> Tous les forums > Forum Sécurité
 au secours, éliminer winferno et schredderSujet résolu
Ajouter un message à la discussion
Pages : [1] 2 ... Fin
Page 1 sur 2 [Fin]
olam31
  Posté le 25/09/2009 @ 10:46 
Aller en bas de la page 
Petit astucien

Bonjour,

suite à un téléchargement des logiciels se sont installé que je n'arrive pas à supprimer, à savoir, winferno, schredder, playalot games, pc confidential.

Je suis assez nul en informatique. Quelqu'un peut-il m'aider? Merci beaucoup.



Modifié par olam31 le 25/09/2009 11:07
Publicité
nardino
 Posté le 25/09/2009 à 11:19 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

Bonjour.

Télécharge RSIT de random/random, sur le Bureau :
http://images.malwareremoval.com/random/RSIT.exe

Double-clique sur RSIT.exe afin de lancer l'outil, il ne nécessite pas d'installation.
Clique Continue à l'écran Disclaimer si tu acceptes les conditions.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et accepte la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt, celui qui va s'ouvrir et ferme info.txt qui est réduit dans la Barre des Tâches.

NB :
Ces rapports sont enregistrés dans le dossier C:\rsit
Sous Vista/Sept, il faut lancer le fichier en cliquant droit dessus et par Exécuter en tant qu'administrateur.

@+

olam31
 Posté le 25/09/2009 à 18:40 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

bonjour, merci de venir à mon secours...

Voila ke contenu de log-bloc note. J'ai fermé info bloc note comme préconisé. (J'imagine que ces fichiers sont équivalents à log et info.txt)

Voici:

Logfile of random's system information tool 1.06 (written by random/random)
Run by isabelle at 2009-09-25 18:36:36
Microsoft Windows XP Professionnel Service Pack 2
System drive G: has 111 GB (80%) free of 140 GB
Total RAM: 1279 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:36:46, on 25/09/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
G:\Program Files\Alwil Software\Avast4\ashServ.exe
G:\WINDOWS\Explorer.EXE
G:\WINDOWS\system32\RUNDLL32.EXE
G:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
G:\Program Files\Logitech\QuickCam10\QuickCam10.exe
G:\Program Files\ScanSoft\OmniPageSE\opware32.exe
G:\Program Files\HP\HP Software Update\HPWuSchd2.exe
G:\Program Files\HP\hpcoretech\hpcmpmgr.exe
G:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
G:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
G:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
G:\Program Files\iTunes\iTunesHelper.exe
G:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
G:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
G:\WINDOWS\system32\spoolsv.exe
G:\Documents and Settings\isabelle\Application Data\Delivery\DeliveryManager.EXE
g:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
G:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
G:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
G:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
G:\Program Files\Bonjour\mDNSResponder.exe
G:\WINDOWS\system32\CTsvcCDA.EXE
G:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
G:\WINDOWS\system32\nvsvc32.exe
G:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
G:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
G:\WINDOWS\system32\svchost.exe
G:\Program Files\Logitech\QuickCam10\COCIManager.exe
G:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
G:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
G:\Program Files\Alwil Software\Avast4\ashWebSv.exe
G:\Program Files\iPod\bin\iPodService.exe
G:\Program Files\Windows Live\Contacts\wlcomm.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\wuauclt.exe
G:\WINDOWS\system32\wuauclt.exe
G:\Program Files\Internet Explorer\IEXPLORE.EXE

A bientôt

olam31
 Posté le 25/09/2009 à 18:44 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

re-bonjour

axcuse moi j'en ai oublié une (gross) partie, oups.

Voici

Logfile of random's system information tool 1.06 (written by random/random)
Run by isabelle at 2009-09-25 18:36:36
Microsoft Windows XP Professionnel Service Pack 2
System drive G: has 111 GB (80%) free of 140 GB
Total RAM: 1279 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:36:46, on 25/09/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
G:\Program Files\Alwil Software\Avast4\ashServ.exe
G:\WINDOWS\Explorer.EXE
G:\WINDOWS\system32\RUNDLL32.EXE
G:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
G:\Program Files\Logitech\QuickCam10\QuickCam10.exe
G:\Program Files\ScanSoft\OmniPageSE\opware32.exe
G:\Program Files\HP\HP Software Update\HPWuSchd2.exe
G:\Program Files\HP\hpcoretech\hpcmpmgr.exe
G:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
G:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
G:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
G:\Program Files\iTunes\iTunesHelper.exe
G:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
G:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
G:\WINDOWS\system32\spoolsv.exe
G:\Documents and Settings\isabelle\Application Data\Delivery\DeliveryManager.EXE
g:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
G:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
G:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
G:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
G:\Program Files\Bonjour\mDNSResponder.exe
G:\WINDOWS\system32\CTsvcCDA.EXE
G:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
G:\WINDOWS\system32\nvsvc32.exe
G:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
G:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
G:\WINDOWS\system32\svchost.exe
G:\Program Files\Logitech\QuickCam10\COCIManager.exe
G:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
G:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
G:\Program Files\Alwil Software\Avast4\ashWebSv.exe
G:\Program Files\iPod\bin\iPodService.exe
G:\Program Files\Windows Live\Contacts\wlcomm.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\wuauclt.exe
G:\WINDOWS\system32\wuauclt.exe
G:\Program Files\Internet Explorer\IEXPLORE.EXE
G:\Program Files\Windows Live\Toolbar\wltuser.exe
G:\Documents and Settings\isabelle\Local Settings\Temporary Internet Files\Content.IE5\83URSLIJ\RSIT[1].exe
G:\Program Files\trend micro\isabelle.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.files-ftp.com/~unicorni/phpBB2/index.php
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: PCCBHO.CPCCBHO - {22FC6CE8-7D47-479F-B74A-BFBB04ADB9AF} - G:\Program Files\Winferno\PC Confidential\PCCBHO.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - G:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - G:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - G:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - G:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - G:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: PriceGong - {D2A2595C-4FE4-4315-AA9B-19DBD6271B71} - G:\Program Files\PriceGong\1.5.0\PriceGongIE.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - G:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file)
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - G:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - G:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - G:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE G:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE G:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] G:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "G:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "G:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LogitechSetup] E:\Setup\Setup.exe /restart /l:fra
O4 - HKLM\..\Run: [Omnipage] G:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [zzzHPSETUP] E:\Setup.exe \RESET
O4 - HKLM\..\Run: [HP Software Update] "G:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "G:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [LVCOMSX] "G:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] G:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [avast!] G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "G:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] G:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "G:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "G:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "G:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LDM] G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "G:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Startup: DeliveryManager.lnk = G:\Documents and Settings\isabelle\Application Data\Delivery\DeliveryManager.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = G:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = G:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://G:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - G:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - G:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - G:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra 'Tools' menuitem: PC Confidential - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - G:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: PC Confidential - {925DAB62-F9AC-4221-806A-057BFB1014AA} - G:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O18 - Protocol: bw+0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - G:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - G:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - G:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - G:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Service Google Update (gupdate1c995c7b9400682) (gupdate1c995c7b9400682) - Google Inc. - G:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - G:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - G:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - G:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - g:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - G:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - G:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - G:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - G:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - G:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - G:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)

--
End of file - 23731 bytes

======Scheduled tasks folder======

G:\WINDOWS\tasks\AppleSoftwareUpdate.job
G:\WINDOWS\tasks\Google Software Updater.job
G:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
G:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
G:\WINDOWS\tasks\PCConfidential.job
G:\WINDOWS\tasks\RegPowerClean.job
G:\WINDOWS\tasks\RPCReminder.job
G:\WINDOWS\tasks\WGASetup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - G:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22FC6CE8-7D47-479F-B74A-BFBB04ADB9AF}]
PCCBHO.CPCCBHO - G:\Program Files\Winferno\PC Confidential\PCCBHO.dll [2008-04-01 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - G:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - G:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - G:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-07-24 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - G:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-07-24 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - G:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-07-24 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}]
PriceGongCtrl Class - G:\Program Files\PriceGong\1.5.0\PriceGongIE.dll [2009-08-11 288056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - G:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C}
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN - G:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll [2005-02-07 203464]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - G:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - G:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-07-24 256112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=G:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=G:\WINDOWS\system32\NvMcTray.dll [2006-10-22 86016]
"NeroFilterCheck"=G:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"LogitechCommunicationsManager"=G:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe [2006-06-26 497200]
"LogitechQuickCamRibbon"=G:\Program Files\Logitech\QuickCam10\QuickCam10.exe [2006-06-26 614960]
"LogitechSetup"=E:\Setup\Setup.exe /restart /l:fra []
"Omnipage"=G:\Program Files\ScanSoft\OmniPageSE\opware32.exe [2002-06-03 49152]
"zzzHPSETUP"=E:\Setup.exe \RESET []
"HP Software Update"=G:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2004-02-12 49152]
"HP Component Manager"=G:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
"LVCOMSX"=G:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe [2006-06-26 243248]
"ArcSoft Connection Service"=G:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe [2007-06-06 64256]
"avast!"=G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-08-17 81000]
"Adobe Reader Speed Launcher"=G:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"AppleSyncNotifier"=G:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-11-07 111936]
"QuickTime Task"=G:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"iTunesHelper"=G:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=G:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2007-06-01 153136]
"LDM"=G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-06-23 36864]
"MsnMsgr"=G:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative Detector]
G:\Program Files\Creative\MediaSource\Detector\CTDetect.exe [2004-10-05 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
G:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [2007-07-18 451872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\G:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^LUMIX Simple Viewer.lnk]
G:\PROGRA~1\PANASO~1\LUMIXS~1\PHLEAU~1.EXE [2007-02-13 63696]

G:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Adobe Gamma Loader.lnk - G:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
Démarrage rapide du logiciel HP Image Zone.lnk - G:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
HP Digital Imaging Monitor.lnk - G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech Desktop Messenger.lnk - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

G:\Documents and Settings\isabelle\Menu Démarrer\Programmes\Démarrage
DeliveryManager.lnk - G:\Documents and Settings\isabelle\Application Data\Delivery\DeliveryManager.EXE

