Malveillant ou trojan ou virus ou la totale.. [Résolu/Fermé]

Signaler
Messages postés
66
Date d'inscription
lundi 27 octobre 2008
Statut
Membre
Dernière intervention
26 mars 2013
-
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
-
Bonjour,

Je viens chercher de l'aide vers vous par rapport à un probleme de logiciel malvaillant intempestif que je n'arrive pas à supprimer.
Il me bloque l'acces a mes lecteurs et me fait ramer le PC...
Je cris à l'aide car j'ai vraiment besoin de mon pc pour bosser...

Merci...

41 réponses

Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
445
Salut,

arrètes ton scan avec avast , ce dernier ne pourra rien faire de toute façon ^^
... Ton prb se ne serait pas plutôt trojan.VBS ou du genre ...



fais ceci pour commencer :


1- Télécharges et installes le logiciel HijackThis :

ici ftp://ftp.commentcamarche.com/download/HJTInstall.exe
ou ici http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
ou ici http://www.clubic.com/lancer-le-telechargement-51452-0-hijackthis.html

-->Cliques sur le setup pour lancer l'installe : laisses toi guider et ne modifies pas les paramètres d'installation .
A la fin de l'installe , le prg ce lance automatiquement : fermes le en cliquant sur la croix rouge .
Au final, tu dois avoir un raccourci sur ton bureau et aussi un cheminement comme :
"C:\ program files\Trend Micro\HijackThis\HijackThis.exe " .

( ne lance pas ce prg pour l'instant et fais la suite ... )



2- Télécharges Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.

-> http://images.malwareremoval.com/random/RSIT.exe

! Déconnecte toi et fermes toutes tes applications en cours !

Double-clique sur " RSIT.exe " pour le lancer .

-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .

* Devant l'option "List files/folders created ..." , tu choisis : 2 months

* cliques ensuite sur " Continue " pour lancer l'analyse ...


-> laisses faire le scan et ne touche pas au PC ...


Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).

Postes le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...

Note : il se peut que le rapport " log.txt " soit trop long pour le forum ...
Dans ce cas , postes le en 2 fois ... merci ...

( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
2
Merci

Quelques mots de remerciements seront grandement appréciés. Ajouter un commentaire

CCM 62527 internautes nous ont dit merci ce mois-ci

Messages postés
24
Date d'inscription
dimanche 26 octobre 2008
Statut
Membre
Dernière intervention
30 octobre 2008

mais normalement c'est lui qui doit te les suprimer
Messages postés
66
Date d'inscription
lundi 27 octobre 2008
Statut
Membre
Dernière intervention
26 mars 2013
7
Je suis en train d'en refaire un là...
Messages postés
66
Date d'inscription
lundi 27 octobre 2008
Statut
Membre
Dernière intervention
26 mars 2013
7
Oui mais ca à planté avant et j'arrive tjr pas à acceder à mes lecteurs...D'habitude ca marche apres le passage de l'anti virus mais la ca veut pas!!!
Messages postés
66
Date d'inscription
lundi 27 octobre 2008
Statut
Membre
Dernière intervention
26 mars 2013
7
Logfile of random's system information tool 1.04 (written by random/random)
Run by Alexandre at 2008-10-27 10:37:36
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 169 GB (55%) free of 305 GB
Total RAM: 3071 MB (81% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:37:36, on 27/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
C:\Program Files\Vtune\TBPanel.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\VM303_STI.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Alexandre\Local Settings\Temporary Internet Files\Content.IE5\70XKB12A\RSIT[1].exe
C:\Program Files\Trend Micro\HijackThis\Alexandre.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Config\csrss.exe
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [Ai Quicker Help] "C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe"
O4 - HKLM\..\Run: [Gainward] C:\Program Files\Vtune\TBPanel.exe /A
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O18 - Protocol: bw+0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: ArchVision Content Manager Service - Unknown owner - C:\Program Files\ArchVision\ArchVision Content Manager\rpcACMapp.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\WINDOWS\system32\Wacom_Tablet.exe
Messages postés
66
Date d'inscription
lundi 27 octobre 2008
Statut
Membre
Dernière intervention
26 mars 2013
7
suite

======Scheduled tasks folder======

C:\WINDOWS\tasks\EasyShare Registration Task.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{3E8FF9ED-09F6-45EA-ADAD-CAE31AD04203}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-10-24 2436160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-10-24 2436160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-04-17 16143872]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"JMB36X Configure"=C:\WINDOWS\system32\JMRaidTool.exe [2006-06-29 352256]
"Ai Quicker Help"=C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe [2006-07-19 3167744]
"Gainward"=C:\Program Files\Vtune\TBPanel.exe [2006-08-25 2154496]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-08-11 7630848]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-08-11 86016]
"MMTray"=C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe [2005-05-03 135168]
"mmtask"=C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe [2005-05-03 53248]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-09-01 282624]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]
"BigDog303"=C:\WINDOWS\VM303_STI.EXE [2005-06-23 61440]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-07-12 32768]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2008-10-17 289088]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe [2008-10-24 171448]
"eMuleAutoStart"=C:\Program Files\eMule\emule.exe [2008-08-02 5484544]
"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2008-09-29 1279216]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
ASUS WiFi-AP Solo.lnk - C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
Logiciel Kodak EasyShare.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
TabUserW.exe.lnk - C:\WINDOWS\system32\WTablet\TabUserW.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\DIGIEYE\avi\avi.exe"="C:\DIGIEYE\avi\avi.exe:*:Enabled:avi"
"C:\Program Files\Autodesk\3ds Max 9\3dsmax.exe"="C:\Program Files\Autodesk\3ds Max 9\3dsmax.exe:*:Enabled:Autodesk 3ds Max 9 32-bit"
"C:\Program Files\Autodesk\Backburner\monitor.exe"="C:\Program Files\Autodesk\Backburner\monitor.exe:*:Enabled:backburner 2.3 monitor"
"C:\Program Files\Autodesk\Backburner\manager.exe"="C:\Program Files\Autodesk\Backburner\manager.exe:*:Enabled:backburner 2.3 manager"
"C:\Program Files\Autodesk\Backburner\server.exe"="C:\Program Files\Autodesk\Backburner\server.exe:*:Enabled:backburner 2.3 server"
"C:\Program Files\HomePlayer\HomePlayer.exe"="C:\Program Files\HomePlayer\HomePlayer.exe:*:Enabled:HomePlayer"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
shell\AutoRun\command - E:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5bbe949a-5020-11dd-8d27-806d6172696f}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com c:
shell\Open\command - resycled\boot.com c:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5bbe949b-5020-11dd-8d27-806d6172696f}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com d:
shell\Open\command - D:\resycled\boot.com d:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f4598472-50bd-11dd-bd3c-0015af09c4f2}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com f:
shell\Open\command - F:\resycled\boot.com f:


