> Tous les forums > Forum Sécurité
 Windows ne trouve pas...Sujet résolu
Ajouter un message à la discussion
Page : [1] 
Page 1 sur 1
coceane007
  Posté le 25/06/2010 @ 17:20 
Aller en bas de la page 
Nouvelle astucienne

Bonjour,

Voila j'ai un petit soucis au démarrage de mon pc. En effet, au démarrage sur mon bureau 2 messages apparaissent :

1ere fenêtre : windows ne trouve pas : windows\system32\winsit.exe

2eme fenêtre : windows ne trouve pas : windows\inf\other.exe

J'ai lancé hijackthis, je ne sais pas si ca peut vous aider - je vous mets tout de même le rapport. Si vous pouvez m'aider à résoudre le problème ce serait super, merci d'avance en tout cas.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:51:46, on 25/06/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\SYSTEM32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\SYSTEM32\Ati2evxx.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\system32\aspimgr.exe
H:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
H:\WINDOWS\Explorer.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
H:\Program Files\Java\jre6\bin\jqs.exe
H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdiserv.exe
H:\WINDOWS\system32\lxdicoms.exe
H:\Program Files\CyberLink\Shared Files\RichVideo.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\System32\vssvc.exe
H:\WINDOWS\system32\SearchIndexer.exe
H:\WINDOWS\System32\wbem\wmiapsrv.exe
H:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
H:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
H:\Program Files\Nero\Nero 7\InCD\InCD.exe
H:\Program Files\Orange\Systray\SystrayApp.exe
H:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
H:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
H:\Program Files\HP\HP Software Update\HPWuSchd2.exe
H:\Program Files\HP\hpcoretech\hpcmpmgr.exe
H:\WINDOWS\system32\hphmon06.exe
H:\WINDOWS\system32\rundll32.exe
H:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
H:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
H:\WINDOWS\Mixer.exe
H:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
H:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
H:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
H:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
H:\WINDOWS\system32\HPZipm12.exe
H:\Program Files\Multimedia Combo Set Driver\PS2USBKbdDrv.exe
H:\Program Files\Multimedia Combo Set Driver\MouseDrv.exe
H:\Program Files\WiFi Station pour Livebox\WiFiStationLB.exe
H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Anti virus a garder\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - H:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
F2 - REG:system.ini: Shell=Explorer.exe H:\WINDOWS\system32\WinSit.exe
F3 - REG:win.ini: load=H:\WINDOWS\inf\Other.exe
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - H:\Program Files\AutocompletePro\AutocompletePro.dll (file missing)
O2 - BHO: ADC PlugIn - {149256D5-E103-4523-BB43-2CFB066839D6} - H:\Program Files\adc_w32.dll (file missing)
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - H:\Documents and Settings\Vibert\Bureau\jccatch.dll (file missing)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - H:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - H:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - H:\Documents and Settings\Vibert\Bureau\getflash.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Adobe Photo Downloader] "H:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] "H:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [SecurDisc] "H:\Program Files\Nero\Nero 7\InCD\NBHGui.exe"
O4 - HKLM\..\Run: [InCD] "H:\Program Files\Nero\Nero 7\InCD\InCD.exe"
O4 - HKLM\..\Run: [WireLessMouse] H:\Program Files\Multimedia Combo Set Driver\StartAutorun.exe MouseDrv.exe
O4 - HKLM\..\Run: [WireLessKeyboard] H:\Program Files\Multimedia Combo Set Driver\StartAutorun.exe PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "H:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] H:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [FaxCenterServer] "H:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] H:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [Flashget] H:\Documents and Settings\Vibert\Bureau\FlashGet.exe /min
O4 - HKLM\..\Run: [HPHUPD06] H:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Software Update] "H:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "H:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] H:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [lxdimon.exe] "H:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
O4 - HKLM\..\Run: [lxdiamon] "H:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [StartCCC] "H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [TkBellExe] "H:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RemoteControl] "H:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "H:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKCU\..\Run: [MsnMsgr] "H:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] H:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [fxdkryutd] h:\documents and settings\vibert\local settings\application data\fxdkryutd.exe fxdkryutd
O4 - HKCU\..\Run: [OM_Monitor] H:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [swg] "H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] H:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: WiFi Station pour Livebox.lnk = H:\Program Files\WiFi Station pour Livebox\WiFiStationLB.exe
O8 - Extra context menu item: &Tout télécharger avec FlashGet - H:\Documents and Settings\Vibert\Bureau\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - H:\Documents and Settings\Vibert\Bureau\jc_link.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://H:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: SmartShopper - Compare product prices - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - H:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll (file missing)
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - H:\Documents and Settings\Vibert\Bureau\FlashGet.exe (file missing)
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - H:\Documents and Settings\Vibert\Bureau\FlashGet.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {195B4BBF-E1E4-4020-9773-0A8C6F65EA35} (CPlayFirstCookingDasControl Object) - http://jeuxenligne.orange.fr/orange2.0/games/channel--110167437/lc--fr/room--9162541b-57c7-4817-89cd-6c43e05d7c70/online/cooking_dash/fr/cookingdashweb.1.0.0.9.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {49E67060-2C0D-415E-94C7-52A49F73B2F1} (CPlayFirstPiratePoppersControl Object) - file:///H:/Documents%20and%20Settings/Vibert/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/PiratePoppers.1.0.0.39.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1203533282156
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1203615507171
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://jeuxenligne.orange.fr/GameShell/online/fr/luxor/mjolauncher.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - file:///H:/Documents%20and%20Settings/Vibert/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/popcaploader_v6.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O18 - Protocol: bw+0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - H:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Boonty Games - Unknown owner - H:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - H:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - H:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - H:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - H:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
O23 - Service: lxdi_device - - H:\WINDOWS\system32\lxdicoms.exe
O23 - Service: NBService - Nero AG - H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - H:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - H:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - H:\Program Files\CyberLink\Shared Files\RichVideo.exe

--
End of file - 26900 bytes

Publicité
nardino
 Posté le 25/06/2010 à 17:23 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

Bonjour,

Infection, il y a par Navipromo.

Désactive Tea-Timer de Spybot S&D.

Télécharge Navilog de Il-Mafioso sur ton bureau en désactivant ton antivirus:
http://pagesperso-orange.fr/il.mafioso/Navifix/Navilog1.exe

Double-clique sur Navilog1.exe.
Au menu principal suivant, choisis 1 et valide par Entrée.
Puis de nouveau 1 quand cela te sera proposé.
Patiente jusqu'au message : *** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Poste-le par copier-coller dans ta réponse.
Le rapport sera enregistré en C:\cleanavi.txt

Poste ensuite un nouveau rapport log.txt de RSIT.

Nous verrons pour les toolbars.

