite tu vas dans poste de' travail > c:\ et tu fais un clic droit sur le dossier Qoobox > 7-zip > ajouter à Qoobox.zip
une fois que tu as obtenu l'archive, envoie-là à l'adresse mail indiquée

je peux pas mieux faire niveau explication

Quand je fais ajouter a Qoobox.zip sa me marque can not open file

Essaye dans le menu du clic droit "compresser et envoyer par mail"