======List of files/folders created in the last 2 months======

2008-10-27 10:36:50 ----D---- C:\rsit
2008-10-27 10:35:17 ----D---- C:\Program Files\Trend Micro
2008-10-27 00:06:41 ----D---- C:\Program Files\CCleaner
2008-10-26 23:32:34 ----D---- C:\Program Files\eToro
2008-10-26 23:28:53 ----D---- C:\Documents and Settings\Alexandre\Application Data\Malwarebytes
2008-10-26 23:28:47 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-26 23:28:47 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-26 23:09:08 ----A---- C:\WINDOWS\system32\sapphire_ae.dll
2008-10-26 23:09:08 ----A---- C:\WINDOWS\system32\mkl_genarts.dll
2008-10-26 23:09:08 ----A---- C:\WINDOWS\system32\libguide40.dll
2008-10-26 23:09:05 ----D---- C:\Program Files\GenArts
2008-10-26 23:09:05 ----A---- C:\WINDOWS\MSUTIL.INI
2008-10-26 23:07:12 ----A---- C:\WINDOWS\unvise32.exe
2008-10-26 17:31:33 ----D---- C:\Program Files\Pixologic
2008-10-26 17:31:12 ----D---- C:\WINDOWS\Downloaded Installations
2008-10-25 02:01:00 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-10-24 10:17:37 ----D---- C:\Documents and Settings\Alexandre\Application Data\Google
2008-10-24 10:11:37 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2008-10-24 10:11:32 ----D---- C:\Program Files\Google
2008-10-24 10:11:03 ----D---- C:\Program Files\NOS
2008-10-24 10:11:03 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2008-10-20 07:18:43 ----D---- C:\Documents and Settings\Alexandre\Application Data\Corel
2008-10-20 07:16:00 ----D---- C:\Program Files\Corel
2008-10-20 07:16:00 ----D---- C:\Documents and Settings\All Users\Application Data\Corel
2008-10-17 11:12:48 ----D---- C:\Program Files\DNA
2008-10-17 11:12:48 ----D---- C:\Documents and Settings\Alexandre\Application Data\DNA
2008-10-15 21:58:31 ----A---- C:\WINDOWS\system32\javaws.exe
2008-10-15 21:58:31 ----A---- C:\WINDOWS\system32\javaw.exe
2008-10-15 21:58:31 ----A---- C:\WINDOWS\system32\java.exe
2008-10-15 21:44:10 ----A---- C:\WINDOWS\ui_bitmapviewer.ini
2008-10-15 21:36:47 ----A---- C:\WINDOWS\NUGRAF.INI
2008-10-15 21:36:02 ----D---- C:\Program Files\NuGraf
2008-10-15 21:33:55 ----D---- C:\plugins
2008-10-15 21:33:54 ----D---- C:\Program Files\Bionatics
2008-10-15 21:33:54 ----D---- C:\Documents and Settings\All Users\Application Data\Bionatics
2008-10-15 21:26:39 ----D---- C:\Program Files\ArchVision
2008-10-15 21:23:41 ----D---- C:\Program Files\Macrovision
2008-10-15 21:22:23 ----D---- C:\Documents and Settings\Alexandre\Application Data\Sun
2008-10-15 21:22:14 ----D---- C:\Program Files\Java
2008-10-15 21:22:14 ----D---- C:\Program Files\Fichiers communs\Java
2008-10-15 21:21:23 ----D---- C:\Documents and Settings\Alexandre\Application Data\Autodesk
2008-10-15 21:14:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-15 21:14:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-15 21:14:30 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-15 21:14:04 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-15 21:13:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-13 23:26:18 ----A---- C:\WINDOWS\CD_Start.INI
2008-10-12 16:47:10 ----A---- C:\WINDOWS\ODBC.INI
2008-10-12 16:46:21 ----D---- C:\Program Files\Fichiers communs\Designer
2008-10-12 16:45:42 ----D---- C:\WINDOWS\ShellNew
2008-10-12 16:45:28 ----D---- C:\Program Files\Microsoft Office
2008-10-11 19:30:20 ----D---- C:\Program Files\Yahoo!
2008-10-11 19:29:33 ----D---- C:\Program Files\RM-X® Video Converter 2
2008-10-11 16:51:18 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2008-10-11 16:51:18 ----A---- C:\WINDOWS\system32\i420vfw.dll
2008-10-11 16:51:18 ----A---- C:\WINDOWS\system32\devil.dll
2008-10-11 16:51:18 ----A---- C:\WINDOWS\system32\AVSredirect.dll
2008-10-11 16:51:18 ----A---- C:\WINDOWS\system32\avisynth.dll
2008-10-11 16:51:18 ----A---- C:\WINDOWS\MOTA113.exe
2008-10-11 16:51:17 ----D---- C:\Program Files\AviSynth 2.5
2008-10-11 16:51:17 ----A---- C:\WINDOWS\x2.64.exe
2008-10-11 16:51:17 ----A---- C:\WINDOWS\system32\x.264.exe
2008-10-11 16:51:17 ----A---- C:\WINDOWS\meta4.exe
2008-10-11 16:29:33 ----D---- C:\Program Files\MediaCoder
2008-10-11 09:15:10 ----D---- C:\WINDOWS\Minidump
2008-10-11 09:01:45 ----D---- C:\Documents and Settings\Alexandre\Application Data\Media Player Classic
2008-10-11 09:01:02 ----D---- C:\Program Files\Combined Community Codec Pack
2008-10-10 21:08:22 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-10-10 19:44:23 ----A---- C:\vraylog.txt
2008-10-10 19:18:08 ----D---- C:\Program Files\Fichiers communs\ChaosGroup
2008-10-10 19:18:08 ----A---- C:\VRLServer.txt
2008-10-10 19:18:02 ----D---- C:\Program Files\Chaos Group
2008-10-10 11:55:27 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2008-10-10 02:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2008-10-10 02:00:34 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2008-10-10 02:00:17 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-10-09 20:42:57 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-10-09 20:42:56 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2008-10-09 20:42:45 ----D---- C:\Program Files\Windows Media Connect 2
2008-10-09 20:42:38 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2008-10-09 20:42:08 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2008-10-09 20:41:51 ----D---- C:\WINDOWS\system32\LogFiles
2008-10-09 20:41:48 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2008-10-05 12:56:48 ----D---- C:\Program Files\HomePlayer
2008-10-04 14:30:50 ----D---- C:\Program Files\Fichiers communs\Autodesk Shared
2008-10-04 11:52:35 ----D---- C:\Documents and Settings\All Users\Application Data\Autodesk
2008-10-04 11:51:05 ----D---- C:\Program Files\Autodesk
2008-10-04 11:49:42 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2008-09-30 18:22:14 ----A---- C:\WINDOWS\VMZoom.exe
2008-09-30 18:22:14 ----A---- C:\WINDOWS\VMPipe.dll
2008-09-30 18:22:14 ----A---- C:\WINDOWS\vidcap32.Exe
2008-09-30 18:22:13 ----D---- C:\WINDOWS\EffectResources
2008-09-30 18:22:13 ----D---- C:\WINDOWS\CatRoot
2008-09-30 18:22:13 ----D---- C:\Program Files\Vimicro
2008-09-30 18:22:13 ----A---- C:\WINDOWS\VM303Cap.exe
2008-09-30 18:22:13 ----A---- C:\WINDOWS\VM303_STI.exe
2008-09-30 18:22:13 ----A---- C:\WINDOWS\system32\VM303STI.dll
2008-09-30 18:22:13 ----A---- C:\WINDOWS\Sti303.exe
2008-09-30 18:22:13 ----A---- C:\WINDOWS\RunSetup.dll
2008-09-30 18:22:13 ----A---- C:\WINDOWS\amcap.exe
2008-09-30 18:01:59 ----D---- C:\Documents and Settings\Alexandre\Application Data\Help
2008-09-30 17:47:39 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2008-09-30 17:33:53 ----A---- C:\WINDOWS\unvpeye.ini
2008-09-12 02:00:24 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
Messages postés
66
Date d'inscription
lundi 27 octobre 2008
Statut
Membre
Dernière intervention
26 mars 2013
7
suite 2