@+



Modifié par nardino le 25/06/2010 17:25
coceane007
 Posté le 25/06/2010 à 17:45 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvelle astucienne

Voici le rapport de Navilog1 :

Fix Navipromo version 4.0.9 commencé le 25/06/2010 17:39:58,64

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis H:\navilog1

Mise à jour le 21.06.2010 à 18h00 par IL-MAFIOSO

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Sempron(tm) Processor 3200+ )
BIOS : BIOS Date: 04/18/06 17:38:25 Ver: 08.00.12
USER : Vibert ( Administrator )
BOOT : Normal boot


D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (Local Disk) - NTFS - Total:232 Go (Free:70 Go)
I:\ (USB)


Recherche executée en mode normal


Aucune Infection Navipromo/Egdaccess trouvée

*** Scan terminé 25/06/2010 17:40:06,31 ***

Voici celui de log.txt de RSIT :

Logfile of random's system information tool 1.07 (written by random/random)
Run by Vibert at 2010-06-25 17:44:57
Microsoft Windows XP Édition familiale Service Pack 3
System drive H: has 72 GB (30%) free of 238 GB
Total RAM: 1407 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:45:37, on 25/06/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\SYSTEM32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\SYSTEM32\Ati2evxx.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\system32\aspimgr.exe
H:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
H:\Program Files\Java\jre6\bin\jqs.exe
H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdiserv.exe
H:\WINDOWS\system32\lxdicoms.exe
H:\WINDOWS\Explorer.exe
H:\Program Files\CyberLink\Shared Files\RichVideo.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\System32\vssvc.exe
H:\WINDOWS\system32\SearchIndexer.exe
H:\WINDOWS\System32\wbem\wmiapsrv.exe
H:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
H:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
H:\Program Files\Nero\Nero 7\InCD\InCD.exe
H:\Program Files\Orange\Systray\SystrayApp.exe
H:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
H:\Program Files\HP\HP Software Update\HPWuSchd2.exe
H:\Program Files\HP\hpcoretech\hpcmpmgr.exe
H:\WINDOWS\system32\hphmon06.exe
H:\WINDOWS\system32\rundll32.exe
H:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
H:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
H:\WINDOWS\Mixer.exe
H:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
H:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
H:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
H:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\WiFi Station pour Livebox\WiFiStationLB.exe
H:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
H:\WINDOWS\system32\HPZipm12.exe
H:\Program Files\Multimedia Combo Set Driver\MouseDrv.exe
H:\Program Files\Multimedia Combo Set Driver\PS2USBKbdDrv.exe
H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Anti virus a garder\RSIT.exe
H:\Program Files\trend micro\Vibert.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - H:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
F2 - REG:system.ini: Shell=Explorer.exe H:\WINDOWS\system32\WinSit.exe
F3 - REG:win.ini: load=H:\WINDOWS\inf\Other.exe
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - H:\Program Files\AutocompletePro\AutocompletePro.dll (file missing)
O2 - BHO: ADC PlugIn - {149256D5-E103-4523-BB43-2CFB066839D6} - H:\Program Files\adc_w32.dll (file missing)
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - H:\Documents and Settings\Vibert\Bureau\jccatch.dll (file missing)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - H:\Documents and Settings\All Users\Application

Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Fichiers communs\Microsoft Shared\Windows

Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - H:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - H:\Documents and Settings\Vibert\Bureau\getflash.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Adobe Photo Downloader] "H:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] "H:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [SecurDisc] "H:\Program Files\Nero\Nero 7\InCD\NBHGui.exe"
O4 - HKLM\..\Run: [InCD] "H:\Program Files\Nero\Nero 7\InCD\InCD.exe"
O4 - HKLM\..\Run: [WireLessMouse] H:\Program Files\Multimedia Combo Set Driver\StartAutorun.exe MouseDrv.exe
O4 - HKLM\..\Run: [WireLessKeyboard] H:\Program Files\Multimedia Combo Set Driver\StartAutorun.exe PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "H:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] H:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [FaxCenterServer] "H:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] H:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [Flashget] H:\Documents and Settings\Vibert\Bureau\FlashGet.exe /min
O4 - HKLM\..\Run: [HPHUPD06] H:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Software Update] "H:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "H:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] H:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [lxdimon.exe] "H:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
O4 - HKLM\..\Run: [lxdiamon] "H:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [StartCCC] "H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [TkBellExe] "H:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RemoteControl] "H:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "H:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKCU\..\Run: [MsnMsgr] "H:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] H:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [OM_Monitor] H:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [swg] "H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: WiFi Station pour Livebox.lnk = H:\Program Files\WiFi Station pour Livebox\WiFiStationLB.exe
O8 - Extra context menu item: &Tout télécharger avec FlashGet - H:\Documents and Settings\Vibert\Bureau\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - H:\Documents and Settings\Vibert\Bureau\jc_link.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://H:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: SmartShopper - Compare product prices - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - H:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll (file missing)
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - H:\Documents and Settings\Vibert\Bureau\FlashGet.exe (file missing)
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - H:\Documents and Settings\Vibert\Bureau\FlashGet.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {195B4BBF-E1E4-4020-9773-0A8C6F65EA35} (CPlayFirstCookingDasControl Object) -

http://jeuxenligne.orange.fr/orange2.0/games/channel--110167437/lc--fr/room--9162541b-57c7-4817-89cd-6c43e05d7c70/online/cooking_dash/fr/cookingdashweb.1.0.0.9.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {49E67060-2C0D-415E-94C7-52A49F73B2F1} (CPlayFirstPiratePoppersControl Object) -

file:///H:/Documents%20and%20Settings/Vibert/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/PiratePoppers.1.0.0.39.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1203533282156
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1203615507171
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://jeuxenligne.orange.fr/GameShell/online/fr/luxor/mjolauncher.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -

file:///H:/Documents%20and%20Settings/Vibert/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/popcaploader_v6.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O18 - Protocol: bw+0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - H:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - H:\WINDOWS\System32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - H:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Boonty Games - Unknown owner - H:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - H:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - H:\WINDOWS\system32\services.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - Unknown owner - H:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - H:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - H:\WINDOWS\System32\imapi.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - H:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - H:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - H:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
O23 - Service: lxdi_device - - H:\WINDOWS\system32\lxdicoms.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - H:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: NBService - Nero AG - H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - H:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - H:\WINDOWS\system32\services.exe
O23 - Service: Pml Driver HPZ12 - HP - H:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - H:\WINDOWS\system32\sessmgr.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - H:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - H:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - H:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - H:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - H:\WINDOWS\System32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - H:\Program Files\Windows Media Player\WMPNetwk.exe

--
End of file - 28147 bytes

======Scheduled tasks folder======

H:\WINDOWS\tasks\AppleSoftwareUpdate.job
H:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
H:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
H:\WINDOWS\tasks\HP Usg Daily FY04.job
H:\WINDOWS\tasks\PCConfidential.job
H:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-220523388-1897051121-725345543-1004.job
H:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-220523388-1897051121-725345543-1004.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
AC-Pro - H:\Program Files\AutocompletePro\AutocompletePro.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{149256D5-E103-4523-BB43-2CFB066839D6}]
ADC PlugIn - H:\Program Files\adc_w32.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - H:\Documents and Settings\Vibert\Bureau\jccatch.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - H:\Documents and Settings\All Users\Application

Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-05-18 341600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - H:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-05 279664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - H:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-04-05 812528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - H:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-12 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - H:\Documents and Settings\Vibert\Bureau\getflash.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-05 279664]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Photo Downloader"=H:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe [2007-03-16 63712]
"Adobe Reader Speed Launcher"=H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"NeroFilterCheck"=H:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"SecurDisc"=H:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [2007-05-15 1628208]
"InCD"=H:\Program Files\Nero\Nero 7\InCD\InCD.exe [2007-05-15 1057328]
"WireLessMouse"=H:\Program Files\Multimedia Combo Set Driver\StartAutorun.exe [2005-11-30 94208]
"WireLessKeyboard"=H:\Program Files\Multimedia Combo Set Driver\StartAutorun.exe [2005-11-30 94208]
"SystrayORAHSS"=H:\Program Files\Orange\Systray\SystrayApp.exe [2007-09-25 94208]
"ORAHSSSessionManager"=H:\Program Files\Orange\SessionManager\SessionManager.exe [2007-09-25 102400]
"Logitech Hardware Abstraction Layer"=H:\WINDOWS\KHALMNPR.EXE [2007-09-21 55824]
"FaxCenterServer"=H:\Program Files\\Lexmark Fax Solutions\fm3032.exe [2007-07-16 311984]
"Kernel and Hardware Abstraction Layer"=H:\WINDOWS\KHALMNPR.EXE [2007-09-21 55824]
"HPDJ Taskbar Utility"=H:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe [2004-04-06 172032]
"Flashget"=H:\Documents and Settings\Vibert\Bureau\FlashGet.exe /min []
"HPHUPD06"=H:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe [2004-06-07 49152]
"HP Software Update"=H:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2004-02-12 49152]
"HP Component Manager"=H:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
"HPHmon06"=H:\WINDOWS\system32\hphmon06.exe [2004-06-07 659456]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"lxdimon.exe"=H:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe [2007-07-16 434864]
"lxdiamon"=H:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe [2007-07-16 25264]
"C-Media Mixer"=Mixer.exe /startup []
"SunJavaUpdateSched"=H:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040]
"QuickTime Task"=H:\Program Files\QuickTime\qttask.exe [2009-11-11 417792]
"StartCCC"=H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-09-29 61440]
"TkBellExe"=H:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2010-05-18 202256]
"RemoteControl"=H:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]
"LanguageShortcut"=H:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=H:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"LDM"=H:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-04-10 32768]
"OM_Monitor"=H:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe [2006-05-16 57344]
"swg"=H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-04-05 39408]
"ctfmon.exe"=H:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

H:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
WiFi Station pour Livebox.lnk - H:\Program Files\WiFi Station pour Livebox\WiFiStationLB.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
H:\WINDOWS\SYSTEM32\Ati2evxx.dll [2009-09-30 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avldr]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - H:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - H:\WINDOWS\system32\upnpui.dll [2008-04-14 240128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=H:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"H:\Program Files\uTorrent\uTorrent.exe"="H:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"H:\Program Files\Orange\LiveboxUtilities\LiveboxUtilities.exe"="H:\Program Files\Orange\LiveboxUtilities\LiveboxUtilities.exe:*:Enabled:LiveboxUtilities"
"H:\Program Files\Messenger\msmsgs.exe"="H:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"H:\Program Files\eMule\emule.exe"="H:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"H:\Program Files\Orange\Connectivity\ConnectivityManager.exe"="H:\Program Files\Orange\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
"H:\WINDOWS\system32\dxdiag.exe"="H:\WINDOWS\system32\dxdiag.exe:*:Enabled:Outil de diagnostic Microsoft DirectX"
"H:\WINDOWS\system32\lxdicoms.exe"="H:\WINDOWS\system32\lxdicoms.exe:*:Enabled:Lexmark Communications System"
"H:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"="H:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe:*:Enabled:Lexmark Device Monitor"
"H:\Program Files\Lexmark 3500-4500 Series\App4r.exe"="H:\Program Files\Lexmark 3500-4500 Series\App4r.exe:*:Enabled:Lexmark Imaging Studio"
"H:\Program Files\Abbyy FineReader 6.0 Sprint\scan\scanman6.exe"="H:\Program Files\Abbyy FineReader 6.0 Sprint\scan\scanman6.exe:*:Enabled:ABBYY FineReader"
"H:\Program Files\Lexmark Fax Solutions\FaxCtr.exe"="H:\Program Files\Lexmark Fax Solutions\FaxCtr.exe:*:Enabled:Fax software"
"H:\Program Files\Real\RealPlayer\realplay.exe"="H:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"H:\Program Files\Internet Explorer\iexplore.exe"="H:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:iexplore"
"H:\WINDOWS\system32\rundll32.exe"="H:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"H:\Documents and Settings\Vibert\Bureau\flashget.exe"="H:\Documents and Settings\Vibert\Bureau\flashget.exe:*:Enabled:Flashget"
"H:\Jeux\Age of Empires II\empires2.exe"="H:\Jeux\Age of Empires II\empires2.exe:*:Enabled:Age of Empires II"
"H:\WINDOWS\system32\dplaysvr.exe"="H:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"H:\WINDOWS\system32\dpnsvr.exe"="H:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"H:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="H:\Program Files\Logitech\Desktop

Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"H:\WINDOWS\system32\dpvsetup.exe"="H:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"H:\Documents and Settings\Vibert\Bureau\Video Cleaner\VideoCleaner.exe"="H:\Documents and Settings\Vibert\Bureau\Video Cleaner\VideoCleaner.exe:*:Enabled:River Past Video

Cleaner"
"H:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"="H:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe:*:Enabled:Device Monitor"
"H:\Documents and Settings\Vibert\Local Settings\Temp\lxdi\wireless\FRENCH\lxdiwpss.exe"="H:\Documents and Settings\Vibert\Local

Settings\Temp\lxdi\wireless\FRENCH\lxdiwpss.exe:*:Enabled: "
"H:\WINDOWS\system32\spool\drivers\w32x86\3\lxdipswx.exe"="H:\WINDOWS\system32\spool\drivers\w32x86\3\lxdipswx.exe:*:Enabled:Printer Status Window Interface"
"H:\WINDOWS\system32\spool\drivers\w32x86\3\lxditime.exe"="H:\WINDOWS\system32\spool\drivers\w32x86\3\lxditime.exe:*:Enabled:Lexmark Connect Time Executable"
"H:\Program Files\Lexmark 3500-4500 Series\Wireless\lxdiwpss.exe"="H:\Program Files\Lexmark 3500-4500 Series\Wireless\lxdiwpss.exe:*:Enabled: "
"H:\Program Files\Video Cleaner recaler bandes sons et videos\VideoCleaner.exe"="H:\Program Files\Video Cleaner recaler bandes sons et videos\VideoCleaner.exe:*:Enabled:River

Past Video Cleaner"
"H:\Program Files\Mozilla Firefox\firefox.exe"="H:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"H:\WINDOWS\system32\spool\drivers\w32x86\3\lxdijswx.exe"="H:\WINDOWS\system32\spool\drivers\w32x86\3\lxdijswx.exe:*:Enabled:Job Status Window Interface"
"H:\WINDOWS\system32\spool\drivers\w32x86\3\lxdiwbgw.exe"="H:\WINDOWS\system32\spool\drivers\w32x86\3\lxdiwbgw.exe:*:Enabled:Lexmark Web Gateway"
"H:\Program Files\Windows Live\Messenger\msnmsgr.exe"="H:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"H:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="H:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"H:\WINDOWS\system32\lxdicfg.exe"="H:\WINDOWS\system32\lxdicfg.exe:*:Enabled:Printer Communication System"
"H:\WINDOWS\system32\lxdiih.exe"="H:\WINDOWS\system32\lxdiih.exe:*:Enabled:Printer Communication System"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"H:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="H:\Program Files\Logitech\Desktop

Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"H:\Program Files\Lexmark 3500-4500 Series\app4r.exe"="H:\Program Files\Lexmark 3500-4500 Series\App4R.exe:*:Enabled:Lexmark Imaging Studio"
"H:\Program Files\Windows Live\Messenger\msnmsgr.exe"="H:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"H:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="H:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3a649057-747f-11de-b567-0008d3382bc9}]
shell\AutoRun\command - I:\EmDesk.exe
shell\EmDesk\command - I:\EmDesk.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b4a6eecb-5115-11df-b6ca-0008d3382bc9}]
shell\AutoRun\command - C:\autorun\autorun.exe