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"G:\Program Files\Messenger\msmsgs.exe"="G:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"G:\Program Files\NewSoft\Presto! PageManager 6\NetGroup.exe"="G:\Program Files\NewSoft\Presto! PageManager 6\NetGroup.exe:*:Enabled:Groupe Réseau"
"G:\Program Files\eMule\emule.exe"="G:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"G:\Program Files\Bonjour\mDNSResponder.exe"="G:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"G:\Program Files\Firaxis Games\Sid Meier's Civilization 4 Demo\Civilization4.exe"="G:\Program Files\Firaxis Games\Sid Meier's Civilization 4 Demo\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4 Demo"
"G:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe"="G:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4"
"G:\Program Files\Windows Live\Messenger\wlcsdk.exe"="G:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"G:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="G:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"G:\Program Files\Windows Live\Messenger\msnmsgr.exe"="G:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"G:\Program Files\iTunes\iTunes.exe"="G:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"G:\Program Files\Windows Live\Messenger\wlcsdk.exe"="G:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"G:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="G:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"G:\Program Files\Windows Live\Messenger\msnmsgr.exe"="G:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{852a260e-d35f-11dd-ae29-000c6ed93220}]
shell\AutoRun\command - G:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL game.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b66a5ed0-e60a-11dd-ae46-000c6ed93220}]
shell\AutoRun\command - H:\autorun.exe


======List of files/folders created in the last 1 months======

2009-09-25 18:36:36 ----D---- G:\rsit
2009-09-25 18:36:36 ----D---- G:\Program Files\trend micro
2009-09-22 23:02:33 ----D---- G:\Documents and Settings\All Users\Application Data\Winferno
2009-09-22 23:01:55 ----D---- G:\Documents and Settings\isabelle\Application Data\Titanium Gears
2009-09-22 23:01:23 ----D---- G:\Program Files\Playalot Games
2009-09-22 23:00:40 ----D---- G:\Program Files\Common Files
2009-09-22 23:00:29 ----D---- G:\Program Files\Free Offers from Freeze.com
2009-09-22 23:00:15 ----A---- G:\WINDOWS\system32\WINUTIL5.DLL
2009-09-22 23:00:14 ----A---- G:\WINDOWS\system32\WINLCTL5.DLL
2009-09-22 23:00:08 ----D---- G:\Program Files\Winferno
2009-09-22 22:59:57 ----D---- G:\Documents and Settings\isabelle\Application Data\Yahoo!
2009-09-22 22:59:56 ----D---- G:\Program Files\PriceGong
2009-09-22 22:59:56 ----D---- G:\Documents and Settings\isabelle\Application Data\PriceGong
2009-09-22 22:59:53 ----D---- G:\Program Files\Yahoo!
2009-09-22 22:52:46 ----D---- G:\Program Files\vghd
2009-09-22 22:52:45 ----D---- G:\Documents and Settings\isabelle\Application Data\vghd
2009-09-22 22:52:27 ----D---- G:\Program Files\TorrentSpeeder
2009-09-14 22:28:26 ----A---- G:\WINDOWS\system32\kbdkor.dll
2009-09-14 22:28:25 ----A---- G:\WINDOWS\system32\kbdjpn.dll
2009-09-14 22:28:25 ----A---- G:\WINDOWS\system32\kbd106.dll
2009-09-14 22:28:25 ----A---- G:\WINDOWS\system32\kbd103.dll
2009-09-14 22:28:25 ----A---- G:\WINDOWS\system32\kbd101c.dll
2009-09-14 22:28:25 ----A---- G:\WINDOWS\system32\kbd101b.dll
2009-09-09 09:01:35 ----HDC---- G:\WINDOWS\$NtUninstallKB956844$
2009-09-09 09:01:27 ----HDC---- G:\WINDOWS\$NtUninstallKB968816_WM9$
2009-09-09 09:01:01 ----HDC---- G:\WINDOWS\$NtUninstallKB971961$
2009-08-26 10:12:24 ----HDC---- G:\WINDOWS\$NtUninstallKB970653-v3$

======List of files/folders modified in the last 1 months======

2009-09-25 18:36:36 ----RD---- G:\Program Files
2009-09-25 18:33:00 ----D---- G:\WINDOWS\Temp
2009-09-25 18:31:53 ----SD---- G:\WINDOWS\Tasks
2009-09-25 18:31:28 ----D---- G:\WINDOWS
2009-09-25 11:16:38 ----A---- G:\WINDOWS\SchedLgU.Txt
2009-09-25 10:53:10 ----D---- G:\Program Files\Everest Poker
2009-09-25 09:01:41 ----D---- G:\Documents and Settings\All Users\Application Data\Google Updater
2009-09-23 19:24:32 ----D---- G:\Program Files\AVS4YOU
2009-09-23 19:24:13 ----D---- G:\Program Files\Fichiers communs\AVSMedia
2009-09-22 23:01:42 ----SHD---- G:\WINDOWS\Installer
2009-09-22 23:01:42 ----HD---- G:\Config.Msi
2009-09-22 23:00:27 ----D---- G:\WINDOWS\system32
2009-09-15 00:57:24 ----D---- G:\WINDOWS\system32\CatRoot2
2009-09-14 22:28:32 ----RSHDC---- G:\WINDOWS\system32\dllcache
2009-09-14 22:28:30 ----RSD---- G:\WINDOWS\Fonts
2009-09-14 19:32:21 ----A---- G:\WINDOWS\PhotoSnapViewer.INI
2009-09-09 12:37:10 ----D---- G:\Program Files\Microsoft Silverlight
2009-09-09 09:01:39 ----HD---- G:\WINDOWS\inf
2009-09-09 09:01:39 ----A---- G:\WINDOWS\imsins.BAK
2009-09-09 09:01:34 ----HD---- G:\WINDOWS\$hf_mig$
2009-09-02 09:54:19 ----D---- G:\WINDOWS\Microsoft.NET

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; G:\WINDOWS\system32\drivers\Aavmker4.sys [2009-08-17 26944]
R1 AmdK7;Pilote de processeur AMD K7; G:\WINDOWS\system32\DRIVERS\amdk7.sys [2004-08-04 41600]
R1 aswSP;avast! Self Protection; G:\WINDOWS\system32\drivers\aswSP.sys [2009-08-17 114768]
R1 aswTdi;avast! Network Shield Support; G:\WINDOWS\system32\drivers\aswTdi.sys [2009-08-17 51376]
R2 aswFsBlk;aswFsBlk; G:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-08-17 20560]
R2 aswMon2;avast! Standard Shield Support; G:\WINDOWS\system32\drivers\aswMon2.sys [2009-08-17 94160]
R2 fssfltr;FssFltr; G:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
R2 mdmxsdk;mdmxsdk; G:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-08-04 11868]
R3 Afc;PPdus ASPI Shell; G:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 aswRdr;aswRdr; G:\WINDOWS\system32\drivers\aswRdr.sys [2009-08-17 23152]
R3 FilterService;UVC Filter Service; G:\WINDOWS\system32\DRIVERS\lvuvcflt.sys [2006-06-23 20272]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; G:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HSF_DP;HSF_DP; G:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2004-08-04 1041536]
R3 HSFHWBS2;HSFHWBS2; G:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2004-08-04 220032]
R3 LVcKap;Logitech AEC Driver; G:\WINDOWS\system32\DRIVERS\LVcKap.sys [2006-06-26 1587632]
R3 LVMVDrv;Logitech Machine Vision Engine Loader; G:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2006-06-26 1952816]
R3 lvpopflt;Logitech POP Suppression Filter; G:\WINDOWS\system32\DRIVERS\lvpopflt.sys [2006-06-23 1413424]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; G:\WINDOWS\system32\drivers\LVPr2Mon.sys [2006-06-26 23472]
R3 lvselsus;Logitech Selective Suspend Filter; G:\WINDOWS\system32\DRIVERS\lvselsus.sys [2006-06-23 55984]
R3 LVUSBSta;Logitech USB Monitor Filter; G:\WINDOWS\system32\drivers\lvusbsta.sys [2006-06-23 38960]
R3 LVUVC;Logitech QuickCam Pro 5000(UVC); G:\WINDOWS\system32\DRIVERS\lvuvc.sys [2006-06-23 961072]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; G:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; G:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
R3 nv;nv; G:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; G:\WINDOWS\system32\drivers\nvax.sys [2002-12-05 13056]
R3 NVENET;NVIDIA nForce MCP Networking Adapter Driver; G:\WINDOWS\system32\DRIVERS\NVENET.sys [2002-09-23 80896]
R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; G:\WINDOWS\system32\drivers\nvapu.sys [2002-12-05 241664]
R3 usbaudio;Pilote USB audio (WDM); G:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
R3 usbccgp;Pilote parent générique USB Microsoft; G:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; G:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; G:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; G:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 winachsf;winachsf; G:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2004-08-04 685056]
S1 kbdhid;Pilote HID de clavier; G:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
S2 asc3550p;asc3550p; G:\WINDOWS\system32\drivers\asc3550p.sys []
S3 CCDECODE;Décodeur sous-titre fermé; G:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 HidUsb;Pilote de classe HID Microsoft; G:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Pilote HID de souris; G:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; G:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; G:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; G:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 SLIP;Détrameur décalage BDA; G:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; G:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 USBAAPL;Apple Mobile USB Driver; G:\WINDOWS\System32\Drivers\usbaapl.sys [2009-03-26 36864]
S3 usbprint;Classe d'imprimantes USB Microsoft; G:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; G:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB; G:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 usbvideo;Périphérique vidéo USB (WDM); G:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464]
S3 WSTCODEC;Codec Teletext standard; G:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; G:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor;Adobe Active File Monitor; G:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-20 98304]
R2 Apple Mobile Device;Apple Mobile Device; G:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424]
R2 aswUpdSv;avast! iAVS4 Control Service; G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-08-17 18752]
R2 avast! Antivirus;avast! Antivirus; G:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-08-17 138680]
R2 Bonjour Service;Service Bonjour; G:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; G:\WINDOWS\system32\CTsvcCDA.EXE [1999-12-13 44032]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; G:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2007-07-25 79136]
R2 LVPrcSrv;Logitech Process Monitor; g:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe [2006-06-26 99888]
R2 NVSvc;NVIDIA Display Driver Service; G:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect; G:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe [2004-10-20 118784]
R2 SeaPort;SeaPort; G:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 UMWdf;Windows User Mode Driver Framework; G:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-08-17 254040]
R3 avast! Web Scanner;avast! Web Scanner; G:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-08-17 352920]
R3 iPod Service;Service de l’iPod; G:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
R3 NMIndexingService;NMIndexingService; G:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S2 gupdate1c995c7b9400682;Service Google Update (gupdate1c995c7b9400682); G:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-23 133104]
S2 gusvc;Google Software Updater; G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
S2 LVSrvLauncher;LVSrvLauncher; G:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe [2006-06-26 91696]
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; G:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []
S3 aspnet_state;ASP.NET State Service; G:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; G:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; g:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Windows Live Contrôle parental; G:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 IDriverT;InstallDriver Table Manager; G:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; g:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; G:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 ose;Office Source Engine; G:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-29 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; g:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

nardino
 Posté le 25/09/2009 à 19:49 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

Bonsoir.