======List of files/folders modified in the last 2 months======

2008-10-27 10:36:56 ----A---- C:\WINDOWS\DFC.INI
2008-10-27 10:36:54 ----D---- C:\WINDOWS\Prefetch
2008-10-27 10:35:17 ----D---- C:\Program Files
2008-10-27 09:53:51 ----D---- C:\Documents and Settings\Alexandre\Application Data\Vso
2008-10-27 09:10:51 ----D---- C:\Program Files\eMule
2008-10-27 07:46:02 ----D---- C:\WINDOWS\Temp
2008-10-27 03:43:19 ----D---- C:\WINDOWS\system32\CatRoot2
2008-10-27 03:00:59 ----SHD---- C:\WINDOWS\Installer
2008-10-27 03:00:36 ----D---- C:\Config.Msi
2008-10-27 03:00:33 ----D---- C:\WINDOWS
2008-10-27 00:28:36 ----A---- C:\WINDOWS\RTacDbg.txt
2008-10-27 00:25:03 ----D---- C:\WINDOWS\Debug
2008-10-27 00:18:01 ----D---- C:\WINDOWS\system32
2008-10-26 23:42:17 ----D---- C:\Documents and Settings\Alexandre\Application Data\WTablet
2008-10-26 23:41:33 ----D---- C:\WINDOWS\system32\drivers
2008-10-26 23:40:50 ----N---- C:\WINDOWS\SchedLgU.Txt
2008-10-26 23:18:44 ----HD---- C:\WINDOWS\inf
2008-10-26 17:31:48 ----SD---- C:\Documents and Settings\Alexandre\Application Data\Microsoft
2008-10-26 09:22:42 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-25 02:01:02 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-10-25 02:00:44 ----HD---- C:\WINDOWS\$hf_mig$
2008-10-24 10:35:35 ----D---- C:\Documents and Settings\Alexandre\Application Data\Adobe
2008-10-24 10:35:20 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-10-24 10:34:21 ----D---- C:\Program Files\Fichiers communs\Adobe
2008-10-24 10:33:57 ----D---- C:\Program Files\Adobe
2008-10-24 10:11:06 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-10-22 15:21:54 ----D---- C:\Documents and Settings\Alexandre\Application Data\BitTorrent
2008-10-22 14:57:35 ----D---- C:\Documents and Settings\Alexandre\Application Data\ZoomBrowser EX
2008-10-17 11:12:51 ----D---- C:\Program Files\BitTorrent
2008-10-15 22:28:59 ----D---- C:\WINDOWS\Microsoft.NET
2008-10-15 22:28:58 ----RSD---- C:\WINDOWS\assembly
2008-10-15 21:47:30 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-15 21:36:22 ----D---- C:\WINDOWS\WinSxS
2008-10-15 21:22:14 ----D---- C:\Program Files\Fichiers communs
2008-10-15 21:14:19 ----D---- C:\Program Files\Internet Explorer
2008-10-15 21:14:11 ----D---- C:\WINDOWS\ie7updates
2008-10-15 21:08:37 ----D---- C:\WINDOWS\system32\mui
2008-10-15 21:07:23 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2008-10-15 17:35:43 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-12 17:19:38 ----A---- C:\WINDOWS\win.ini
2008-10-12 16:45:49 ----D---- C:\Program Files\Fichiers communs\System
2008-10-12 16:45:46 ----RSD---- C:\WINDOWS\Fonts
2008-10-12 16:45:28 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-10-12 16:43:37 ----D---- C:\WINDOWS\system
2008-10-10 11:57:08 ----D---- C:\WINDOWS\system32\CatRoot
2008-10-10 02:07:00 ----D---- C:\Program Files\Windows Media Player
2008-10-09 20:42:43 ----D---- C:\WINDOWS\Help
2008-10-07 20:19:40 ----A---- C:\WINDOWS\system32\MRT.exe
2008-10-04 14:29:38 ----D---- C:\WINDOWS\system32\DirectX
2008-10-03 18:12:27 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-09-30 18:22:13 ----D---- C:\WINDOWS\twain_32
2008-09-30 17:32:14 ----D---- C:\Program Files\Fichiers communs\InstallShield
2008-09-13 16:44:34 ----D---- C:\Documents and Settings\All Users\Application Data\ZoomBrowser

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-19 26944]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2005-12-22 5685]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-07-19 42912]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-07-12 21035]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-07-19 94416]
R2 TBPanel;TBPanel; C:\WINDOWS\system32\drivers\TBPanel.sys [2002-07-27 5306]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-07-19 23152]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-04-17 4262912]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2005-05-20 13056]
R3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2005-05-20 54528]
R3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2005-05-20 68352]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-08-11 3958496]
R3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter; C:\WINDOWS\system32\DRIVERS\RTL8187.sys [2006-06-16 176128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys [2007-02-16 11312]
R3 wacomvhid;Wacom Virtual Hid Driver; C:\WINDOWS\system32\DRIVERS\wacomvhid.sys [2007-02-16 12848]
R3 WacomVKHid;Virtual Keyboard Driver; C:\WINDOWS\system32\DRIVERS\WacomVKHid.sys [2007-02-15 11440]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2005-03-30 230400]
R3 ZSMC303;VIMICRO USB PC Camera (ZC0301PLH); C:\WINDOWS\System32\Drivers\usbVM303.sys [2005-06-22 389756]
S3 Asushwio;Asushwio; \??\C:\WINDOWS\system32\drivers\Asushwio.sys []
S3 Cardex;Cardex; \??\C:\WINDOWS\system32\drivers\TBPANEL.SYS []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 Ndisprot;ArcNet NDIS Protocol Driver; \??\C:\WINDOWS\system32\drivers\Ndisprot.sys []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe [2008-10-05 72704]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2005-09-30 96341]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-08-11 155715]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
S2 ArchVision Content Manager Service;ArchVision Content Manager Service; C:\Program Files\ArchVision\ArchVision Content Manager\rpcACMapp.exe --service --path C:\Program Files\ArchVision\ArchVision Content Manager []
S2 mi-raysat_3dsmax9_32;mental ray 3.5 Satellite (32-bit); C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe [2006-09-29 65536]
S2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2006-11-02 174656]
S2 TabletServiceWacom;TabletServiceWacom; C:\WINDOWS\system32\Wacom_Tablet.exe [2007-09-07 1373480]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-07-13 654848]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-24 138168]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------
Messages postés
66
Date d'inscription
lundi 27 octobre 2008
Statut
Membre
Dernière intervention
26 mars 2013
7
et j'ai pas le:

"ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ... "

Voila..
Messages postés
66
Date d'inscription
lundi 27 octobre 2008
Statut
Membre
Dernière intervention
26 mars 2013
7
Si g trouvé


info.txt:


info.txt logfile of random's system information tool 1.04 2008-10-27 10:36:54

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
3dsmax ancillary install-->MsiExec.exe /I{7C8B5E63-821A-4DFB-BDFA-19854D88EC5C}
Adobe After Effects CS3 Presets-->MsiExec.exe /I{4B215C29-1A3E-4736-92AA-10C83FA56EB9}
Adobe After Effects CS3-->C:\Program Files\Fichiers communs\Adobe\Installers\b7dd24a87e82dcf8af8876fd727b7cf\Setup.exe
Adobe After Effects CS3-->MsiExec.exe /I{8AF3FB06-BDA3-42A3-995C-308812D2F094}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->C:\Program Files\Fichiers communs\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe
Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->C:\Program Files\Fichiers communs\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->C:\Program Files\Fichiers communs\Adobe\Installers\2ac78060bc5856b0c1cf873bb919b58\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Adobe Setup-->MsiExec.exe /I{2C294A0B-DF22-4023-B168-8C7645B10019}
Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}
Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}
Adobe Setup-->MsiExec.exe /I{D1BB4446-AE9C-4256-9A7F-4D46604D2462}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe Video Profiles-->MsiExec.exe /I{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP DVA Panels CS3-->MsiExec.exe /I{0224CACC-994D-45F8-B973-D65056EA9C2F}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ASUS DH Remote-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34A0AF85-C323-4867-8AA3-00A3E5A7A12B}\Setup.exe" -l0x40c
ASUS WiFi-AP Solo-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B3F4499-32E6-470D-8586-E6C03420F889}\Setup.exe" -l0x9 REMOVE
Autodesk 3ds Max 9 32-bit-->MsiExec.exe /I{E96D4088-AAC5-437F-9E39-EC0E387897B4}
Autodesk DWF Viewer 7-->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Backburner-->MsiExec.exe /I{3D347E6D-5A03-4342-B5BA-6A771885F379}
Canon Camera Access Library-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini"
Canon Camera Support Core Library-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini"
Canon Camera Window DC_DV 5 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini"
Canon Camera Window DC_DV 6 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"
Canon Camera Window MC 6 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowMC\Uninst.ini"
CANON iMAGE GATEWAY Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CRWUnInstall.ini"
Canon Internet Library for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CIGUnInstall.ini"
Canon RAW Image Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini"
Canon RemoteCapture Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"
Canon Utilities Digital Photo Professional 2.2-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\Digital Photo Professional\Uninst.ini"
Canon Utilities EOS Utility-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini"
Canon Utilities PhotoStitch-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini"
Canon Utilities ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CCScore-->MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
Combined Community Codec Pack 2008-09-21 16:18-->"C:\Program Files\Combined Community Codec Pack\unins000.exe"
Corel Painter X-->C:\Program Files\Corel\Corel Painter X\MSILauncher {05D60953-9012-44DF-A1A6-9DD97AD6580A} C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\PainterX.log
Corel Painter X-->MsiExec.exe /I{05D60953-9012-44DF-A1A6-9DD97AD6580A}
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
CycoreFX HD 1.6 for After Effects-->C:\WINDOWS\unvise32.exe C:\WINDOWS\CycoreFX HD-1.6-for-After Effects-Uninstall.log
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
EASYnatMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{22AFFED5-F914-41E1-842C-6B51EFEEB66F}\Setup.exe" -l0x9
eMule-->"C:\Program Files\eMule\Uninstall.exe"
ESSBrwr-->MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
ESSCDBK-->MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore-->MsiExec.exe /I{42938595-0D83-404D-9F73-F8177FDD531A}
ESSgui-->MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESSini-->MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD-->MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSPDock-->MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
ESSSONIC-->MsiExec.exe /I{073F22CE-9A5B-4A40-A604-C7270AC6BF34}
ESSTOOLS-->MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}
essvatgt-->MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}
FBX Plugin 2006.08 for Max 9.0-->C:\Program Files\Autodesk\FBX\FbxPlugins\2006.08\Max90\Uninstall.exe
fflink-->MsiExec.exe /I{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}
GenArts Sapphire Plug-ins 2.041 for After Effects and Compatibl-->"C:\Program Files\GenArts\SapphireAE\unins000.exe"
getPlus(R) for Adobe-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HomePlayer 1.5.6b-->C:\Program Files\HomePlayer\uninst.exe
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Java 2 Runtime Environment, SE v1.4.2_04-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142040}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
JRAID-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\setup.exe" -l0x40c -removeonly
kgcbaby-->MsiExec.exe /I{E18B549C-5D15-45DA-8D8F-8FD2BD946344}
kgcbase-->MsiExec.exe /I{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}
kgchday-->MsiExec.exe /I{11F3F858-4131-4FFA-A560-3FE282933B6E}
kgchlwn-->MsiExec.exe /I{03EDED24-8375-407D-A721-4643D9768BE1}
kgcinvt-->MsiExec.exe /I{9BD54685-1496-46A5-AB62-357CD140ED8B}
kgckids-->MsiExec.exe /I{693C08A7-9E76-43FF-B11E-9A58175474C4}
kgcmove-->MsiExec.exe /I{A1588373-1D86-4D44-86C9-78ABD190F9CC}
kgcvday-->MsiExec.exe /I{8A8664E1-84C8-4936-891C-BC1F07797549}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Logiciel Kodak EasyShare-->C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_140002_759050\Setup.exe /APR-REMOVE
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\SETUP.exe" -l0x40c UNINSTALL -removeonly
Logitech SetPoint-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x40c -removeonly
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Marvell Miniport Driver-->MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office XP Media Content-->MsiExec.exe /I{9030040C-6000-11D3-8CFE-0050048383C9}
Microsoft Office XP Small Business-->MsiExec.exe /I{9113040C-6000-11D3-8CFE-0050048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
Musicmatch® Jukebox-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}\setup.exe" -l0x40c -uninst
netbrdg-->MsiExec.exe /I{4537EA4B-F603-4181-89FB-2953FC695AB1}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
OfotoXMI-->MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
QuickTime-->MsiExec.exe /I{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
SFR-->MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B}
SHASTA-->MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237}
skin0001-->MsiExec.exe /I{5316DFC9-CE99-4458-9AB3-E8726EDE0210}
SKINXSDK-->MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}
staticcr-->MsiExec.exe /I{8943CE61-53BD-475E-90E1-A580869E98A2}
Tablette Wacom-->C:\Program Files\Tablet\Wacom\Remove.exe /u
tooltips-->MsiExec.exe /I{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}
Vimicro USB PC Camera (ZC0301PLH)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE3B8E96-B0AF-4871-9178-1519B58E3A93}\Setup.exe" -l0x9
VPRINTOL-->MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
V-Ray for 3dsmax R9 for x86-->"C:\Program Files\Chaos Group\V-Ray\3dsmax R9 for x86\uninstall\wininstaller.exe"-uninstall="C:\Program Files\Chaos Group\V-Ray\3dsmax R9 for x86\uninstall\install.log" -uninstallApp="V-Ray for 3dsmax R9 for x86"
VSO Image Resizer 2.0.1.9-->"C:\Program Files\VSO\Image Resizer\unins000.exe"
Vtune 4.6-->"C:\Program Files\Vtune\unins000.exe"
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
WIRELESS-->MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F}
ZBrush3-->MsiExec.exe /I{6084D038-3401-4C9D-A216-86E6EEA25AFB}

======Security center information======

AV: avast! antivirus 4.8.1229 [VPS 081026-0]

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Autodesk\Backburner\;C:\Program Files\Fichiers communs\Autodesk Shared\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------
Messages postés
66
Date d'inscription
lundi 27 octobre 2008
Statut
Membre
Dernière intervention
26 mars 2013
7
"Ton prb se ne serait pas plutôt trojan.VBS ou du genre ..."

Si c un truc comme ça....^^

Merci en tout cas
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
445
Très bien ... plusieurs infections !



commences par ceci :


1- Télécharges UsbFix ( de Chiquitine29 et Chimay8 ) sur ton bureau :

http://sd-1.archive-host.com/membres/up/116615172019703188/UsbFix.exe

! Déconnectes toi d'internet et fermes toutes applications en cours !

--> Double-cliques sur l' .exe pour lancer l'installation de l'outil ( ne touche pas aux paramètres d'installe ) .


Branches toutes tes unités externes à ton PC (clé USB, DD externe, flash disk, lecteur MP3, etc...) succeptibles d'avoir été infectés ( mais sans les ouvrir ! ) .

--> Double-cliques sur le raccourci "UsbFix" qui est sur ton bureau pour lancer l'outil et laisses le travailler .

--> Le pc va redémarrer .

--> Une fois de retour à ton bureau , le rapport "UsbFix.txt" s'affiche .
Fais un copier/coller de son contenu dans ta prochaine réponse pour analyse ....

( Note : le rapport UsbFix.txt est sauvegardé a la racine du disque dur > C:\UsbFix.txt )


PS : Si le Bureau ne réapparait pas, presses Ctrl + Alt + Suppr , Onglet "Fichier"-> "Nouvelle tâche":
tapes explorer.exe et valides .