======List of files/folders created in the last 1 months======

2010-06-25 17:44:57 ----D---- H:\Program Files\trend micro
2010-06-25 17:42:32 ----DC---- H:\rsit
2010-06-25 17:39:51 ----D---- H:\Program Files\Navilog1
2010-06-25 17:28:05 ----AC---- H:\cleannavi.txt
2010-06-25 17:27:39 ----ADC---- H:\Navilog1
2010-06-24 10:21:07 ----D---- H:\Program Files\Anti virus a garder
2010-06-23 10:28:31 ----SHDC---- H:\Config.Msi
2010-06-19 15:40:19 ----D---- H:\Documents and Settings\Vibert\Application Data\dvdcss
2010-06-11 19:57:49 ----HDC---- H:\WINDOWS\$NtUninstallKB980218$
2010-06-11 19:57:06 ----HDC---- H:\WINDOWS\$NtUninstallKB980195$
2010-06-11 19:51:16 ----HDC---- H:\WINDOWS\$NtUninstallKB979559$
2010-06-11 19:46:35 ----HDC---- H:\WINDOWS\$NtUninstallKB978695_WM9$
2010-06-11 19:46:30 ----HDC---- H:\WINDOWS\$NtUninstallKB979482$
2010-06-11 19:46:19 ----HDC---- H:\WINDOWS\$NtUninstallKB975562$
2010-06-04 23:38:02 ----A---- H:\WINDOWS\system32\tmp.txt
2010-06-04 23:27:19 ----D---- H:\Program Files\Spybot - Search & Destroy
2010-06-04 22:53:29 ----A---- H:\WINDOWS\ntbtlog.txt
2010-06-02 13:02:20 ----A---- H:\WINDOWS\system32\aspimgr.exe
2010-06-02 05:03:49 ----HDC---- H:\WINDOWS\$NtUninstallKB981793$

======List of files/folders modified in the last 1 months======

2010-06-25 17:44:57 ----RD---- H:\Program Files
2010-06-25 17:39:27 ----A---- H:\WINDOWS\NeroDigital.ini
2010-06-25 17:39:20 ----SD---- H:\WINDOWS\Tasks
2010-06-25 17:31:39 ----D---- H:\WINDOWS\Temp
2010-06-25 17:31:03 ----D---- H:\WINDOWS\system32\CatRoot2
2010-06-25 17:29:46 ----A---- H:\WINDOWS\SchedLgU.Txt
2010-06-25 16:43:22 ----D---- H:\WINDOWS\Prefetch
2010-06-25 16:26:01 ----D---- H:\WINDOWS
2010-06-25 13:20:28 ----D---- H:\Program Files\eMule
2010-06-24 22:29:05 ----D---- H:\Documents and Settings\Vibert\Application Data\Real
2010-06-23 23:02:03 ----D---- H:\Program Files\Mozilla Firefox
2010-06-23 21:50:50 ----D---- H:\WINDOWS\system32\config
2010-06-23 21:50:49 ----HD---- H:\WINDOWS\inf
2010-06-23 21:50:49 ----D---- H:\WINDOWS\system32
2010-06-23 21:50:49 ----D---- H:\WINDOWS\Help
2010-06-23 20:09:26 ----D---- H:\WINDOWS\system
2010-06-23 20:09:11 ----AC---- H:\WINDOWS\WININIT.INI
2010-06-23 12:51:11 ----D---- H:\WINDOWS\Microsoft.NET
2010-06-23 12:51:07 ----RSD---- H:\WINDOWS\assembly
2010-06-23 10:30:43 ----SHD---- H:\WINDOWS\Installer
2010-06-23 10:29:50 ----AC---- H:\WINDOWS\system32\PerfStringBackup.INI
2010-06-23 10:29:31 ----D---- H:\WINDOWS\WinSxS
2010-06-23 00:00:09 ----AC---- H:\WINDOWS\g32.txt
2010-06-19 16:34:16 ----RSHDC---- H:\WINDOWS\system32\dllcache
2010-06-19 16:27:59 ----D---- H:\Program Files\CyberLink
2010-06-19 16:17:32 ----HD---- H:\Program Files\InstallShield Installation Information
2010-06-19 15:44:52 ----D---- H:\Documents and Settings\Vibert\Application Data\uTorrent
2010-06-11 19:57:58 ----A---- H:\WINDOWS\imsins.BAK
2010-06-11 19:56:45 ----HD---- H:\WINDOWS\$hf_mig$
2010-06-11 19:54:46 ----D---- H:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-06-11 19:50:59 ----D---- H:\Program Files\Internet Explorer
2010-06-11 19:50:49 ----D---- H:\WINDOWS\ie8updates
2010-06-05 11:18:57 ----D---- H:\WINDOWS\Registration
2010-06-05 00:26:02 ----DC---- H:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2010-06-04 10:36:44 ----D---- H:\Program Files\Microsoft Silverlight
2010-06-03 21:38:37 ----SD---- H:\Documents and Settings\All Users\Application Data\Microsoft
2010-05-28 21:37:34 ----AC---- H:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdPPM;Pilote de processeur AMD HwPState; H:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 cdrbsdrv;cdrbsdrv; H:\WINDOWS\system32\drivers\cdrbsdrv.sys [2004-03-08 13567]
R1 InCDPass;InCDPass; H:\WINDOWS\system32\drivers\InCDPass.sys [2007-05-15 37040]
R1 incdrm;InCD Reader; H:\WINDOWS\system32\drivers\InCDRm.sys [2007-05-15 38576]
R1 kbdhid;Pilote HID de clavier; H:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; H:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-08-21 21419]
R2 CdaC15BA;CdaC15BA; \??\H:\WINDOWS\system32\drivers\CdaC15BA.SYS []
R3 ati2mtag;ati2mtag; H:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-09-30 3565056]
R3 cmpci;C-Media PCI Audio Driver (WDM); H:\WINDOWS\system32\drivers\cmaudio.sys [2002-11-18 377358]
R3 HidUsb;Pilote de classe HID Microsoft; H:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; H:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-09-21 35088]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; H:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2007-09-21 36240]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; H:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2007-09-21 28432]
R3 mouhid;Pilote HID de souris; H:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 pfc;PADUS ASPI SHELL; H:\WINDOWS\system32\drivers\pfc.sys [2002-06-13 14604]
R3 RT73;Hercules Wireless USB Dongle Driver ; H:\WINDOWS\system32\DRIVERS\rt73.sys [2006-12-21 429440]
R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); H:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 usbccgp;Pilote parent générique USB Microsoft; H:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; H:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; H:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; H:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbstor;Pilote de stockage de masse USB; H:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 Wdf01000;Wdf01000; H:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
R4 InCDfs;InCD File System; H:\WINDOWS\system32\drivers\InCDFs.sys [2007-05-15 118576]
S3 AF05BDA;Cinergy T USB XE service; H:\WINDOWS\system32\drivers\AF05BDA.sys [2006-06-29 131456]
S3 Arp1394;Protocole client ARP 1394; H:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 ASPI;Advanced SCSI Programming Interface Driver; \??\H:\WINDOWS\System32\DRIVERS\ASPI32.sys []
S3 Bridge;Pont MAC; H:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BridgeMP;Miniport de pont MAC; H:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BthEnum;Pilote de bloc de demande Bluetooth; H:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Pilote de communications modem Bluetooth; H:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Périphérique Bluetooth (réseau personnel); H:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; H:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; H:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 CCDECODE;Décodeur sous-titre fermé; H:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\H:\Program Files\MediaCoder\SysInfo.sys []
S3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; H:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; H:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-03-18 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; H:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-03-18 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; H:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-22 21568]
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; H:\WINDOWS\System32\Drivers\L8042Kbd.sys [2006-01-20 13440]
S3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver; H:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2006-01-20 55552]
S3 LHidKe;Logitech SetPoint HID Mouse Filter Driver; H:\WINDOWS\system32\DRIVERS\LHidKE.Sys [2006-01-20 27776]
S3 LHidUsbK;Logitech SetPoint USB Receiver device driver; H:\WINDOWS\System32\Drivers\LHidUsbK.Sys [2006-01-20 36608]
S3 LMouKE;Logitech SetPoint Mouse Filter Driver; H:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2006-01-20 69376]
S3 MPE;Filtre BDA MPE; H:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; H:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; H:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; H:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;Pilote réseau 1394; H:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\H:\WINDOWS\system32\PCAMPR5.SYS []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\H:\WINDOWS\system32\PCANDIS5.SYS []
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); H:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 RT61;Hawking HWPG1 Wireless Driver; H:\WINDOWS\system32\DRIVERS\RT61.sys [2005-10-27 356096]
S3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; H:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-02-27 81408]
S3 SLIP;Détrameur décalage BDA; H:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; H:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Classe d'imprimantes USB Microsoft; H:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; H:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WSTCODEC;Codec Teletext standard; H:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; H:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; H:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; H:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; H:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-04-24 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aspimgr;Microsoft ASPI Manager; H:\WINDOWS\system32\aspimgr.exe [2010-06-22 78336]
R2 Ati HotKey Poller;Ati HotKey Poller; H:\WINDOWS\system32\Ati2evxx.exe [2009-09-30 602112]
R2 BthServ;Bluetooth Support Service; H:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 FTRTSVC;France Telecom Routing Table Service; H:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-09-25 65536]
R2 InCDsrv;InCD Helper; H:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-05-15 1550896]
R2 JavaQuickStarterService;Java Quick Starter; H:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 lxdi_device;lxdi_device; H:\WINDOWS\system32\lxdicoms.exe [2007-06-11 517040]
R2 lxdiCATSCustConnectService;lxdiCATSCustConnectService; H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe [2007-06-11 99248]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); H:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]
R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; H:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
R2 WSearch;Windows Search; H:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 Pml Driver HPZ12;Pml Driver HPZ12; H:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536]
S2 ATI Smart;ATI Smart; H:\WINDOWS\system32\ati2sgag.exe [2009-09-29 593920]
S2 gupdate;Service Google Update (gupdate); H:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-05 135664]
S3 aspnet_state;ASP.NET State Service; H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Boonty Games;Boonty Games; H:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe []
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; h:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-04-05 182768]
S3 idsvc;Windows CardSpace; H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LBTServ;Logitech Bluetooth Service; H:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe [2007-11-15 121360]
S3 NBService;NBService; H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; H:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-05-08 271920]
S3 odserv;Microsoft Office Diagnostics Service; H:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; H:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; H:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