Regarde dans tous ces programmes si tu vois un fichier Uninstall dans le dossier :

G:\Program Files\Playalot Games
G:\Program Files\Free Offers from Freeze.com
G:\Program Files\Winferno
G:\Program Files\PriceGong
G:\Program Files\vghd

Si oui tu les lances.

Tu peux aussi regarder dans Ajout/Suppression des programmes ou à l'aide de Revo Uninstaller de VS Revo Group

Si non nous utiliserons un autre moyen.

Fais aussi des scans antivirus et anti spywares.

Télécharge et installe Malwarebyte's Anti-Malware de RubbeR DuckY
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

A la fin de l'installation, veille à ce que l'option Mettre à jour Malwarebytes' Anti-Malware soit cochée. Clique sur "Terminer"
Lance Malwarebyte's Anti-Malware en double-cliquant sur l'icône sur le bureau.
Au premier lancement, une fenêtre t'annonce que la version est Free, clique sur OK.
Laisse les Mises à jour se télécharger et referme le programme.

Lance Malwarebyte's Anti-Malware.
Dans l'onglet "Recherche", coche Exécuter un examen complet et Rechercher.
Sélectionne ton disque dur et clique sur Lancer l'examen.

A la fin du scan, sélectionne tout et clique sur Supprimer la sélection.
Poste le rapport avec celui d'Avast et donnes des nouvelles
Il se trouve dans l'onglet Rapports/Logs avec la date et l'heure d'exécution.

@+

olam31
 Posté le 25/09/2009 à 22:53 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Bonsoir

J'ai réussi à supprimer (enfin je crois): Winferno et Pricegong par la première procèdure; Playalot avec Revo uninstaller(mais apparemment il y des résidus... et je ne comprends pas pourquoi j'avais un message du type "opération possible uniquement avec les programmes installés" alors qu'il était encore installé, ce n'est pas retranscrit mot à mot mais c'est l'idée. Je n'est pas noté le message sur le coup et maintenant je l'écrit de mémoire donc à peu près)

Pour vhgd et free offer, pas de uninstall et pas trouvés par Revo

Avast n'a rien trouvé, je n'ai pas de rapport. (A ce propos, une petite apparté. Comment savoir si je peux supprimer les fichiers de la zone de quarantaine ou s'il sont nécessaire à l'ordinateur ou à un programme? Merci.)

Malware tourne toujours... je le poste dès que c'est finit. Il en est à trois éléments infectés...

Merci

Cordialement et sincèrement.

olam31
 Posté le 25/09/2009 à 23:21 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Bonsoir

Voici le rapport

Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2860
Windows 5.1.2600 Service Pack 2

25/09/2009 23:20:39
mbam-log-2009-09-25 (23-20-39).txt

Type de recherche: Examen complet (C:\|D:\|G:\|H:\|I:\|)
Eléments examinés: 275788
Temps écoulé: 2 hour(s), 25 minute(s), 51 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 3

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\asc3550p (Rootkit.Agent) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
G:\Documents and Settings\isabelle\Local Settings\Temp\HtmlControl.dll (Trojan.Agent) -> Quarantined and deleted successfully.
G:\Documents and Settings\isabelle\Local Settings\Temporary Internet Files\Content.IE5\83URSLIJ\INScript[1].dll (Trojan.Agent) -> Quarantined and deleted successfully.
G:\Program Files\Everest Poker\var\Everest Casino.exe (Rogue.AdorableCasino) -> Quarantined and deleted successfully.

Merci

nardino
 Posté le 25/09/2009 à 23:50 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

Bonsoir.

Il manque le rapport Avast

@+

olam31
 Posté le 25/09/2009 à 23:59 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Bonsoir

Avast n'a rien trouvé je n'ai pas de rapport à te montrer.

A+

Publicité
olam31
 Posté le 26/09/2009 à 00:05 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Re-bonsoir,

As-tu vu que je t'avais mis un message avant le rapport malware? J'y détaille un peu ce que j'ai fait.

Merci de ton aide

A +

nardino
 Posté le 26/09/2009 à 10:45 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

Bonjour

Poste un pouveau rapport RSIT.

@+

olam31
 Posté le 26/09/2009 à 21:04 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

bonsoir

Excuse moi, mais qu'est-ce qu'un rapport rsit.

Merci

olam31
 Posté le 26/09/2009 à 21:08 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Re-bonsoir

oublie le post précédent, j'ai juste oublié de réfléchir...

Voici le rapport rsit demandé

Cordialement.

Logfile of random's system information tool 1.06 (written by random/random)
Run by isabelle at 2009-09-26 21:06:33
Microsoft Windows XP Professionnel Service Pack 2
System drive G: has 112 GB (80%) free of 140 GB
Total RAM: 1279 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:06:40, on 26/09/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
G:\Program Files\Alwil Software\Avast4\ashServ.exe
G:\WINDOWS\Explorer.EXE
G:\WINDOWS\system32\RUNDLL32.EXE
G:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
G:\Program Files\Logitech\QuickCam10\QuickCam10.exe
G:\Program Files\ScanSoft\OmniPageSE\opware32.exe
G:\Program Files\HP\HP Software Update\HPWuSchd2.exe
G:\Program Files\HP\hpcoretech\hpcmpmgr.exe
G:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
G:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
G:\Program Files\iTunes\iTunesHelper.exe
G:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
G:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
G:\WINDOWS\system32\spoolsv.exe
G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
g:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
G:\Documents and Settings\isabelle\Application Data\Delivery\DeliveryManager.EXE
G:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
G:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
G:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
G:\Program Files\Bonjour\mDNSResponder.exe
G:\WINDOWS\system32\CTsvcCDA.EXE
G:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
G:\WINDOWS\system32\nvsvc32.exe
G:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
G:\Program Files\Logitech\QuickCam10\COCIManager.exe
G:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
G:\WINDOWS\system32\svchost.exe
G:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
G:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
G:\Program Files\Alwil Software\Avast4\ashWebSv.exe
G:\Program Files\iPod\bin\iPodService.exe
G:\Program Files\Windows Live\Contacts\wlcomm.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\wuauclt.exe
G:\Program Files\Internet Explorer\IEXPLORE.EXE
G:\Program Files\Windows Live\Toolbar\wltuser.exe
G:\Documents and Settings\isabelle\Local Settings\Temporary Internet Files\Content.IE5\N0H1V0OK\RSIT[1].exe
G:\Program Files\trend micro\isabelle.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.files-ftp.com/~unicorni/phpBB2/index.php
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - G:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - G:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - G:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - G:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - G:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - G:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file)
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - G:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - G:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - G:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE G:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE G:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] G:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "G:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "G:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LogitechSetup] E:\Setup\Setup.exe /restart /l:fra
O4 - HKLM\..\Run: [Omnipage] G:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [zzzHPSETUP] E:\Setup.exe \RESET
O4 - HKLM\..\Run: [HP Software Update] "G:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "G:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [LVCOMSX] "G:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] G:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [avast!] G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "G:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] G:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "G:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "G:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "G:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "G:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LDM] G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "G:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Startup: DeliveryManager.lnk = G:\Documents and Settings\isabelle\Application Data\Delivery\DeliveryManager.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = G:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = G:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://G:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - G:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - G:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O18 - Protocol: bw+0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {A430F686-18D9-45BD-87EB-88473650223B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - G:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - G:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - G:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - G:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Service Google Update (gupdate1c995c7b9400682) (gupdate1c995c7b9400682) - Google Inc. - G:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - G:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - G:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - G:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - g:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - G:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - G:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - G:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - G:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - G:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - G:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)

--
End of file - 23278 bytes

======Scheduled tasks folder======

G:\WINDOWS\tasks\AppleSoftwareUpdate.job
G:\WINDOWS\tasks\Google Software Updater.job
G:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
G:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
G:\WINDOWS\tasks\PCConfidential.job
G:\WINDOWS\tasks\WGASetup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - G:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - G:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - G:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - G:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-07-24 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - G:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-07-24 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - G:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-07-24 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - G:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C}
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN - G:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll [2005-02-07 203464]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - G:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - G:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-07-24 256112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=G:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=G:\WINDOWS\system32\NvMcTray.dll [2006-10-22 86016]
"NeroFilterCheck"=G:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"LogitechCommunicationsManager"=G:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe [2006-06-26 497200]
"LogitechQuickCamRibbon"=G:\Program Files\Logitech\QuickCam10\QuickCam10.exe [2006-06-26 614960]
"LogitechSetup"=E:\Setup\Setup.exe /restart /l:fra []
"Omnipage"=G:\Program Files\ScanSoft\OmniPageSE\opware32.exe [2002-06-03 49152]
"zzzHPSETUP"=E:\Setup.exe \RESET []
"HP Software Update"=G:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2004-02-12 49152]
"HP Component Manager"=G:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
"LVCOMSX"=G:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe [2006-06-26 243248]
"ArcSoft Connection Service"=G:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe [2007-06-06 64256]
"avast!"=G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-08-17 81000]
"Adobe Reader Speed Launcher"=G:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"AppleSyncNotifier"=G:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-11-07 111936]
"QuickTime Task"=G:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"iTunesHelper"=G:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
"Malwarebytes Anti-Malware (reboot)"=G:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=G:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2007-06-01 153136]
"LDM"=G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-06-23 36864]
"MsnMsgr"=G:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative Detector]
G:\Program Files\Creative\MediaSource\Detector\CTDetect.exe [2004-10-05 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
G:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [2007-07-18 451872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\G:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^LUMIX Simple Viewer.lnk]
G:\PROGRA~1\PANASO~1\LUMIXS~1\PHLEAU~1.EXE [2007-02-13 63696]

G:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Adobe Gamma Loader.lnk - G:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
Démarrage rapide du logiciel HP Image Zone.lnk - G:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
HP Digital Imaging Monitor.lnk - G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech Desktop Messenger.lnk - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

G:\Documents and Settings\isabelle\Menu Démarrer\Programmes\Démarrage
DeliveryManager.lnk - G:\Documents and Settings\isabelle\Application Data\Delivery\DeliveryManager.EXE

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"G:\Program Files\Messenger\msmsgs.exe"="G:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"G:\Program Files\NewSoft\Presto! PageManager 6\NetGroup.exe"="G:\Program Files\NewSoft\Presto! PageManager 6\NetGroup.exe:*:Enabled:Groupe Réseau"
"G:\Program Files\eMule\emule.exe"="G:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"G:\Program Files\Bonjour\mDNSResponder.exe"="G:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"G:\Program Files\Firaxis Games\Sid Meier's Civilization 4 Demo\Civilization4.exe"="G:\Program Files\Firaxis Games\Sid Meier's Civilization 4 Demo\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4 Demo"
"G:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe"="G:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4"
"G:\Program Files\Windows Live\Messenger\wlcsdk.exe"="G:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"G:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="G:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"G:\Program Files\Windows Live\Messenger\msnmsgr.exe"="G:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"G:\Program Files\iTunes\iTunes.exe"="G:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"G:\Program Files\Windows Live\Messenger\wlcsdk.exe"="G:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"G:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="G:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"G:\Program Files\Windows Live\Messenger\msnmsgr.exe"="G:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{852a260e-d35f-11dd-ae29-000c6ed93220}]
shell\AutoRun\command - G:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL game.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b66a5ed0-e60a-11dd-ae46-000c6ed93220}]
shell\AutoRun\command - H:\autorun.exe


======List of files/folders created in the last 1 months======

2009-09-25 20:50:26 ----D---- G:\Documents and Settings\isabelle\Application Data\Malwarebytes
2009-09-25 20:50:15 ----D---- G:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-09-25 20:50:14 ----D---- G:\Program Files\Malwarebytes' Anti-Malware
2009-09-25 20:00:23 ----D---- G:\Program Files\VS Revo Group
2009-09-25 18:36:36 ----D---- G:\rsit
2009-09-25 18:36:36 ----D---- G:\Program Files\trend micro
2009-09-22 23:02:33 ----D---- G:\Documents and Settings\All Users\Application Data\Winferno
2009-09-22 23:01:55 ----D---- G:\Documents and Settings\isabelle\Application Data\Titanium Gears
2009-09-22 23:00:29 ----D---- G:\Program Files\Free Offers from Freeze.com
2009-09-22 23:00:15 ----A---- G:\WINDOWS\system32\WINUTIL5.DLL
2009-09-22 22:59:57 ----D---- G:\Documents and Settings\isabelle\Application Data\Yahoo!
2009-09-22 22:59:56 ----D---- G:\Documents and Settings\isabelle\Application Data\PriceGong
2009-09-22 22:59:53 ----D---- G:\Program Files\Yahoo!
2009-09-22 22:52:46 ----D---- G:\Program Files\vghd
2009-09-22 22:52:45 ----D---- G:\Documents and Settings\isabelle\Application Data\vghd
2009-09-22 22:52:27 ----D---- G:\Program Files\TorrentSpeeder
2009-09-14 22:28:26 ----A---- G:\WINDOWS\system32\kbdkor.dll
2009-09-14 22:28:25 ----A---- G:\WINDOWS\system32\kbdjpn.dll
2009-09-14 22:28:25 ----A---- G:\WINDOWS\system32\kbd106.dll
2009-09-14 22:28:25 ----A---- G:\WINDOWS\system32\kbd103.dll
2009-09-14 22:28:25 ----A---- G:\WINDOWS\system32\kbd101c.dll
2009-09-14 22:28:25 ----A---- G:\WINDOWS\system32\kbd101b.dll
2009-09-09 09:01:35 ----HDC---- G:\WINDOWS\$NtUninstallKB956844$
2009-09-09 09:01:27 ----HDC---- G:\WINDOWS\$NtUninstallKB968816_WM9$
2009-09-09 09:01:01 ----HDC---- G:\WINDOWS\$NtUninstallKB971961$

======List of files/folders modified in the last 1 months======

2009-09-26 18:51:13 ----D---- G:\WINDOWS\Temp
2009-09-26 18:49:59 ----SD---- G:\WINDOWS\Tasks
2009-09-26 18:49:45 ----D---- G:\WINDOWS
2009-09-26 17:20:40 ----A---- G:\WINDOWS\SchedLgU.Txt
2009-09-26 10:02:17 ----D---- G:\Documents and Settings\All Users\Application Data\Google Updater
2009-09-25 20:52:57 ----D---- G:\Program Files\Everest Poker
2009-09-25 20:50:18 ----D---- G:\WINDOWS\system32\drivers
2009-09-25 20:50:14 ----RD---- G:\Program Files
2009-09-25 19:55:16 ----D---- G:\WINDOWS\system32
2009-09-25 19:54:44 ----A---- G:\WINDOWS\NeroDigital.ini
2009-09-23 19:24:32 ----D---- G:\Program Files\AVS4YOU
2009-09-23 19:24:13 ----D---- G:\Program Files\Fichiers communs\AVSMedia
2009-09-22 23:01:42 ----SHD---- G:\WINDOWS\Installer
2009-09-22 23:01:42 ----HD---- G:\Config.Msi
2009-09-15 00:57:24 ----D---- G:\WINDOWS\system32\CatRoot2
2009-09-14 22:28:32 ----RSHDC---- G:\WINDOWS\system32\dllcache
2009-09-14 22:28:30 ----RSD---- G:\WINDOWS\Fonts
2009-09-14 19:32:21 ----A---- G:\WINDOWS\PhotoSnapViewer.INI
2009-09-09 12:37:10 ----D---- G:\Program Files\Microsoft Silverlight
2009-09-09 09:01:39 ----HD---- G:\WINDOWS\inf
2009-09-09 09:01:39 ----A---- G:\WINDOWS\imsins.BAK
2009-09-09 09:01:34 ----HD---- G:\WINDOWS\$hf_mig$
2009-09-02 09:54:19 ----D---- G:\WINDOWS\Microsoft.NET

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; G:\WINDOWS\system32\drivers\Aavmker4.sys [2009-08-17 26944]
R1 AmdK7;Pilote de processeur AMD K7; G:\WINDOWS\system32\DRIVERS\amdk7.sys [2004-08-04 41600]
R1 aswSP;avast! Self Protection; G:\WINDOWS\system32\drivers\aswSP.sys [2009-08-17 114768]
R1 aswTdi;avast! Network Shield Support; G:\WINDOWS\system32\drivers\aswTdi.sys [2009-08-17 51376]
R2 aswFsBlk;aswFsBlk; G:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-08-17 20560]
R2 aswMon2;avast! Standard Shield Support; G:\WINDOWS\system32\drivers\aswMon2.sys [2009-08-17 94160]
R2 fssfltr;FssFltr; G:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
R2 mdmxsdk;mdmxsdk; G:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-08-04 11868]
R3 Afc;PPdus ASPI Shell; G:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 aswRdr;aswRdr; G:\WINDOWS\system32\drivers\aswRdr.sys [2009-08-17 23152]
R3 FilterService;UVC Filter Service; G:\WINDOWS\system32\DRIVERS\lvuvcflt.sys [2006-06-23 20272]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; G:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HSF_DP;HSF_DP; G:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2004-08-04 1041536]
R3 HSFHWBS2;HSFHWBS2; G:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2004-08-04 220032]
R3 LVcKap;Logitech AEC Driver; G:\WINDOWS\system32\DRIVERS\LVcKap.sys [2006-06-26 1587632]
R3 LVMVDrv;Logitech Machine Vision Engine Loader; G:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2006-06-26 1952816]
R3 lvpopflt;Logitech POP Suppression Filter; G:\WINDOWS\system32\DRIVERS\lvpopflt.sys [2006-06-23 1413424]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; G:\WINDOWS\system32\drivers\LVPr2Mon.sys [2006-06-26 23472]
R3 lvselsus;Logitech Selective Suspend Filter; G:\WINDOWS\system32\DRIVERS\lvselsus.sys [2006-06-23 55984]
R3 LVUSBSta;Logitech USB Monitor Filter; G:\WINDOWS\system32\drivers\lvusbsta.sys [2006-06-23 38960]
R3 LVUVC;Logitech QuickCam Pro 5000(UVC); G:\WINDOWS\system32\DRIVERS\lvuvc.sys [2006-06-23 961072]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; G:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; G:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
R3 nv;nv; G:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; G:\WINDOWS\system32\drivers\nvax.sys [2002-12-05 13056]
R3 NVENET;NVIDIA nForce MCP Networking Adapter Driver; G:\WINDOWS\system32\DRIVERS\NVENET.sys [2002-09-23 80896]
R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; G:\WINDOWS\system32\drivers\nvapu.sys [2002-12-05 241664]
R3 usbaudio;Pilote USB audio (WDM); G:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
R3 usbccgp;Pilote parent générique USB Microsoft; G:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; G:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; G:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; G:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 winachsf;winachsf; G:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2004-08-04 685056]
S1 kbdhid;Pilote HID de clavier; G:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
S3 CCDECODE;Décodeur sous-titre fermé; G:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 HidUsb;Pilote de classe HID Microsoft; G:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Pilote HID de souris; G:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; G:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; G:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; G:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 SLIP;Détrameur décalage BDA; G:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; G:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 USBAAPL;Apple Mobile USB Driver; G:\WINDOWS\System32\Drivers\usbaapl.sys [2009-03-26 36864]
S3 usbprint;Classe d'imprimantes USB Microsoft; G:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; G:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB; G:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 usbvideo;Périphérique vidéo USB (WDM); G:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464]
S3 WSTCODEC;Codec Teletext standard; G:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; G:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor;Adobe Active File Monitor; G:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-20 98304]
R2 Apple Mobile Device;Apple Mobile Device; G:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424]
R2 aswUpdSv;avast! iAVS4 Control Service; G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-08-17 18752]
R2 avast! Antivirus;avast! Antivirus; G:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-08-17 138680]
R2 Bonjour Service;Service Bonjour; G:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; G:\WINDOWS\system32\CTsvcCDA.EXE [1999-12-13 44032]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; G:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2007-07-25 79136]
R2 LVPrcSrv;Logitech Process Monitor; g:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe [2006-06-26 99888]
R2 NVSvc;NVIDIA Display Driver Service; G:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect; G:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe [2004-10-20 118784]
R2 SeaPort;SeaPort; G:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 UMWdf;Windows User Mode Driver Framework; G:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-08-17 254040]
R3 avast! Web Scanner;avast! Web Scanner; G:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-08-17 352920]
R3 iPod Service;Service de l’iPod; G:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
R3 NMIndexingService;NMIndexingService; G:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S2 gupdate1c995c7b9400682;Service Google Update (gupdate1c995c7b9400682); G:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-23 133104]
S2 gusvc;Google Software Updater; G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
S2 LVSrvLauncher;LVSrvLauncher; G:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe [2006-06-26 91696]
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; G:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []
S3 aspnet_state;ASP.NET State Service; G:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; G:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; g:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Windows Live Contrôle parental; G:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 IDriverT;InstallDriver Table Manager; G:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; g:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; G:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 ose;Office Source Engine; G:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-29 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; g:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

olam31
 Posté le 26/09/2009 à 21:10 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Et voici le dernier rapport avast

à tout hasard...