2- refais un scan RSIT , postes le nouveau rapport " log.txt " obtenu et attends la suite ...

-------------- UsbFix V2.395 ---------------

* User : Alexandre - MATRIX
* Outils mis a jours le 26/10/2008 par Chiquitine29 et Chimay8
* Recherche effectuée à 11:05:57 le 27/10/2008
* Windows Xp - Internet Explorer 7.0.5730.13


--------------- [ Processus actifs ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\logonui.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\userinit.exe
C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\1.tmp\b2e.exe
C:\WINDOWS\system32\spoolsv.exe

--------------- [ Informations lecteurs ] ----------------

C: - Lecteur fixe

D: - Lecteur fixe

F: - Lecteur fixe


+- Contenu de l'autorun : D:\autorun.inf

[autorun]
shellexecute="resycled\boot.com d:"
shell\Open\command="resycled\boot.com d:"
shell=Open

+- Contenu de l'autorun : F:\autorun.inf

[autorun]
shellexecute="resycled\boot.com f:"
shell\Open\command="resycled\boot.com f:"
shell=Open

--------------- [ Registre / Startup ] ----------------


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
RTHDCPL REG_SZ RTHDCPL.EXE
Alcmtr REG_SZ ALCMTR.EXE
JMB36X Configure REG_SZ C:\WINDOWS\system32\JMRaidTool.exe boot
Ai Quicker Help REG_SZ "C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe"
Gainward REG_SZ C:\Program Files\Vtune\TBPanel.exe /A
NvCplDaemon REG_SZ RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
nwiz REG_SZ nwiz.exe /install
NvMediaCenter REG_SZ RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
MMTray REG_SZ "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
mmtask REG_SZ "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
QuickTime Task REG_SZ "C:\Program Files\QuickTime\qttask.exe" -atboottime
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
BigDog303 REG_SZ C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
LDM REG_SZ C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe
BitTorrent DNA REG_SZ "C:\Program Files\DNA\btdna.exe"
swg REG_SZ C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
eMuleAutoStart REG_SZ C:\Program Files\eMule\emule.exe -AutoStart
ccleaner REG_SZ "C:\Program Files\CCleaner\CCleaner.exe" /AUTO

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater

--------------- [ Registre / Mountpoint2 ] ----------------

Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\Shell\AutoRun\command
Supprimé ! - HKEY_USERS\S-1-5-21-583907252-2000478354-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\Shell\AutoRun\command

--------------- [ Nettoyage des disques ] ----------------

Supprimé ! - D:\autorun.inf
Supprimé ! - D:\resycled
Supprimé ! - F:\autorun.inf
Supprimé ! - F:\resycled

--------------- ! Fin du rapport ! ----------------
Messages postés
66
Date d'inscription
lundi 27 octobre 2008
Statut
Membre
Dernière intervention
26 mars 2013
7
Logfile of random's system information tool 1.04 (written by random/random)
Run by Alexandre at 2008-10-27 11:12:26
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 169 GB (55%) free of 305 GB
Total RAM: 3071 MB (84% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:12:31, on 27/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Documents and Settings\Alexandre\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Alexandre.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Config\csrss.exe
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [Ai Quicker Help] "C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe"
O4 - HKLM\..\Run: [Gainward] C:\Program Files\Vtune\TBPanel.exe /A
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O18 - Protocol: bw+0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: ArchVision Content Manager Service - Unknown owner - C:\Program Files\ArchVision\ArchVision Content Manager\rpcACMapp.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\WINDOWS\system32\Wacom_Tablet.exe
Messages postés
66
Date d'inscription
lundi 27 octobre 2008
Statut
Membre
Dernière intervention
26 mars 2013
7
suite log.txt


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\DIGIEYE\avi\avi.exe"="C:\DIGIEYE\avi\avi.exe:*:Enabled:avi"
"C:\Program Files\Autodesk\3ds Max 9\3dsmax.exe"="C:\Program Files\Autodesk\3ds Max 9\3dsmax.exe:*:Enabled:Autodesk 3ds Max 9 32-bit"
"C:\Program Files\Autodesk\Backburner\monitor.exe"="C:\Program Files\Autodesk\Backburner\monitor.exe:*:Enabled:backburner 2.3 monitor"
"C:\Program Files\Autodesk\Backburner\manager.exe"="C:\Program Files\Autodesk\Backburner\manager.exe:*:Enabled:backburner 2.3 manager"
"C:\Program Files\Autodesk\Backburner\server.exe"="C:\Program Files\Autodesk\Backburner\server.exe:*:Enabled:backburner 2.3 server"
"C:\Program Files\HomePlayer\HomePlayer.exe"="C:\Program Files\HomePlayer\HomePlayer.exe:*:Enabled:HomePlayer"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 2 months======