nardino
 Posté le 25/06/2010 à 18:08 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

Bonsoir

Etonnant, une ligne a disparu dans le second rapport ???

Télécharge et installe Malwarebytes Anti-Malware de RubbeR DuckY
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

A la fin de l'installation, veille à ce que l'option Mettre à jour Malwarebytes' Anti-Malware soit cochée. Clique sur "Terminer"
Lance Malwarebyte's Anti-Malware en double-cliquant sur l'icône sur le bureau.
Au premier lancement, une fenêtre t'annonce que la version est Free, clique sur OK.
Laisse les Mises à jour se télécharger.

Lance Malwarebytes Anti-Malware.
Dans l'onglet "Recherche", coche Exécuter un examen complet et Rechercher.
Sélectionne ton disque dur et clique sur Lancer l'examen.

A la fin du scan, sélectionne tout et clique sur Supprimer la sélection.
Poste le rapport qui s'ouvre après cette suppression.
Redémarre le pc.
Il se trouve dans l'onglet Rapports/Logs avec la date et l'heure d'exécution.
Le tutoriel de PCA

@+

coceane007
 Posté le 27/06/2010 à 12:36 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvelle astucienne

Bonjour,

désolé de ne pas avoir répondu tout de suite.

Voici le rapport après suppression des fichiers : Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4245

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

27/06/2010 12:35:50
mbam-log-2010-06-27 (12-35-50).txt

Type d'examen: Examen complet (H:\|)
Elément(s) analysé(s): 220259
Temps écoulé: 1 heure(s), 2 minute(s), 15 seconde(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 51
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 28