A +

olam31
 Posté le 26/09/2009 à 21:50 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

desole je suis un peu fatigué...

Voici le dernier rapport avast que j'ai

16/05/2009 14:45
Analyse de tous les lecteurs locaux

Nombre de dossiers parcourus : 9992
Nombre de fichiers analysés : 154709
Nombre de fichiers infectés : 0

----------------------------------------
31/05/2009 20:09
Analyse de tous les lecteurs locaux

Fichier G:\WINDOWS\system32\config\30918676.Evt est infecté par Win32:Agent-AABX [Rtk], Supprimé
Fichier G:\WINDOWS\system32\config\32558534.Evt est infecté par Win32:Agent-AABX [Rtk], Supprimé
Fichier G:\WINDOWS\system32\drivers\rdpwd.sys est infecté par Win32:Agent-AABX [Rtk], Supprimé
Fichier G:\WINDOWS\system32\drivers\sfloppy.sys est infecté par Win32:Agent-AABX [Rtk], Supprimé
Fichier G:\WINDOWS\system32\drivers\tdpipe.sys est infecté par Win32:Agent-AABX [Rtk], Supprimé
Fichier G:\WINDOWS\system32\drivers\tdtcp.sys est infecté par Win32:Agent-AABX [Rtk], Supprimé
Nombre de dossiers parcourus : 10049
Nombre de fichiers analysés : 155389
Nombre de fichiers infectés : 6

nardino
 Posté le 26/09/2009 à 21:56 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

Bonsoir.

Télécharge OTM de OldTimer :
http://oldtimer.geekstogo.com/OTM.exe

Enregistres-le sur le Bureau.
Double-clique sur OTM.exe pour lancer l'outil.
Note :
Sous Vista, clic droit sur le fichier et Exécuter en tant qu'administrateur.
Copie toutes les lignes ci-dessous en citation par CTRL+C dans le presse-papier.

:files
G:\Program Files\Playalot Games
G:\Program Files\Free Offers from Freeze.com
G:\Program Files\Winferno
G:\Program Files\PriceGong
G:\Program Files\vghd

:commands
[emptytemp]
[reboot]

Dans OTM.exe, place le curseur dans la la fenêtre "Paste List Of Files/Folders to Move" et tu cliques sur CTRL+V pour coller le contenu du presse-papier.
Clique sur le bouton MoveIt!, le rouge.



Ferme l'outil.
Poste le contenu du rapport C:\_OTM\MovedFiles\********_******.log

Les * représentent Mois/Jour/Année_Heure/Minutes/Secondes

Lance Hijackthis par Do a system scan only, sans autre application lancée.
Coche les lignes suivantes :

Toutes les 018 (inutiles mais non illégitimes)

Clique sur Fix checked et referme le programme.

Fais un scan avec Malwarebytes'Anti-malwares et poste le rapport.

Télécharge CureIt Dr.Web (launch.exe)
ftp://ftp.drweb.com/pub/drweb/cureit/launch.exe

Il ne nécessite pas d'installation.
Tu le lances.
Il va te demander de faire la mise à jour et une fois effectuée va lancer un scan rapide.
Quand tout ceci est fait tu choisis scan sélectif et tu coches au moins C.
A la fin du scan, tu mets tout en quarantaine et tu postes le rapport.

@+

olam31
 Posté le 26/09/2009 à 22:35 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

bonsoir

voici le rapport OTM

All processes killed
========== FILES ==========
File/Folder G:\Program Files\Playalot Games not found.
G:\Program Files\Free Offers from Freeze.com moved successfully.
File/Folder G:\Program Files\Winferno not found.
File/Folder G:\Program Files\PriceGong not found.
G:\Program Files\vghd moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: isabelle
File delete failed. G:\Documents and Settings\isabelle\Local Settings\Temp\IadHide5.dll scheduled to be deleted on reboot.
->Temp folder emptied: 300843071 bytes
->Temporary Internet Files folder emptied: 59158976 bytes
->Apple Safari cache emptied: 1665148 bytes

User: LocalService
File delete failed. G:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. G:\Documents and Settings\LocalService\Local Settings\Temp\Historique\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. G:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
->Temp folder emptied: 65716 bytes
File delete failed. G:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 3421489 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
File delete failed. G:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 833642 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2114937 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
File delete failed. G:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. G:\WINDOWS\temp\Perflib_Perfdata_5e4.dat scheduled to be deleted on reboot.
Windows Temp folder emptied: 88648369 bytes
RecycleBin emptied: 735062016 bytes

Total Files Cleaned = 1136,64 mb


OTM by OldTimer - Version 3.0.0.6 log created on 09262009_222905

Files moved on Reboot...
DllUnregisterServer procedure not found in G:\Documents and Settings\isabelle\Local Settings\Temp\IadHide5.dll
G:\Documents and Settings\isabelle\Local Settings\Temp\IadHide5.dll NOT unregistered.
G:\Documents and Settings\isabelle\Local Settings\Temp\IadHide5.dll moved successfully.
File move failed. G:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File G:\WINDOWS\temp\Perflib_Perfdata_5e4.dat not found!

Registry entries deleted on Reboot...

Je continue à suivre le reste de tes instructions...

A bientôt pour la suite

Publicité
nardino
 Posté le 26/09/2009 à 22:59 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

Bonsoir,

Tu redémarres et tu enchaines

@+

olam31
 Posté le 27/09/2009 à 08:01 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

bonjour

voici le rapport malware

Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2860
Windows 5.1.2600 Service Pack 2

27/09/2009 08:00:59
mbam-log-2009-09-27 (08-00-59).txt

Type de recherche: Examen complet (C:\|D:\|G:\|H:\|I:\|)
Eléments examinés: 254601
Temps écoulé: 1 hour(s), 34 minute(s), 42 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

nardino
 Posté le 27/09/2009 à 09:01 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

Bonjour.

Reste encore le scan DrWeb .

Et tu posteras un nouveau rapport Hijackthis

@+

olam31
 Posté le 27/09/2009 à 20:08 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Bonsoir

ca y est dr web a fini, il n'a trouvé aucun virus et n'a pas édité de rapport.

Voici le rapport HIjack

Logfile of random's system information tool 1.06 (written by random/random)
Run by isabelle at 2009-09-27 20:06:27
Microsoft Windows XP Professionnel Service Pack 2
System drive G: has 113 GB (80%) free of 140 GB
Total RAM: 1279 MB (26% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:06:39, on 27/09/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
G:\Program Files\Alwil Software\Avast4\ashServ.exe
G:\WINDOWS\Explorer.EXE
G:\WINDOWS\system32\spoolsv.exe
g:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
G:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
G:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
G:\Program Files\Bonjour\mDNSResponder.exe
G:\WINDOWS\system32\CTsvcCDA.EXE
G:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
G:\WINDOWS\system32\nvsvc32.exe
G:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
G:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
G:\WINDOWS\system32\svchost.exe
G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
G:\Program Files\Alwil Software\Avast4\ashWebSv.exe
G:\WINDOWS\system32\RUNDLL32.EXE
G:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
G:\Program Files\Logitech\QuickCam10\QuickCam10.exe
G:\Program Files\ScanSoft\OmniPageSE\opware32.exe
G:\Program Files\HP\HP Software Update\HPWuSchd2.exe
G:\Program Files\HP\hpcoretech\hpcmpmgr.exe
G:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
G:\WINDOWS\System32\svchost.exe
G:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
G:\Program Files\iTunes\iTunesHelper.exe
G:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
G:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
G:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
G:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
G:\Documents and Settings\isabelle\Application Data\Delivery\DeliveryManager.EXE
G:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
G:\Program Files\iPod\bin\iPodService.exe
G:\Program Files\Logitech\QuickCam10\COCIManager.exe
G:\WINDOWS\system32\wuauclt.exe
G:\DOCUME~1\isabelle\LOCALS~1\Temp\dc12486971\bk43z7.exe
G:\DOCUME~1\isabelle\LOCALS~1\Temp\dc12486971\43p6pXP.exe
G:\Program Files\Internet Explorer\IEXPLORE.EXE
G:\Program Files\Windows Live\Toolbar\wltuser.exe
G:\Documents and Settings\isabelle\Local Settings\Temporary Internet Files\Content.IE5\4FMH45OP\RSIT[1].exe
G:\Program Files\trend micro\HijackThis\isabelle.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.files-ftp.com/~unicorni/phpBB2/index.php
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - G:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - G:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - G:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - G:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - G:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - G:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file)
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - G:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - G:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - G:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE G:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE G:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] G:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "G:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "G:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LogitechSetup] E:\Setup\Setup.exe /restart /l:fra
O4 - HKLM\..\Run: [Omnipage] G:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [zzzHPSETUP] E:\Setup.exe \RESET
O4 - HKLM\..\Run: [HP Software Update] "G:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "G:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [LVCOMSX] "G:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] G:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [avast!] G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "G:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] G:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "G:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "G:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "G:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "G:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LDM] G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "G:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Startup: DeliveryManager.lnk = G:\Documents and Settings\isabelle\Application Data\Delivery\DeliveryManager.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = G:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = G:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://G:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - G:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - G:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - G:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - G:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - G:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - G:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Service Google Update (gupdate1c995c7b9400682) (gupdate1c995c7b9400682) - Google Inc. - G:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - G:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - G:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - G:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - g:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - G:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - G:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - G:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - G:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - G:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - G:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)