2008-10-27 11:05:57 ----A---- C:\UsbFix.txt
2008-10-27 11:03:53 ----D---- C:\Program Files\UsbFix
2008-10-27 10:36:50 ----D---- C:\rsit
2008-10-27 10:35:17 ----D---- C:\Program Files\Trend Micro
2008-10-27 00:06:41 ----D---- C:\Program Files\CCleaner
2008-10-26 23:32:34 ----D---- C:\Program Files\eToro
2008-10-26 23:28:53 ----D---- C:\Documents and Settings\Alexandre\Application Data\Malwarebytes
2008-10-26 23:28:47 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-26 23:28:47 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-26 23:09:08 ----A---- C:\WINDOWS\system32\sapphire_ae.dll
2008-10-26 23:09:08 ----A---- C:\WINDOWS\system32\mkl_genarts.dll
2008-10-26 23:09:08 ----A---- C:\WINDOWS\system32\libguide40.dll
2008-10-26 23:09:05 ----D---- C:\Program Files\GenArts
2008-10-26 23:09:05 ----A---- C:\WINDOWS\MSUTIL.INI
2008-10-26 23:07:12 ----A---- C:\WINDOWS\unvise32.exe
2008-10-26 17:31:33 ----D---- C:\Program Files\Pixologic
2008-10-26 17:31:12 ----D---- C:\WINDOWS\Downloaded Installations
2008-10-25 02:01:00 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-10-24 10:17:37 ----D---- C:\Documents and Settings\Alexandre\Application Data\Google
2008-10-24 10:11:37 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2008-10-24 10:11:32 ----D---- C:\Program Files\Google
2008-10-24 10:11:03 ----D---- C:\Program Files\NOS
2008-10-24 10:11:03 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2008-10-20 07:18:43 ----D---- C:\Documents and Settings\Alexandre\Application Data\Corel
2008-10-20 07:16:00 ----D---- C:\Program Files\Corel
2008-10-20 07:16:00 ----D---- C:\Documents and Settings\All Users\Application Data\Corel
2008-10-17 11:12:48 ----D---- C:\Program Files\DNA
2008-10-17 11:12:48 ----D---- C:\Documents and Settings\Alexandre\Application Data\DNA
2008-10-15 21:58:31 ----A---- C:\WINDOWS\system32\javaws.exe
2008-10-15 21:58:31 ----A---- C:\WINDOWS\system32\javaw.exe
2008-10-15 21:58:31 ----A---- C:\WINDOWS\system32\java.exe
2008-10-15 21:44:10 ----A---- C:\WINDOWS\ui_bitmapviewer.ini
2008-10-15 21:36:47 ----A---- C:\WINDOWS\NUGRAF.INI
2008-10-15 21:36:02 ----D---- C:\Program Files\NuGraf
2008-10-15 21:33:55 ----D---- C:\plugins
2008-10-15 21:33:54 ----D---- C:\Program Files\Bionatics
2008-10-15 21:33:54 ----D---- C:\Documents and Settings\All Users\Application Data\Bionatics
2008-10-15 21:26:39 ----D---- C:\Program Files\ArchVision
2008-10-15 21:23:41 ----D---- C:\Program Files\Macrovision
2008-10-15 21:22:23 ----D---- C:\Documents and Settings\Alexandre\Application Data\Sun
2008-10-15 21:22:14 ----D---- C:\Program Files\Java
2008-10-15 21:22:14 ----D---- C:\Program Files\Fichiers communs\Java
2008-10-15 21:21:23 ----D---- C:\Documents and Settings\Alexandre\Application Data\Autodesk
2008-10-15 21:14:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-15 21:14:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-15 21:14:30 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-15 21:14:04 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-15 21:13:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-13 23:26:18 ----A---- C:\WINDOWS\CD_Start.INI
2008-10-12 16:47:10 ----A---- C:\WINDOWS\ODBC.INI
2008-10-12 16:46:21 ----D---- C:\Program Files\Fichiers communs\Designer
2008-10-12 16:45:42 ----D---- C:\WINDOWS\ShellNew
2008-10-12 16:45:28 ----D---- C:\Program Files\Microsoft Office
2008-10-11 19:30:20 ----D---- C:\Program Files\Yahoo!
2008-10-11 19:29:33 ----D---- C:\Program Files\RM-X® Video Converter 2
2008-10-11 16:51:18 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2008-10-11 16:51:18 ----A---- C:\WINDOWS\system32\i420vfw.dll
2008-10-11 16:51:18 ----A---- C:\WINDOWS\system32\devil.dll
2008-10-11 16:51:18 ----A---- C:\WINDOWS\system32\AVSredirect.dll
2008-10-11 16:51:18 ----A---- C:\WINDOWS\system32\avisynth.dll
2008-10-11 16:51:18 ----A---- C:\WINDOWS\MOTA113.exe
2008-10-11 16:51:17 ----D---- C:\Program Files\AviSynth 2.5
2008-10-11 16:51:17 ----A---- C:\WINDOWS\x2.64.exe
2008-10-11 16:51:17 ----A---- C:\WINDOWS\system32\x.264.exe
2008-10-11 16:51:17 ----A---- C:\WINDOWS\meta4.exe
2008-10-11 16:29:33 ----D---- C:\Program Files\MediaCoder
2008-10-11 09:15:10 ----D---- C:\WINDOWS\Minidump
2008-10-11 09:01:45 ----D---- C:\Documents and Settings\Alexandre\Application Data\Media Player Classic
2008-10-11 09:01:02 ----D---- C:\Program Files\Combined Community Codec Pack
2008-10-10 21:08:22 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-10-10 19:44:23 ----A---- C:\vraylog.txt
2008-10-10 19:18:08 ----D---- C:\Program Files\Fichiers communs\ChaosGroup
2008-10-10 19:18:08 ----A---- C:\VRLServer.txt
2008-10-10 19:18:02 ----D---- C:\Program Files\Chaos Group
2008-10-10 11:55:27 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2008-10-10 02:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2008-10-10 02:00:34 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2008-10-10 02:00:17 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-10-09 20:42:57 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-10-09 20:42:56 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2008-10-09 20:42:45 ----D---- C:\Program Files\Windows Media Connect 2
2008-10-09 20:42:38 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2008-10-09 20:42:08 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2008-10-09 20:41:51 ----D---- C:\WINDOWS\system32\LogFiles
2008-10-09 20:41:48 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2008-10-05 12:56:48 ----D---- C:\Program Files\HomePlayer
2008-10-04 14:30:50 ----D---- C:\Program Files\Fichiers communs\Autodesk Shared
2008-10-04 11:52:35 ----D---- C:\Documents and Settings\All Users\Application Data\Autodesk
2008-10-04 11:51:05 ----D---- C:\Program Files\Autodesk
2008-10-04 11:49:42 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2008-09-30 18:22:14 ----A---- C:\WINDOWS\VMZoom.exe
2008-09-30 18:22:14 ----A---- C:\WINDOWS\VMPipe.dll
2008-09-30 18:22:14 ----A---- C:\WINDOWS\vidcap32.Exe
2008-09-30 18:22:13 ----D---- C:\WINDOWS\EffectResources
2008-09-30 18:22:13 ----D---- C:\WINDOWS\CatRoot
2008-09-30 18:22:13 ----D---- C:\Program Files\Vimicro
2008-09-30 18:22:13 ----A---- C:\WINDOWS\VM303Cap.exe
2008-09-30 18:22:13 ----A---- C:\WINDOWS\VM303_STI.exe
2008-09-30 18:22:13 ----A---- C:\WINDOWS\system32\VM303STI.dll
2008-09-30 18:22:13 ----A---- C:\WINDOWS\Sti303.exe
2008-09-30 18:22:13 ----A---- C:\WINDOWS\RunSetup.dll
2008-09-30 18:22:13 ----A---- C:\WINDOWS\amcap.exe
2008-09-30 18:01:59 ----D---- C:\Documents and Settings\Alexandre\Application Data\Help
2008-09-30 17:47:39 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2008-09-30 17:33:53 ----A---- C:\WINDOWS\unvpeye.ini
2008-09-12 02:00:24 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$

======List of files/folders modified in the last 2 months======

2008-10-27 11:11:49 ----D---- C:\WINDOWS\Prefetch
2008-10-27 11:11:44 ----D---- C:\WINDOWS\Temp
2008-10-27 11:06:09 ----D---- C:\Documents and Settings\Alexandre\Application Data\WTablet
2008-10-27 11:06:08 ----D---- C:\WINDOWS
2008-10-27 11:04:33 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-10-27 11:04:32 ----D---- C:\WINDOWS\system32\CatRoot2
2008-10-27 11:03:53 ----D---- C:\Program Files
2008-10-27 11:01:56 ----A---- C:\WINDOWS\DFC.INI
2008-10-27 09:53:51 ----D---- C:\Documents and Settings\Alexandre\Application Data\Vso
2008-10-27 09:10:51 ----D---- C:\Program Files\eMule
2008-10-27 03:00:59 ----SHD---- C:\WINDOWS\Installer
2008-10-27 03:00:36 ----D---- C:\Config.Msi
2008-10-27 00:28:36 ----A---- C:\WINDOWS\RTacDbg.txt
2008-10-27 00:25:03 ----D---- C:\WINDOWS\Debug
2008-10-27 00:18:01 ----D---- C:\WINDOWS\system32
2008-10-26 23:41:33 ----D---- C:\WINDOWS\system32\drivers
2008-10-26 23:18:44 ----HD---- C:\WINDOWS\inf
2008-10-26 17:31:48 ----SD---- C:\Documents and Settings\Alexandre\Application Data\Microsoft
2008-10-26 09:22:42 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-25 02:01:02 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-10-25 02:00:44 ----HD---- C:\WINDOWS\$hf_mig$
2008-10-24 10:35:35 ----D---- C:\Documents and Settings\Alexandre\Application Data\Adobe
2008-10-24 10:35:20 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-10-24 10:34:21 ----D---- C:\Program Files\Fichiers communs\Adobe
2008-10-24 10:33:57 ----D---- C:\Program Files\Adobe
2008-10-24 10:11:06 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-10-22 15:21:54 ----D---- C:\Documents and Settings\Alexandre\Application Data\BitTorrent
2008-10-22 14:57:35 ----D---- C:\Documents and Settings\Alexandre\Application Data\ZoomBrowser EX
2008-10-17 11:12:51 ----D---- C:\Program Files\BitTorrent
2008-10-15 22:28:59 ----D---- C:\WINDOWS\Microsoft.NET
2008-10-15 22:28:58 ----RSD---- C:\WINDOWS\assembly
2008-10-15 21:47:30 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-15 21:36:22 ----D---- C:\WINDOWS\WinSxS
2008-10-15 21:22:14 ----D---- C:\Program Files\Fichiers communs
2008-10-15 21:14:19 ----D---- C:\Program Files\Internet Explorer
2008-10-15 21:14:11 ----D---- C:\WINDOWS\ie7updates
2008-10-15 21:08:37 ----D---- C:\WINDOWS\system32\mui
2008-10-15 21:07:23 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2008-10-15 17:35:43 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-12 17:19:38 ----A---- C:\WINDOWS\win.ini
2008-10-12 16:45:49 ----D---- C:\Program Files\Fichiers communs\System
2008-10-12 16:45:46 ----RSD---- C:\WINDOWS\Fonts
2008-10-12 16:45:28 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-10-12 16:43:37 ----D---- C:\WINDOWS\system
2008-10-10 11:57:08 ----D---- C:\WINDOWS\system32\CatRoot
2008-10-10 02:07:00 ----D---- C:\Program Files\Windows Media Player
2008-10-09 20:42:43 ----D---- C:\WINDOWS\Help
2008-10-07 20:19:40 ----A---- C:\WINDOWS\system32\MRT.exe
2008-10-04 14:29:38 ----D---- C:\WINDOWS\system32\DirectX
2008-10-03 18:12:27 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-09-30 18:22:13 ----D---- C:\WINDOWS\twain_32
2008-09-30 17:32:14 ----D---- C:\Program Files\Fichiers communs\InstallShield
2008-09-13 16:44:34 ----D---- C:\Documents and Settings\All Users\Application Data\ZoomBrowser