Processus mémoire infecté(s):
H:\WINDOWS\system32\aspimgr.exe (Trojan.Agent) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\smart-shopper.hbax (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smart-shopper.hbax.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smart-shopper.hbinfoband (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smart-shopper.hbinfoband.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smart-shopper.iebutton (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smart-shopper.iebutton.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smart-shopper.iebuttona (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smart-shopper.iebuttona.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smart-shopper.iebuttonb (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smart-shopper.iebuttonb.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smart-shopper.smrt-shprctrl (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\smart-shopper.smrt-shprctrl.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{90f62ef7-58d1-4e8e-bb3e-cfb10ba9e47b} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b2b92bc9-e149-4ee8-a93e-0b8cfb329808} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79b1445-dfea-4bef-a786-e0c0f33c863b} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4cf088bd-be95-40a5-be9b-677f8683edea} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6fac4823-815e-4361-836e-46d65ed2550b} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{911f251e-34fd-465e-b6ce-df00ff49a6be} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{fe4f1649-8909-49c0-87ba-24d65120db46} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{149256d5-e103-4523-bb43-2cfb066839d6} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{022c671f-6cba-4a03-a8f9-3b3a361b235a} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{305c6cb1-9d31-4489-881d-5a8e2dc3fe14} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{8ad815fc-607b-419f-8b70-d345a507a54e} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{4a7c84e2-e95c-43c6-8dd3-03abcd0eb60e} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{149256d5-e103-4523-bb43-2cfb066839d6} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bebf} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bec0} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4a7c84e2-e95c-43c6-8dd3-03abcd0eb60e} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8bcb5337-ec01-4e38-840c-a964f174255b} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{149256d5-e103-4523-bb43-2cfb066839d6} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bebf} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{149256d5-e103-4523-bb43-2cfb066839d6} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\H:/WINDOWS/Downloaded Program Files/popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c9c5deaf-0a1f-4660-8279-9edfad6fefe1} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Sysinternals Antivirus (Rogue.SysinternalsAntivirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Sft (Backdoor.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aspimgr (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\H:/WINDOWS/Downloaded Program Files/PiratePoppers.1.0.0.39.dll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{38d97cce-7243-4b6e-b6a8-dd872ad3eb33} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6868afe5-f258-47dc-bc37-0821f96dc1d2} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{49e67060-2c0d-415e-94c7-52a49f73b2f1} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{49e67060-2c0d-415e-94c7-52a49f73b2f1} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Smart-Shopper (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Smart-Shopper (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ADBUPD (Trojan.Agent) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bebf} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bec0} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\H:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\H:\WINDOWS\Downloaded Program Files\PiratePoppers.1.0.0.39.dll (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe H:\WINDOWS\system32\WinSit.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
H:\Documents and Settings\LocalService\Menu Démarrer\Programmes\Sysinternals Antivirus (Rogue.SysinternalsAntivirus) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
H:\Documents and Settings\All Users\Documents\Fun.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
H:\Documents and Settings\Vibert\Fun.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
H:\Documents and Settings\Vibert\Manu a la radio\Fun.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
H:\Documents and Settings\Vibert\Mes documents\Cathy\Fun.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
H:\Documents and Settings\Vibert\Mes documents\Mes images\APN ne pas effacer\Normandie Juillet 2009\Fun.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
H:\Documents and Settings\Vibert\Mes documents\Mes images\APN ne pas effacer\14 Juin 2009\Fun.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
H:\Documents and Settings\Vibert\Mes documents\Wallpaper\Fun.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{45DA68E6-FA21-4642-9FB0-499C05BA31FD}\RP740\A0168725.dll (Rogue.Agent) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{45DA68E6-FA21-4642-9FB0-499C05BA31FD}\RP740\A0168731.exe (Rogue.WindowsPolicePro) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{45DA68E6-FA21-4642-9FB0-499C05BA31FD}\RP740\A0168734.dll (Rogue.Agent) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{45DA68E6-FA21-4642-9FB0-499C05BA31FD}\RP740\A0168749.dll (Rogue.Agent) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{45DA68E6-FA21-4642-9FB0-499C05BA31FD}\RP740\A0168759.dll (Rogue.Agent) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{45DA68E6-FA21-4642-9FB0-499C05BA31FD}\RP740\A0169767.dll (Rogue.Agent) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{45DA68E6-FA21-4642-9FB0-499C05BA31FD}\RP740\A0169779.dll (Rogue.Agent) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{45DA68E6-FA21-4642-9FB0-499C05BA31FD}\RP740\A0170787.dll (Rogue.Agent) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{45DA68E6-FA21-4642-9FB0-499C05BA31FD}\RP740\A0170796.dll (Rogue.Agent) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{45DA68E6-FA21-4642-9FB0-499C05BA31FD}\RP740\A0170800.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{45DA68E6-FA21-4642-9FB0-499C05BA31FD}\RP740\A0170816.exe (Rogue.WindowsPolicePro) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{45DA68E6-FA21-4642-9FB0-499C05BA31FD}\RP740\A0170968.dll (Rogue.Agent) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{45DA68E6-FA21-4642-9FB0-499C05BA31FD}\RP750\A0176457.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
H:\System Volume Information\_restore{45DA68E6-FA21-4642-9FB0-499C05BA31FD}\RP752\A0178814.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
H:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
H:\Documents and Settings\LocalService\Menu Démarrer\Programmes\Sysinternals Antivirus\Sysinternals Antivirus.lnk (Rogue.SysinternalsAntivirus) -> Quarantined and deleted successfully.
H:\WINDOWS\system32\aspimgr.exe (Trojan.Agent) -> Quarantined and deleted successfully.
H:\WINDOWS\Downloaded Program Files\PiratePoppers.1.0.0.39.dll (Trojan.Agent) -> Quarantined and deleted successfully.
H:\WINDOWS\Downloaded Program Files\PiratePoppers.1.0.0.39.inf (Trojan.Agent) -> Quarantined and deleted successfully.
H:\WINDOWS\s32.txt (Malware.Trace) -> Quarantined and deleted successfully.
H:\WINDOWS\ws386.ini (Malware.Trace) -> Quarantined and deleted successfully.

nardino
 Posté le 27/06/2010 à 12:45 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

Bonjour,

Les choses ont changé je crois.

Poste un nouveau rapport log.txt de RSIT pour contrôle et donne des nouvelles.

@+

coceane007
 Posté le 27/06/2010 à 14:03 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvelle astucienne

et voici le rapport log.txt :

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:55:04, on 27/06/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\SYSTEM32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\SYSTEM32\Ati2evxx.exe
H:\WINDOWS\system32\spoolsv.exe
H:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
H:\Program Files\Java\jre6\bin\jqs.exe
H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdiserv.exe
H:\WINDOWS\system32\lxdicoms.exe
H:\Program Files\CyberLink\Shared Files\RichVideo.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\System32\vssvc.exe
H:\WINDOWS\system32\SearchIndexer.exe
H:\WINDOWS\Explorer.EXE
H:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
H:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
H:\Program Files\Nero\Nero 7\InCD\InCD.exe
H:\Program Files\Orange\Systray\SystrayApp.exe
H:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
H:\Program Files\HP\HP Software Update\HPWuSchd2.exe
H:\Program Files\HP\hpcoretech\hpcmpmgr.exe
H:\WINDOWS\system32\hphmon06.exe
H:\WINDOWS\system32\rundll32.exe
H:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
H:\WINDOWS\Mixer.exe
H:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
H:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
H:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
H:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
H:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\WiFi Station pour Livebox\WiFiStationLB.exe
H:\Program Files\Multimedia Combo Set Driver\MouseDrv.exe
H:\Program Files\Multimedia Combo Set Driver\PS2USBKbdDrv.exe
H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
H:\WINDOWS\System32\wbem\wmiapsrv.exe
H:\WINDOWS\system32\HPZipm12.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\trend micro\Vibert.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - H:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
F3 - REG:win.ini: load=H:\WINDOWS\inf\Other.exe
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - H:\Program Files\AutocompletePro\AutocompletePro.dll (file missing)
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - H:\Documents and Settings\Vibert\Bureau\jccatch.dll (file missing)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - H:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - H:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - H:\Documents and Settings\Vibert\Bureau\getflash.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Adobe Photo Downloader] "H:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] "H:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [SecurDisc] "H:\Program Files\Nero\Nero 7\InCD\NBHGui.exe"
O4 - HKLM\..\Run: [InCD] "H:\Program Files\Nero\Nero 7\InCD\InCD.exe"
O4 - HKLM\..\Run: [WireLessMouse] H:\Program Files\Multimedia Combo Set Driver\StartAutorun.exe MouseDrv.exe
O4 - HKLM\..\Run: [WireLessKeyboard] H:\Program Files\Multimedia Combo Set Driver\StartAutorun.exe PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "H:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] H:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [FaxCenterServer] "H:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] H:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [Flashget] H:\Documents and Settings\Vibert\Bureau\FlashGet.exe /min
O4 - HKLM\..\Run: [HPHUPD06] H:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Software Update] "H:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "H:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] H:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [lxdimon.exe] "H:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
O4 - HKLM\..\Run: [lxdiamon] "H:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [StartCCC] "H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [TkBellExe] "H:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RemoteControl] "H:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "H:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKCU\..\Run: [MsnMsgr] "H:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] H:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [OM_Monitor] H:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [swg] "H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: WiFi Station pour Livebox.lnk = H:\Program Files\WiFi Station pour Livebox\WiFiStationLB.exe
O8 - Extra context menu item: &Tout télécharger avec FlashGet - H:\Documents and Settings\Vibert\Bureau\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - H:\Documents and Settings\Vibert\Bureau\jc_link.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://H:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - H:\Documents and Settings\Vibert\Bureau\FlashGet.exe (file missing)
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - H:\Documents and Settings\Vibert\Bureau\FlashGet.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {195B4BBF-E1E4-4020-9773-0A8C6F65EA35} (CPlayFirstCookingDasControl Object) - http://jeuxenligne.orange.fr/orange2.0/games/channel--110167437/lc--fr/room--9162541b-57c7-4817-89cd-6c43e05d7c70/online/cooking_dash/fr/cookingdashweb.1.0.0.9.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1203533282156
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1203615507171
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://jeuxenligne.orange.fr/GameShell/online/fr/luxor/mjolauncher.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O18 - Protocol: bw+0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {0F811EBA-363E-4A78-BCB7-4C4789E05549} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - H:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - H:\WINDOWS\System32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - H:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Boonty Games - Unknown owner - H:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - H:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - H:\WINDOWS\system32\services.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - Unknown owner - H:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - H:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - H:\WINDOWS\System32\imapi.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - H:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - H:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - H:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
O23 - Service: lxdi_device - - H:\WINDOWS\system32\lxdicoms.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - H:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: NBService - Nero AG - H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - H:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - H:\WINDOWS\system32\services.exe
O23 - Service: Pml Driver HPZ12 - HP - H:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - H:\WINDOWS\system32\sessmgr.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - H:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - H:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - H:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - H:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - H:\WINDOWS\System32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - H:\Program Files\Windows Media Player\WMPNetwk.exe