--
End of file - 11437 bytes

======Scheduled tasks folder======

G:\WINDOWS\tasks\AppleSoftwareUpdate.job
G:\WINDOWS\tasks\Google Software Updater.job
G:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
G:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
G:\WINDOWS\tasks\PCConfidential.job
G:\WINDOWS\tasks\WGASetup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - G:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - G:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - G:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - G:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-07-24 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - G:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-07-24 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - G:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-07-24 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - G:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C}
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN - G:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll [2005-02-07 203464]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - G:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - G:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-07-24 256112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=G:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=G:\WINDOWS\system32\NvMcTray.dll [2006-10-22 86016]
"NeroFilterCheck"=G:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"LogitechCommunicationsManager"=G:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe [2006-06-26 497200]
"LogitechQuickCamRibbon"=G:\Program Files\Logitech\QuickCam10\QuickCam10.exe [2006-06-26 614960]
"LogitechSetup"=E:\Setup\Setup.exe /restart /l:fra []
"Omnipage"=G:\Program Files\ScanSoft\OmniPageSE\opware32.exe [2002-06-03 49152]
"zzzHPSETUP"=E:\Setup.exe \RESET []
"HP Software Update"=G:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2004-02-12 49152]
"HP Component Manager"=G:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
"LVCOMSX"=G:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe [2006-06-26 243248]
"ArcSoft Connection Service"=G:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe [2007-06-06 64256]
"avast!"=G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-08-17 81000]
"Adobe Reader Speed Launcher"=G:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"AppleSyncNotifier"=G:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-11-07 111936]
"QuickTime Task"=G:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"iTunesHelper"=G:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
"Malwarebytes Anti-Malware (reboot)"=G:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=G:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2007-06-01 153136]
"LDM"=G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-06-23 36864]
"MsnMsgr"=G:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative Detector]
G:\Program Files\Creative\MediaSource\Detector\CTDetect.exe [2004-10-05 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
G:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [2007-07-18 451872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\G:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^LUMIX Simple Viewer.lnk]
G:\PROGRA~1\PANASO~1\LUMIXS~1\PHLEAU~1.EXE [2007-02-13 63696]

G:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Adobe Gamma Loader.lnk - G:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
Démarrage rapide du logiciel HP Image Zone.lnk - G:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
HP Digital Imaging Monitor.lnk - G:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech Desktop Messenger.lnk - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

G:\Documents and Settings\isabelle\Menu Démarrer\Programmes\Démarrage
DeliveryManager.lnk - G:\Documents and Settings\isabelle\Application Data\Delivery\DeliveryManager.EXE

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"G:\Program Files\Messenger\msmsgs.exe"="G:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"G:\Program Files\NewSoft\Presto! PageManager 6\NetGroup.exe"="G:\Program Files\NewSoft\Presto! PageManager 6\NetGroup.exe:*:Enabled:Groupe Réseau"
"G:\Program Files\eMule\emule.exe"="G:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"G:\Program Files\Bonjour\mDNSResponder.exe"="G:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"G:\Program Files\Firaxis Games\Sid Meier's Civilization 4 Demo\Civilization4.exe"="G:\Program Files\Firaxis Games\Sid Meier's Civilization 4 Demo\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4 Demo"
"G:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe"="G:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4"
"G:\Program Files\Windows Live\Messenger\wlcsdk.exe"="G:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"G:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="G:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"G:\Program Files\Windows Live\Messenger\msnmsgr.exe"="G:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"G:\Program Files\iTunes\iTunes.exe"="G:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"G:\Program Files\Windows Live\Messenger\wlcsdk.exe"="G:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"G:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="G:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"G:\Program Files\Windows Live\Messenger\msnmsgr.exe"="G:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{852a260e-d35f-11dd-ae29-000c6ed93220}]
shell\AutoRun\command - G:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL game.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b66a5ed0-e60a-11dd-ae46-000c6ed93220}]
shell\AutoRun\command - H:\autorun.exe


======List of files/folders created in the last 1 months======

2009-09-26 22:29:05 ----D---- G:\_OTM
2009-09-25 20:50:26 ----D---- G:\Documents and Settings\isabelle\Application Data\Malwarebytes
2009-09-25 20:50:15 ----D---- G:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-09-25 20:50:14 ----D---- G:\Program Files\Malwarebytes' Anti-Malware
2009-09-25 20:00:23 ----D---- G:\Program Files\VS Revo Group
2009-09-25 18:36:36 ----D---- G:\rsit
2009-09-25 18:36:36 ----D---- G:\Program Files\trend micro
2009-09-22 23:02:33 ----D---- G:\Documents and Settings\All Users\Application Data\Winferno
2009-09-22 23:01:55 ----D---- G:\Documents and Settings\isabelle\Application Data\Titanium Gears
2009-09-22 23:00:15 ----A---- G:\WINDOWS\system32\WINUTIL5.DLL
2009-09-22 22:59:57 ----D---- G:\Documents and Settings\isabelle\Application Data\Yahoo!
2009-09-22 22:59:56 ----D---- G:\Documents and Settings\isabelle\Application Data\PriceGong
2009-09-22 22:59:53 ----D---- G:\Program Files\Yahoo!
2009-09-22 22:52:45 ----D---- G:\Documents and Settings\isabelle\Application Data\vghd
2009-09-22 22:52:27 ----D---- G:\Program Files\TorrentSpeeder
2009-09-14 22:28:26 ----A---- G:\WINDOWS\system32\kbdkor.dll
2009-09-14 22:28:25 ----A---- G:\WINDOWS\system32\kbdjpn.dll
2009-09-14 22:28:25 ----A---- G:\WINDOWS\system32\kbd106.dll
2009-09-14 22:28:25 ----A---- G:\WINDOWS\system32\kbd103.dll
2009-09-14 22:28:25 ----A---- G:\WINDOWS\system32\kbd101c.dll
2009-09-14 22:28:25 ----A---- G:\WINDOWS\system32\kbd101b.dll
2009-09-09 09:01:35 ----HDC---- G:\WINDOWS\$NtUninstallKB956844$
2009-09-09 09:01:27 ----HDC---- G:\WINDOWS\$NtUninstallKB968816_WM9$
2009-09-09 09:01:01 ----HDC---- G:\WINDOWS\$NtUninstallKB971961$

======List of files/folders modified in the last 1 months======

2009-09-27 18:38:45 ----D---- G:\WINDOWS\Temp
2009-09-27 17:39:17 ----D---- G:\Program Files\Everest Poker
2009-09-27 14:49:13 ----SD---- G:\WINDOWS\Tasks
2009-09-27 11:03:02 ----D---- G:\Documents and Settings\All Users\Application Data\Google Updater
2009-09-26 22:32:46 ----D---- G:\WINDOWS
2009-09-26 22:31:14 ----A---- G:\WINDOWS\SchedLgU.Txt
2009-09-26 22:30:48 ----D---- G:\WINDOWS\system32
2009-09-26 22:29:08 ----RD---- G:\Program Files
2009-09-25 20:50:18 ----D---- G:\WINDOWS\system32\drivers
2009-09-25 19:54:44 ----A---- G:\WINDOWS\NeroDigital.ini
2009-09-23 19:24:32 ----D---- G:\Program Files\AVS4YOU
2009-09-23 19:24:13 ----D---- G:\Program Files\Fichiers communs\AVSMedia
2009-09-22 23:01:42 ----SHD---- G:\WINDOWS\Installer
2009-09-22 23:01:42 ----HD---- G:\Config.Msi
2009-09-15 00:57:24 ----D---- G:\WINDOWS\system32\CatRoot2
2009-09-14 22:28:32 ----RSHDC---- G:\WINDOWS\system32\dllcache
2009-09-14 22:28:30 ----RSD---- G:\WINDOWS\Fonts
2009-09-14 19:32:21 ----A---- G:\WINDOWS\PhotoSnapViewer.INI
2009-09-09 12:37:10 ----D---- G:\Program Files\Microsoft Silverlight
2009-09-09 09:01:39 ----HD---- G:\WINDOWS\inf
2009-09-09 09:01:39 ----A---- G:\WINDOWS\imsins.BAK
2009-09-09 09:01:34 ----HD---- G:\WINDOWS\$hf_mig$
2009-09-02 09:54:19 ----D---- G:\WINDOWS\Microsoft.NET