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-19 26944]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2005-12-22 5685]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-07-19 42912]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-07-12 21035]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-07-19 94416]
R2 TBPanel;TBPanel; C:\WINDOWS\system32\drivers\TBPanel.sys [2002-07-27 5306]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-07-19 23152]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-04-17 4262912]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2005-05-20 13056]
R3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2005-05-20 54528]
R3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2005-05-20 68352]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-08-11 3958496]
R3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter; C:\WINDOWS\system32\DRIVERS\RTL8187.sys [2006-06-16 176128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys [2007-02-16 11312]
R3 wacomvhid;Wacom Virtual Hid Driver; C:\WINDOWS\system32\DRIVERS\wacomvhid.sys [2007-02-16 12848]
R3 WacomVKHid;Virtual Keyboard Driver; C:\WINDOWS\system32\DRIVERS\WacomVKHid.sys [2007-02-15 11440]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2005-03-30 230400]
R3 ZSMC303;VIMICRO USB PC Camera (ZC0301PLH); C:\WINDOWS\System32\Drivers\usbVM303.sys [2005-06-22 389756]
S3 Asushwio;Asushwio; \??\C:\WINDOWS\system32\drivers\Asushwio.sys []
S3 Cardex;Cardex; \??\C:\WINDOWS\system32\drivers\TBPANEL.SYS []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 Ndisprot;ArcNet NDIS Protocol Driver; \??\C:\WINDOWS\system32\drivers\Ndisprot.sys []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe [2008-10-05 72704]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2005-09-30 96341]
R2 mi-raysat_3dsmax9_32;mental ray 3.5 Satellite (32-bit); C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe [2006-09-29 65536]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-08-11 155715]
R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2006-11-02 174656]
R2 TabletServiceWacom;TabletServiceWacom; C:\WINDOWS\system32\Wacom_Tablet.exe [2007-09-07 1373480]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
S2 ArchVision Content Manager Service;ArchVision Content Manager Service; C:\Program Files\ArchVision\ArchVision Content Manager\rpcACMapp.exe --service --path C:\Program Files\ArchVision\ArchVision Content Manager []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-07-13 654848]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-24 138168]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
445
Impec ... on continue , dans l'ordre :


1- Pour nettoyer UsbFix :

* Vas sur " démarrer " / "tous les programmes" / "UsbFix" --> cliques sur "Uninstal Usbfix" .

* Ou bien rends toi dans ce dossier > C:\Program Files\UsbFix .
là tu double-cliques sur le fichier " Uninstal.exe " pour désinstaller proprement l'outil ...

=========================

2- Télécharges : - CCleaner
http://www.pcastuces.com/logitheque/ccleaner.htm
Ce logiciel va permettre de supprimer tous les fichiers temporaires et de corriger ton registre .
Lors de l'installation:
-choisis bien "francais" en langue .
-avant de cliquer sur le bouton "installer", décoches toutes les "options supplémentaires" sauf les 2 premières.


Un tuto ( aide ):
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm

---> Utilisation:
! déconnectes toi et fermes toutes applications en cours !
* vas dans "nettoyeur" : fait analyse puis nettoyage
* vas dans "registre" : fait chercher les erreurs et réparer ( plusieurs fois jusqu'à ce qu'il n'y est plus d'erreur ) .

( CCleaner : soft à garder sur son PC , super utile pour de bons nettoyages ... )

============================

3- Télécharges SDFix sur ton bureau :
ici http://downloads.andymanchesta.com/RemovalTools/SDFix.exe.
ou ici http://sdfix.net/SDFix.exe

--> Double-cliques sur SDFix.exe et choisis "Install" .

( tuto ici : http://www.malekal.com/tutorial_SDFix.php )

Puis une fois l'installe faite ,

Impératif : Démarrer en mode sans echec .

/!\ Ne jamais démarrer en mode sans échec via MSCONFIG /!\

Comment aller en Mode sans échec :
1) Redémarres ton ordi .
2) Tapotes la touche F8 immédiatement, (F5 sur certains PC) juste après le "Bip" .
3) Tu tapotes jusqu' à l'apparition de l'écran avec les options de démarrage .
4) Choisis la première option : Sans Échec , et valides en tapant sur [Entrée] .
5) Choisis ton compte habituel ( et pas Administrateur ).
attention : pas de connexion possible en mode sans échec , donc copies ou imprimes bien la manipe pour éviter les erreurs ...

Ouvres le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double cliques sur RunThis.bat pour lancer le script.
--->Tapes Y pour lancer le script ...
Le Fix supprime les services du virus et nettoie le registre, de ce fait un redémarrage est nécessaire , donc :
presses une touche pour redémarrer quand il te le sera demandé .

Le PC va mettre du temps avant de démarrer ( c'est normale ), après le chargement du Bureau presses une touche lorsque "Finished" s'affiche .

Le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier
C:\SDFix sous le nom "Report.txt".
Postes ce dernier dans ta prochaine réponse pour analyse ...


une fois ce rapport posté , fais la suite :

====================================

4- Hijackthis :
tuto pour utilisation :
Regardes ici, c'est parfaitement expliqué en images (merci balltrap34),
http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm
( Ne fixes encore AUCUNE ligne, cela pourrait empêcher ton PC de fonctionner correctement )

!! Déconnectes toi et fermes toute tes applications en cours !!