--
End of file - 27209 bytes

----------------------------------------------------------

En ce qui concerne : windows\system32\winsit.exe - le problème est réglé

Par contre j'ai toujours windows\inf\other.exe qui apparait au démarrage

nardino
 Posté le 27/06/2010 à 14:35 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

Bonjour,

Lance H:\Program Files\trend micro\Vibert.exe
Choisi Do a scan system only
Coche ces lignes :

F3 - REG:win.ini: load=H:\WINDOWS\inf\Other.exe
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - H:\Program Files\AutocompletePro\AutocompletePro.dll (file missing)
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - H:\Documents and Settings\Vibert\Bureau\jccatch.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
Toutes les lignes 018

Clique sur Fix checked.

Désinstalle ces deux programmes :
Spybot - Search & Destroy
AutocompletePro

Télécharge OTM de OldTimer :
http://oldtimer.geekstogo.com/OTM.exe

Enregistre-le sur le Bureau.
Double-clique sur OTM.exe pour lancer l'outil.
Note :
Sous Vista, clic droit sur le fichier et Exécuter en tant qu'administrateur.
Copie toutes les lignes ci-dessous en citation par CTRL+C dans le presse-papier.


:files
H:\WINDOWS\inf\Other.exe
H:\Documents and Settings\Vibert\Bureau\jccatch.dll
H:\Program Files\AutocompletePro
H:\Program Files\Spybot - Search & Destroy
H:\Program Files\adc_w32.dll
H:\Navilog1
H:\cleannavi.txt
H:\Program Files\Navilog1

:commands
[purity]
[emptytemp]


Dans OTM, place le curseur dans la la fenêtre "Paste Instructions for Items to be Moved" et tu cliques sur CTRL+V pour coller le contenu du presse-papier.
Clique sur le bouton MoveIt!, le rouge.

http://i15.servimg.com/u/f15/11/05/93/83/otm10.jpg

Ferme l'outil. Le pc va redémarrer
Poste le contenu du rapport C:\_OTM\MovedFiles\********_******.log avec un rapport log.txt de RSIT
Les * représentent Mois/Jour/Année_Heure/Minutes/Secondes

@+

coceane007
 Posté le 27/06/2010 à 17:45 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvelle astucienne

rapport OTM :

All processes killed
========== FILES ==========
File/Folder H:\WINDOWS\inf\Other.exe not found.
File/Folder H:\Documents and Settings\Vibert\Bureau\jccatch.dll not found.
File/Folder H:\Program Files\AutocompletePro not found.
H:\Program Files\Spybot - Search & Destroy folder moved successfully.
File/Folder H:\Program Files\adc_w32.dll not found.
H:\Navilog1\Safebackup folder moved successfully.
H:\Navilog1\Report folder moved successfully.
H:\Navilog1\Contents folder moved successfully.
H:\Navilog1\Backupnavi folder moved successfully.
H:\Navilog1 folder moved successfully.
H:\cleannavi.txt moved successfully.
H:\Program Files\Navilog1 folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 132606 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33237 bytes

User: Vibert
->Temp folder emptied: 1604774 bytes
->Temporary Internet Files folder emptied: 60512788 bytes
->Java cache emptied: 83563310 bytes
->FireFox cache emptied: 36386262 bytes
->Flash cache emptied: 4045870 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 15533219 bytes
%systemroot%\System32 .tmp files removed: 99840 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1034769 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 13511254 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 76290 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 207,00 mb


OTM by OldTimer - Version 3.1.12.2 log created on 06272010_170514

Files moved on Reboot...
H:\Documents and Settings\Vibert\Local Settings\Temp\IadHide5.dll moved successfully.
H:\Documents and Settings\Vibert\Local Settings\Temporary Internet Files\Content.IE5\WTRHA0HY\;var9=0;var10=0;var11=;var14=;;sz=728x90,468x60;u=id=ZPNpG-w91wDgpAPYF28bFA_2=2_3=30350_21=4_22=2_23=1_24=1_25=0_26=30183_8=0_9=0_10=0__;ord=2509701474429938[1].htm moved successfully.
H:\Documents and Settings\Vibert\Local Settings\Temporary Internet Files\Content.IE5\WTRHA0HY\ads[1].htm moved successfully.
H:\Documents and Settings\Vibert\Local Settings\Temporary Internet Files\Content.IE5\WTRHA0HY\sujet[3].htm moved successfully.
H:\Documents and Settings\Vibert\Local Settings\Temporary Internet Files\Content.IE5\MHO3ME2K\ads[1].htm moved successfully.
H:\Documents and Settings\Vibert\Local Settings\Temporary Internet Files\Content.IE5\AOWY7EL2\ads[1].htm moved successfully.
File H:\Documents and Settings\Vibert\Local Settings\Temporary Internet Files\Content.IE5\AOWY7EL2\inbox[2].html not found!
H:\Documents and Settings\Vibert\Local Settings\Temporary Internet Files\Content.IE5\ABDB0LVG\ads[1].htm moved successfully.
H:\Documents and Settings\Vibert\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

Registry entries deleted on Reboot...

-----------------------

L'ordinateur a redémarrer sans soucis et il ne rame plus du tout!!!