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; G:\WINDOWS\system32\drivers\Aavmker4.sys [2009-08-17 26944]
R1 AmdK7;Pilote de processeur AMD K7; G:\WINDOWS\system32\DRIVERS\amdk7.sys [2004-08-04 41600]
R1 aswSP;avast! Self Protection; G:\WINDOWS\system32\drivers\aswSP.sys [2009-08-17 114768]
R1 aswTdi;avast! Network Shield Support; G:\WINDOWS\system32\drivers\aswTdi.sys [2009-08-17 51376]
R2 aswFsBlk;aswFsBlk; G:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-08-17 20560]
R2 aswMon2;avast! Standard Shield Support; G:\WINDOWS\system32\drivers\aswMon2.sys [2009-08-17 94160]
R2 fssfltr;FssFltr; G:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
R2 mdmxsdk;mdmxsdk; G:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-08-04 11868]
R3 Afc;PPdus ASPI Shell; G:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 aswRdr;aswRdr; G:\WINDOWS\system32\drivers\aswRdr.sys [2009-08-17 23152]
R3 FilterService;UVC Filter Service; G:\WINDOWS\system32\DRIVERS\lvuvcflt.sys [2006-06-23 20272]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; G:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HSF_DP;HSF_DP; G:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2004-08-04 1041536]
R3 HSFHWBS2;HSFHWBS2; G:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2004-08-04 220032]
R3 LVcKap;Logitech AEC Driver; G:\WINDOWS\system32\DRIVERS\LVcKap.sys [2006-06-26 1587632]
R3 LVMVDrv;Logitech Machine Vision Engine Loader; G:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2006-06-26 1952816]
R3 lvpopflt;Logitech POP Suppression Filter; G:\WINDOWS\system32\DRIVERS\lvpopflt.sys [2006-06-23 1413424]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; G:\WINDOWS\system32\drivers\LVPr2Mon.sys [2006-06-26 23472]
R3 lvselsus;Logitech Selective Suspend Filter; G:\WINDOWS\system32\DRIVERS\lvselsus.sys [2006-06-23 55984]
R3 LVUSBSta;Logitech USB Monitor Filter; G:\WINDOWS\system32\drivers\lvusbsta.sys [2006-06-23 38960]
R3 LVUVC;Logitech QuickCam Pro 5000(UVC); G:\WINDOWS\system32\DRIVERS\lvuvc.sys [2006-06-23 961072]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; G:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; G:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
R3 nv;nv; G:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; G:\WINDOWS\system32\drivers\nvax.sys [2002-12-05 13056]
R3 NVENET;NVIDIA nForce MCP Networking Adapter Driver; G:\WINDOWS\system32\DRIVERS\NVENET.sys [2002-09-23 80896]
R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; G:\WINDOWS\system32\drivers\nvapu.sys [2002-12-05 241664]
R3 usbaudio;Pilote USB audio (WDM); G:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
R3 usbccgp;Pilote parent générique USB Microsoft; G:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; G:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; G:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; G:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 winachsf;winachsf; G:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2004-08-04 685056]
S1 kbdhid;Pilote HID de clavier; G:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
S3 CCDECODE;Décodeur sous-titre fermé; G:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 HidUsb;Pilote de classe HID Microsoft; G:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Pilote HID de souris; G:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; G:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; G:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; G:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 SLIP;Détrameur décalage BDA; G:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; G:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 USBAAPL;Apple Mobile USB Driver; G:\WINDOWS\System32\Drivers\usbaapl.sys [2009-03-26 36864]
S3 usbprint;Classe d'imprimantes USB Microsoft; G:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; G:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB; G:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 usbvideo;Périphérique vidéo USB (WDM); G:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464]
S3 WSTCODEC;Codec Teletext standard; G:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; G:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor;Adobe Active File Monitor; G:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-20 98304]
R2 Apple Mobile Device;Apple Mobile Device; G:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424]
R2 aswUpdSv;avast! iAVS4 Control Service; G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-08-17 18752]
R2 avast! Antivirus;avast! Antivirus; G:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-08-17 138680]
R2 Bonjour Service;Service Bonjour; G:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; G:\WINDOWS\system32\CTsvcCDA.EXE [1999-12-13 44032]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; G:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2007-07-25 79136]
R2 LVPrcSrv;Logitech Process Monitor; g:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe [2006-06-26 99888]
R2 NVSvc;NVIDIA Display Driver Service; G:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect; G:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe [2004-10-20 118784]
R2 SeaPort;SeaPort; G:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 UMWdf;Windows User Mode Driver Framework; G:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-08-17 254040]
R3 avast! Web Scanner;avast! Web Scanner; G:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-08-17 352920]
R3 iPod Service;Service de l’iPod; G:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
R3 NMIndexingService;NMIndexingService; G:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S2 gupdate1c995c7b9400682;Service Google Update (gupdate1c995c7b9400682); G:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-23 133104]
S2 gusvc;Google Software Updater; G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
S2 LVSrvLauncher;LVSrvLauncher; G:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe [2006-06-26 91696]
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; G:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []
S3 aspnet_state;ASP.NET State Service; G:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; G:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; g:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Windows Live Contrôle parental; G:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 IDriverT;InstallDriver Table Manager; G:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; g:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; G:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 ose;Office Source Engine; G:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-29 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; g:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

@+

nardino
 Posté le 27/09/2009 à 23:59 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

Bonsoir.

Peux-tu poster le rapport Info.txt de RSIT ?

Il devrait être dans G:\ Rsit

@+

olam31
 Posté le 28/09/2009 à 01:38 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

bonsoir

Voici le rapport info.txt de rsit

info.txt logfile of random's system information tool 1.06 2009-09-25 18:36:51

======Uninstall list======

-->G:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->G:\WINDOWS\IsUninst.exe -fG:\WINDOWS\system32\UninstIPP.isu
-->G:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->G:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->G:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->G:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->G:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{5B782FFA-6A95-480D-8E0A-0954A14693D6}
-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{0B095086-7205-4D48-90DF-DCD16613C6D4}\setup.exe" -l0x40c
-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{0B095086-7205-4D48-90DF-DCD16613C6D4}\setup.exe" -l0x40c /remove
-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{103BCDA0-E063-46AC-8028-64E78722ABA7}\setup.exe" -l0x40c
-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{103BCDA0-E063-46AC-8028-64E78722ABA7}\setup.exe" -l0x40c /remove
-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{2616B36E-38CE-4357-8AB5-8B3EE9B1C117}\setup.exe" -l0x40c
-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{2616B36E-38CE-4357-8AB5-8B3EE9B1C117}\setup.exe" -l0x40c /remove
-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c
-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c
-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c /remove
-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{836612F0-1571-4C65-A4B7-58A39AA578EE}\setup.exe" -l0x40c
-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{836612F0-1571-4C65-A4B7-58A39AA578EE}\setup.exe" -l0x40c /remove
-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{9AB14DF5-3B04-4E3B-9969-695DBA7F2008}\setup.exe" -l0x40c
-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{9AB14DF5-3B04-4E3B-9969-695DBA7F2008}\setup.exe" -l0x40c /remove
-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x40c
-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{CB99E420-8071-48F9-9567-4A53BE7569C4}\setup.exe" -l0x40c
-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{CB99E420-8071-48F9-9567-4A53BE7569C4}\setup.exe" -l0x40c /remove
-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{D524239C-FD5C-4183-A49C-7930915A9C0A}\setup.exe" -l0x40c
-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{D524239C-FD5C-4183-A49C-7930915A9C0A}\setup.exe" -l0x40c /remove
-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{DD2D9012-E5A1-4717-8EE9-8DB3F36E2F8C}\setup.exe" -l0x40c
-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{DD2D9012-E5A1-4717-8EE9-8DB3F36E2F8C}\setup.exe" -l0x40c /remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 G:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat 5.0-->G:\WINDOWS\ISUN040C.EXE -f"G:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"G:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe AIR-->g:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Flash Player 10 ActiveX-->G:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Photoshop Elements 3.0-->MsiExec.exe /I{851C67EF-068A-4060-9EF5-2E3DDCD68382}
Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Apple Mobile Device Support-->MsiExec.exe /I{AFA20D47-69C3-4030-8DF8-D37466E70F13}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Architecte 3D Silver Advanced-->G:\WINDOWS\system32\UNWISE.EXE G:\WINDOWS\system32\INSTALL.LOG
ArcSoft Software Suite-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{497A1721-088F-41EF-8876-B43C9DA5528B}\setup.exe" -l0x40c
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
avast! Antivirus-->G:\Program Files\Alwil Software\Avast4\aswRunDll.exe "G:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Barre d'outils MSN-->G:\Program Files\MSN Toolbar\01.01.2607.0\fr\mtbs.exe c
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Canon i865-->G:\WINDOWS\system32\CNMCP5m.exe "-PRINTERNAMECanon i865" "-HELPERDLLG:\BJPrinter\CNMWINDOWS\Canon i865 Installer\Inst2\cnmis.dll" "-RCDLLG:\BJPrinter\CNMWINDOWS\Canon i865 Installer\Inst2\cnmi040c.dll"
CanoScan Toolbox 4.1-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{BCE46757-7674-4416-BEDB-68205A60409E}\setup.exe" -l0x40c anything
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Codeur Windows Media Série 9-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Codeur Windows Media Série 9-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Correctif pour Windows XP (KB952287)-->"G:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"G:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB970653-v3)-->"G:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Correctif Windows XP - KB873339-->G:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Correctif Windows XP - KB885835-->G:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Correctif Windows XP - KB885836-->G:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Correctif Windows XP - KB886185-->G:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Correctif Windows XP - KB887472-->G:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Correctif Windows XP - KB888302-->G:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Correctif Windows XP - KB890859-->"G:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Correctif Windows XP - KB891781-->G:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Creative Jukebox Driver-->G:\WINDOWS\UNWISE.EXE G:\WINDOWS\JB3DRV.LOG
Creative MediaSource-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}\setup.exe" -l0x40c /remove
Creative System Information-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c /remove
Creative Zen Micro-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{D944236D-7992-41D6-8257-930B5832F1CC}\SETUP.EXE" -l0x40c /remove
Delivery-->"G:\Documents and Settings\isabelle\Application Data\Delivery\uninst.exe"
DVD Shrink 3.2-->"G:\Program Files\DVD Shrink\unins000.exe"
eMule-->"H:\eMule\Uninstall.exe"
Everest Poker (Remove Only)-->G:\Program Files\Everest Poker\cstart.exe /uninstall
Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
Google Toolbar for Internet Explorer-->"G:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Earth-->MsiExec.exe /X{CC016F21-3970-11DE-B878-005056806466}
HijackThis 2.0.2-->"G:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->G:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->G:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Appareils photos Photosmart 4.0-->G:\Program Files\HP\Digital Imaging\{4C04DF1B-6A39-4299-9DD1-1FA60000266E}\setup\hpzscr01.exe -datfile hpiscr01.dat
HP Image Zone 4.0-->G:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Software Update-->MsiExec.exe /X{457791C5-D702-4143-A7B2-2744BE9573F2}
iDeal Designer-->MsiExec.exe /X{AA57A52B-54DA-43C2-8C0D-8C65C829BD57}
IKEA Home Planner-->MsiExec.exe /I{AFA9D219-A7FD-4240-8793-E5C7C9D715F4}
Installation Windows Live-->G:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
iTunes-->MsiExec.exe /I{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
Les Sims 2-->G:\Program Files\EA GAMES\Les Sims 2\EAUninstall.exe
Logitech Audio Echo Cancellation Component-->MsiExec.exe /X{BEF726DD-4037-4214-8C6A-E625C02D2870}
Logitech Desktop Messenger-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
Logitech QuickCam-->MsiExec.exe /X{EC42ED6A-751D-45C0-A4F9-8CD00E4690FC}
Logitech Video Enumerator-->MsiExec.exe /X{EA516024-D84D-41F1-814F-83175A6188F2}
LUMIX Simple Viewer-->G:\Program Files\InstallShield Installation Information\{2CDCCE7E-55D5-40CC-AEA0-ABA54713501F}\setup.exe -runfromtemp -l0x040c -removeonly
Manual CanoScan 5000,5000F,8000F-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{D9261CAB-3E1D-423C-9DD6-2001056DA292}\setup.exe" -l0x40c
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"G:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "G:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->G:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0120-040C-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour de sécurité pour le Codeur Windows Media (KB954156)-->"G:\WINDOWS\$NtUninstallKB954156_WM9L$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)-->"G:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"G:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"G:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"G:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)-->"G:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 9 (KB936782)-->"G:\WINDOWS\$NtUninstallKB936782_WMP9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB890046)-->"G:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB893756)-->"G:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896358)-->"G:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896423)-->"G:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896428)-->"G:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899587)-->"G:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899591)-->"G:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB900725)-->"G:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901017)-->"G:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901214)-->"G:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB902400)-->"G:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905414)-->"G:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905749)-->"G:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB908519)-->"G:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911562)-->"G:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911927)-->"G:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913580)-->"G:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914388)-->"G:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914389)-->"G:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918118)-->"G:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918439)-->"G:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920213)-->"G:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920670)-->"G:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920683)-->"G:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920685)-->"G:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922819)-->"G:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923191)-->"G:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923414)-->"G:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"G:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923689)-->"G:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->G:\WINDOWS\system32\MacroMed\Flash\genuinst.exe G:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB923980)-->"G:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924270)-->"G:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924496)-->"G:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924667)-->"G:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925902)-->"G:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926255)-->"G:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926436)-->"G:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927779)-->"G:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927802)-->"G:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928255)-->"G:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928843)-->"G:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB929123)-->"G:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB930178)-->"G:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931261)-->"G:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931784)-->"G:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB932168)-->"G:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB933729)-->"G:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB935839)-->"G:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB935840)-->"G:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB936021)-->"G:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB937894)-->"G:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938127)-->"G:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"G:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941202)-->"G:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"G:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941644)-->"G:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941693)-->"G:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943055)-->"G:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943460)-->"G:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943485)-->"G:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944338)-->"G:\WINDOWS\$NtUninstallKB944338$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944653)-->"G:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB945553)-->"G:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946026)-->"G:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"G:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB948590)-->"G:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950749)-->"G:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950759)-->"G:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"G:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"G:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"G:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"G:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"G:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"G:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"G:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"G:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"G:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953838)-->"G:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"G:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"G:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"G:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"G:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956390)-->"G:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"G:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"G:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"G:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"G:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"G:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956844)-->"G:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"G:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"G:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958215)-->"G:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958470)-->"G:\WINDOWS\$NtUninstallKB958470$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"G:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"G:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"G:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"G:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"G:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960714)-->"G:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"G:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"G:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960859)-->"G:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371)-->"G:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"G:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"G:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB963027)-->"G:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"G:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969897)-->"G:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969898)-->"G:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"G:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971032)-->"G:\WINDOWS\$NtUninstallKB971032$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971557)-->"G:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"G:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971657)-->"G:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971961)-->"G:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB972260)-->"G:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"G:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973354)-->"G:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973507)-->"G:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973869)-->"G:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB894391)-->"G:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB898461)-->"G:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB900485)-->"G:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB908531)-->"G:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB910437)-->"G:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB911280)-->"G:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB916595)-->"G:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB920872)-->"G:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB922582)-->"G:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB925720)-->"G:\WINDOWS\$NtUninstallKB925720$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB927891)-->"G:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB930916)-->"G:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB938828)-->"G:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB942763)-->"G:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"G:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"G:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"G:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"G:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973815)-->"G:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
MobileMe Control Panel-->MsiExec.exe /I{924EB80F-C2BB-4B9F-8412-88BBA937393F}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
Nero 7 Essentials-->MsiExec.exe /X{1A6A6531-08FC-47AD-BAC4-C41497E71036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Neuf - Kit de connexion-->G:\Program Files\Neuf\Kit\uninstall.exe
NVIDIA Drivers-->G:\WINDOWS\system32\nvudisp.exe UninstallGUI
OmniPage SE-->MsiExec.exe /I{6249C22D-E6A8-407B-BA8B-40298848ED94}
Outil de mise à jour Google-->"G:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PHOTOfunSTUDIO -viewer--->G:\Program Files\InstallShield Installation Information\{9A9DBEBC-C800-4776-A970-D76D6AA405B1}\Setup.exe -runfromtemp -l0x040cPackage -removeonly
Pilotes NVIDIA nForce pour Windows 2000/XP-->rundll32.exe G:\WINDOWS\system32\NVNFINST.DLL,NvUninstallCrush
PowerArchiver 2006 v9.50 French-->"G:\Program Files\PowerArchiver\unins000.exe"
PowerDVD-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
Presto! PageManager 6-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{580183A6-FF92-11D5-9294-0050BA073EEC}\setup.exe" -l0x40c anything
PriceGong 1.5.0-->G:\Program Files\PriceGong\uninst.exe
Programme de gestion Camera de Logitech®-->"G:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sid Meier's Civilization 4-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}\setup.exe" -l0x40c -removeonly
SILKYPIX Developer Studio 2.1 SE-->G:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{5B25274F-088A-4A24-AE12-4AEE9278025A} /l1036 UNINSTALL
StairDesigner 6.05a-->G:\Program Files\Boole & Partners\StairDesigner 6\Uninstall.exe
Sweet Home 3D version 1.6-->"G:\Program Files\Sweet Home 3D\unins000.exe"
Ulead VideoStudio 7 SE DVD-->RunDll32 G:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "G:\Program Files\InstallShield Installation Information\{757AD3D4-036B-42FA-B0A4-96BD6F4605A0}\setup.exe" -l0x40c
UMVPLStandalone-->MsiExec.exe /X{8AC049F7-1383-45C3-9E7D-F93CA667F9E1}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->G:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VideoLAN VLC media player 0.8.6d-->G:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Imaging Component-->"G:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"G:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
Windows Media Format Runtime-->"G:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