Cliques sur le raccourci du bureau pour lancer le prg :
fais un scan HijackThis en cliquant sur : "Do a system scan and save a logfile"

---> Postes le rapport généré pour analyse ...
Messages postés
66
Date d'inscription
lundi 27 octobre 2008
Statut
Membre
Dernière intervention
26 mars 2013
7
[b]SDFix: Version 1.238 [/b]
Run by Alexandre on 27/10/2008 at 11:52

Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix

[b]Checking Services [/b]:


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


[b]Checking Files [/b]:

Trojan Files Found:

C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\tmp32.tmp - Deleted





Removing Temp Files

[b]ADS Check [/b]:



[b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-27 12:49:19
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\{8AC25C6A-D4B3-FF2F-2A61-C75CA1DB6116}\Install]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\{8AC25C6A-D4B3-FF2F-2A61-C75CA1DB6116}\Install\VxDs]
"CTE_32 Name"="2454766:{301564B2-67A6-1A66-9C4E-A1FE91DE9752}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Install]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Install\xga-1-{39EAEDE6-D882-6EC3-3280-607BE98135BF}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Install\xga-1-{39EAEDE6-D882-6EC3-3280-607BE98135BF}\Version 1.1]
"dat"="806585365:{8944E6FA-BE7B-1702-1E18-510E0544A9D5}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\{B1841F67-4568-093F-BD57-50D89DFACC9D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\{B1841F67-4568-093F-BD57-50D89DFACC9D}\Install]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\{B1841F67-4568-093F-BD57-50D89DFACC9D}\Install\xga-3]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\{B1841F67-4568-093F-BD57-50D89DFACC9D}\Install\xga-3\dat]
"default"="518022161:{CAA9282F-6A24-7D8E-1178-8A94E8E35D46}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Install VBX]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Install VBX\Current]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Install VBX\Current\Install]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Install VBX\Current\Install\xga-1-{39EAEDE6-D882-6EC3-3280-607BE98135BF}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Install VBX\Current\Install\xga-1-{39EAEDE6-D882-6EC3-3280-607BE98135BF}\Version 3.x]
"dat"="1767914624:{6D6AE562-7D73-14B3-057E-1752815293B9}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smase._dll]
"AplicationGoo"="6dêý47~f367\x81ÚÖ132d:"
"ChkAppHelp"="{AA775AF1-F243-87C8-4B38-145AD9E9D02E}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:000000cf

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


[b]Remaining Services [/b]:




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"="C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe:*:Enabled:EasyShare"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\DIGIEYE\\avi\\avi.exe"="C:\\DIGIEYE\\avi\\avi.exe:*:Enabled:avi"
"C:\\Program Files\\Autodesk\\3ds Max 9\\3dsmax.exe"="C:\\Program Files\\Autodesk\\3ds Max 9\\3dsmax.exe:*:Enabled:Autodesk 3ds Max 9 32-bit"
"C:\\Program Files\\Autodesk\\Backburner\\monitor.exe"="C:\\Program Files\\Autodesk\\Backburner\\monitor.exe:*:Enabled:backburner 2.3 monitor"
"C:\\Program Files\\Autodesk\\Backburner\\manager.exe"="C:\\Program Files\\Autodesk\\Backburner\\manager.exe:*:Enabled:backburner 2.3 manager"
"C:\\Program Files\\Autodesk\\Backburner\\server.exe"="C:\\Program Files\\Autodesk\\Backburner\\server.exe:*:Enabled:backburner 2.3 server"
"C:\\Program Files\\HomePlayer\\HomePlayer.exe"="C:\\Program Files\\HomePlayer\\HomePlayer.exe:*:Enabled:HomePlayer"
"C:\\Program Files\\DNA\\btdna.exe"="C:\\Program Files\\DNA\\btdna.exe:*:Enabled:DNA"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[b]Remaining Files [/b]:


File Backups: - C:\SDFix\backups\backups.zip

[b]Files with Hidden Attributes [/b]:

Mon 20 Oct 2008 8 ..SHR --- "C:\WINDOWS\system32\D8EDEAC70E.sys"
Wed 22 Oct 2008 1,056 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
Fri 10 Oct 2008 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sun 5 Aug 2001 739 ..SH. --- "C:\Program Files\Pixologic\ZBrush3\zmem02svr.dll"
Thu 9 Oct 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"

[b]Finished![/b]
Messages postés
66
Date d'inscription
lundi 27 octobre 2008
Statut
Membre
Dernière intervention
26 mars 2013
7
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:25:17, on 27/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe
C:\Program Files\Vtune\TBPanel.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\VM303_STI.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [Ai Quicker Help] "C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe"
O4 - HKLM\..\Run: [Gainward] C:\Program Files\Vtune\TBPanel.exe /A
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O18 - Protocol: bw+0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: ArchVision Content Manager Service - Unknown owner - C:\Program Files\ArchVision\ArchVision Content Manager\rpcACMapp.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\WINDOWS\system32\Wacom_Tablet.exe
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
445
Bien ...


1- un coup de CCleaner :
Un tuto ( aide ):
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm

---> Utilisation:
! déconnectes toi et fermes toutes applications en cours !
* vas dans "nettoyeur" : fait analyse puis nettoyage
* vas dans "registre" : fait chercher les erreurs et réparer ( plusieurs fois jusqu'à ce qu'il n'y est plus d'erreur ) .


2- Télécharges MalwareByte's :
ici ftp://ftp.commentcamarche.com/download/mbam-setup.exe
ou ici : http://www.malwarebytes.org/mbam.php

Installes le ( choisis bien "francais" ; ne modifies pas les paramètres d'installe ) et mets le à jour .

(NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharges le ici : http://www.malekal.com/download/comctl32.ocx )

Potasses le tuto pour te familiariser avec le prg :
http://forum.pcastuces.com/sujet.asp?f=31&s=3
http://forum-aide-contre-virus.be/tutoriel%20malwarebytes.html
( cela dis, il est très simple d'utilisation ).

Impératif : Démarrer en mode sans echec .

/!\ Ne jamais démarrer en mode sans échec via MSCONFIG /!\

Comment aller en Mode sans échec :
1) Redémarres ton ordi .
2) Tapotes la touche F8 immédiatement, (F5 sur certains PC) juste après le "Bip" .
3) Tu tapotes jusqu' à l'apparition de l'écran avec les options de démarrage .
4) Choisis la première option : Sans Échec , et valides en tapant sur [Entrée] .
5) Choisis ton compte habituel ( et pas Administrateur ).
attention : pas de connexion possible en mode sans échec , donc copies ou imprimes bien la manipe pour éviter les erreurs ...

Lances Malwarebyte's .

Fais un scan dit "complet" ( sélectionnes bien tous tes disks avant le scan ! ) et supprimes tout ce qu'il peut trouver, c'est à dire :
-->Laisses le scan se terminer,puis à la fin tu cliques sur "résultat" .
-->Vérifies que tous les objets infectés soient validés, puis cliques sur " suppression " .

Redémarres ton PC ( mode normal ).

Postes le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date) accompagné d'un nouvel hijackthis ( fait en mode normal ) ...

Messages postés
66
Date d'inscription
lundi 27 octobre 2008
Statut
Membre
Dernière intervention
26 mars 2013
7
Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1327
Windows 5.1.2600 Service Pack 3

27/10/2008 17:07:36
mbam-log-2008-10-27 (17-07-36).txt

Type de recherche: Examen complet (C:\|D:\|F:\|)
Eléments examinés: 188141
Temps écoulé: 3 hour(s), 12 minute(s), 19 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Messages postés
66
Date d'inscription
lundi 27 octobre 2008
Statut
Membre
Dernière intervention
26 mars 2013
7
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:12:40, on 27/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Vtune\TBPanel.exe
C:\Program Files\ASUS\ASUS DH Remote\AsDhRemote.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\VM303_STI.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [Ai Quicker Help] "C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe"
O4 - HKLM\..\Run: [Gainward] C:\Program Files\Vtune\TBPanel.exe /A
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O18 - Protocol: bw+0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {B1A5ABF2-0AF4-4DDF-A998-D0192E588566} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: ArchVision Content Manager Service - Unknown owner - C:\Program Files\ArchVision\ArchVision Content Manager\rpcACMapp.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\WINDOWS\system32\Wacom_Tablet.exe
1 2