======Security center information======

AV: avast! antivirus 4.8.1351 [VPS 090924-0]

======System event log======

Computer Name: UNICORNI-0B24B2
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 2 Uniprocessor Free.

Record Number: 36054
Source Name: EventLog
Time Written: 20090903145005.000000+120
Event Type: Informations
User:

Computer Name: UNICORNI-0B24B2
Event Code: 6006
Message: Le service d'Enregistrement d'événement a été arrêté.

Record Number: 36053
Source Name: EventLog
Time Written: 20090903094022.000000+120
Event Type: Informations
User:

Computer Name: UNICORNI-0B24B2
Event Code: 7036
Message: Le service Google Software Updater est entré dans l'état : arrêté.

Record Number: 36052
Source Name: Service Control Manager
Time Written: 20090903084848.000000+120
Event Type: Informations
User:

Computer Name: UNICORNI-0B24B2
Event Code: 7036
Message: Le service Google Software Updater est entré dans l'état : en cours d'exécution.

Record Number: 36051
Source Name: Service Control Manager
Time Written: 20090903084748.000000+120
Event Type: Informations
User:

Computer Name: UNICORNI-0B24B2
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Google Software Updater.

Record Number: 36050
Source Name: Service Control Manager
Time Written: 20090903084748.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

=====Application event log=====

Computer Name: UNICORNI-0B24B2
Event Code: 1004
Message: L'utilisateur a accepté le CLUF.

Record Number: 4207
Source Name: WgaSetup
Time Written: 20090707075709.000000+120
Event Type: Informations
User:

Computer Name: UNICORNI-0B24B2
Event Code: 1002
Message: Starting interactive setup.

Record Number: 4206
Source Name: WgaSetup
Time Written: 20090707075709.000000+120
Event Type: Informations
User:

Computer Name: UNICORNI-0B24B2
Event Code: 1006
Message: Le CLUF a déjà été accepté.

Record Number: 4205
Source Name: WgaSetup
Time Written: 20090707075707.000000+120
Event Type: Informations
User:

Computer Name: UNICORNI-0B24B2
Event Code: 1517
Message: Windows a sauvegardé le Registre utilisateur UNICORNI-0B24B2\isabelle alors qu'une application ou un service utilisait toujours le Registre pendant la fermeture de la session. La mémoire utilisée par le Registre de l'utilisateur n'a pas été libérée. le Registre sera déchargé lorsqu'il ne sera plus utilisé.


Cela est souvent causé par des services s'exécutant en tant que compte d'utilisateur, essayez de configurer les services pour s'exécuter dans le compte service réseau ou service local.

Record Number: 4204
Source Name: Userenv
Time Written: 20090706233745.000000+120
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: UNICORNI-0B24B2
Event Code: 1002
Message: Application bloquée IEXPLORE.EXE, version 6.0.2900.2180, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Record Number: 4203
Source Name: Application Hang
Time Written: 20090706233157.000000+120
Event Type: erreur
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;G:\Program Files\Fichiers communs\Ulead Systems\MPEG;G:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0a00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;G:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=G:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------

@ +

nardino
 Posté le 28/09/2009 à 09:42 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

Bonjour,

Il reste ce programme à virer :

G:\Program Files\PriceGong

Il semble y avoir un fichier uninst.exe pour ce faire.

@+

olam31
 Posté le 28/09/2009 à 10:17 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Bonjour

Je ne trouve pas le répertoire G:\Program Files\PriceGong

Je pensais avoir viré ce programme au tout début, suite à ton premier message, justement par le fichier uninst...

@+

nardino
 Posté le 28/09/2009 à 10:26 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

Bonjour.

Supprime les rapports RSIT et fais un nouveau scan.

Poste le nouveau rapport Info.txt.

@+

Publicité
Pages : [1] 2 ... Fin
Page 1 sur 2 [Fin]

Vous devez être connecté pour poster des messages. Cliquez ici pour vous identifier.

Vous n'avez pas de compte ? Créez-en un gratuitement !


Sujets relatifs
winferno schredder c installé
au secours comment faire pour supprimer winferno,
Besoin d'aide pour éliminer Winferno, Playlotgame
Eliminer Barre ASK
eliminer plusNetwork et reinage.com
10 non-malware à éliminer ...
eliminer virus ?
eliminer downloaditkeep
eliminer DOSEARCHES
Eliminer do searches
Plus de sujets relatifs à au secours, éliminer winferno et schredder
 > Tous les forums > Forum Sécurité