Dis-moi juste si tout est ok

Merci

@+

Publicité
coceane007
 Posté le 27/06/2010 à 20:03 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvelle astucienne

voici le rapport de RSIT :

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:03:41, on 27/06/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\SYSTEM32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\SYSTEM32\Ati2evxx.exe
H:\WINDOWS\system32\spoolsv.exe
H:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
H:\Program Files\Java\jre6\bin\jqs.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdiserv.exe
H:\WINDOWS\system32\lxdicoms.exe
H:\Program Files\CyberLink\Shared Files\RichVideo.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\System32\vssvc.exe
H:\WINDOWS\system32\SearchIndexer.exe
H:\WINDOWS\System32\wbem\wmiapsrv.exe
H:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
H:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
H:\Program Files\Nero\Nero 7\InCD\InCD.exe
H:\Program Files\Orange\Systray\SystrayApp.exe
H:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
H:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
H:\Program Files\HP\HP Software Update\HPWuSchd2.exe
H:\Program Files\HP\hpcoretech\hpcmpmgr.exe
H:\WINDOWS\system32\hphmon06.exe
H:\WINDOWS\system32\rundll32.exe
H:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
H:\WINDOWS\Mixer.exe
H:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
H:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
H:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
H:\Program Files\Multimedia Combo Set Driver\PS2USBKbdDrv.exe
H:\Program Files\Multimedia Combo Set Driver\MouseDrv.exe
H:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\WiFi Station pour Livebox\WiFiStationLB.exe
H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
H:\WINDOWS\system32\HPZipm12.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\trend micro\Vibert.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - H:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - H:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - H:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - H:\Documents and Settings\Vibert\Bureau\getflash.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Adobe Photo Downloader] "H:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] "H:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [SecurDisc] "H:\Program Files\Nero\Nero 7\InCD\NBHGui.exe"
O4 - HKLM\..\Run: [InCD] "H:\Program Files\Nero\Nero 7\InCD\InCD.exe"
O4 - HKLM\..\Run: [WireLessMouse] H:\Program Files\Multimedia Combo Set Driver\StartAutorun.exe MouseDrv.exe
O4 - HKLM\..\Run: [WireLessKeyboard] H:\Program Files\Multimedia Combo Set Driver\StartAutorun.exe PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "H:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] H:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [FaxCenterServer] "H:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] H:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [Flashget] H:\Documents and Settings\Vibert\Bureau\FlashGet.exe /min
O4 - HKLM\..\Run: [HPHUPD06] H:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Software Update] "H:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "H:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] H:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [lxdimon.exe] "H:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
O4 - HKLM\..\Run: [lxdiamon] "H:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [StartCCC] "H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [TkBellExe] "H:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RemoteControl] "H:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "H:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKCU\..\Run: [MsnMsgr] "H:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] H:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [OM_Monitor] H:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [swg] "H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: WiFi Station pour Livebox.lnk = H:\Program Files\WiFi Station pour Livebox\WiFiStationLB.exe
O8 - Extra context menu item: &Tout télécharger avec FlashGet - H:\Documents and Settings\Vibert\Bureau\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - H:\Documents and Settings\Vibert\Bureau\jc_link.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://H:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - H:\Documents and Settings\Vibert\Bureau\FlashGet.exe (file missing)
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - H:\Documents and Settings\Vibert\Bureau\FlashGet.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {195B4BBF-E1E4-4020-9773-0A8C6F65EA35} (CPlayFirstCookingDasControl Object) - http://jeuxenligne.orange.fr/orange2.0/games/channel--110167437/lc--fr/room--9162541b-57c7-4817-89cd-6c43e05d7c70/online/cooking_dash/fr/cookingdashweb.1.0.0.9.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1203533282156
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1203615507171
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://jeuxenligne.orange.fr/GameShell/online/fr/luxor/mjolauncher.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - H:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - H:\WINDOWS\System32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - H:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Boonty Games - Unknown owner - H:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - H:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - H:\WINDOWS\system32\services.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - Unknown owner - H:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - H:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - H:\WINDOWS\System32\imapi.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - H:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - H:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - H:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - H:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
O23 - Service: lxdi_device - - H:\WINDOWS\system32\lxdicoms.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - H:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: NBService - Nero AG - H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - H:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - H:\WINDOWS\system32\services.exe
O23 - Service: Pml Driver HPZ12 - HP - H:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - H:\WINDOWS\system32\sessmgr.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - H:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - H:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - H:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - H:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - H:\WINDOWS\System32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - H:\Program Files\Windows Media Player\WMPNetwk.exe

--
End of file - 14601 bytes

nardino
 Posté le 27/06/2010 à 21:01 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

Bonsoir

Tout est OK.

Confirme le moi avant de désinstaller les outils.

@+



Modifié par nardino le 27/06/2010 21:03
coceane007
 Posté le 27/06/2010 à 22:02 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvelle astucienne

bonsoir,

tout fonctionne impecablement, je te remercie beaucoup, je n'ai plus aucun soucis au démarrage et l'ordinateur ne rame plus.

Merci encore du temps que tu m'as consacré. {#}

@ +

nardino
 Posté le 27/06/2010 à 22:55 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

Bonsoir,

**Suppression OTM**
Tu lances OTM et tu cliques sur le bouton CleanUp.

** Nettoyage quarantaine de MalwaresBytes**
Tu vas dans l'onglet quarantaine et tu vides celle-ci de tout son contenu.

**Création d'un point sain de restauration système**
Désactive la restauration système comme indiqué sur ce lien :
https://forum.pcastuces.com/desactiver_la_restauration_systeme-f31s7.htm
Et réactive-la pour recréer automatiquement un point sain de toute infection.

**Informations**
Passe la question en résolu.

Clique sur les liens dans ma signature et lis les articles.
Fais-les connaitre autour de toi.
De même que PCAstuces.
@+

coceane007
 Posté le 28/06/2010 à 10:12 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvelle astucienne

Je te remercie encore une fois, je fais passer autour de moi t'inquiète {#}

@ +

Page : [1] 
Page 1 sur 1

Vous devez être connecté pour participer à la discussion.
Cliquez ici pour vous identifier.

Vous n'avez pas de compte ? Créez-en un gratuitement !
Recevoir PC Astuces par e-mail


La Lettre quotidienne +226 000 inscrits
Avec l'actu, des logiciels, des applis, des astuces, des bons plans, ...

Les bonnes affaires
Une fois par semaine, un récap des meilleurs offres.

Les fonds d'écran
De jolies photos pour personnaliser votre bureau. Une fois par semaine.

Les nouveaux Bons Plans
Des notifications pour ne pas rater les bons plans publiés sur le site.

Les bons plans du moment PC Astuces

Tous les Bons Plans
97,99 €SSD externe portable USB 3.1 Crucial X6 1 To à 97,99 €
Valable jusqu'au 03 Août

Amazon fait une promotion sur le SSD externe Crucial CT1000X6SSD9 1 To qui passe à 97,99 € livré gratuitement au lieu de 130 €. Ce SSD externe portable offre des vitesses jusqu'à 540 Mo/s. Il se branche sur un port USB C ou A (adapteur fourni). Il est compatible PC, Mac, PS4, Xbox One, Android.


> Voir l'offre
214,13 €Ecran PC LED 28 pouces Samsung U28E590D (4K UHD, 1 ms, Freesync) à 214,13 € livré
Valable jusqu'au 03 Août

Amazon Allemagne fait une promotion sur l'écran PC LED 28 pouces Samsung U28E590D qui passe à 200,68 € (avec la TVA ajustée). Comptez 13,45 € pour la livraison en France, soit un total de 214,13 € livré alors qu'on le trouve ailleurs à partir de 250 €. Cet écran au format 16/9 offre une dalle 4K (résolution 3840x2160) avec un temps de réponse de 1 ms. Il est compatible FreeSync. Une bonne affaire ! 

Vous pouvez utiliser votre compte Amazon France sur Amazon Allemagne et il n'y a pas de douane. Si vous êtes perdu en allemand, vous pouvez traduire le site en anglais.


> Voir l'offre
37,78 € livréeCarte mémoire SDXC UHS-I U3 SanDisk Extreme 256 Go (150 Mo/s) à 37,78 € livrée
Valable jusqu'au 05 Août

Amazon Allemagne fait une promotion sur la carte mémoire SDXC UHS-I U3 SanDisk Extreme 256 Go qui passe à 33,28 €. Comptez 4,50 € pour la livraison en France soit un total de 37,78 € livrée. Cette carte mémoire offre des vitesses jusqu'à 150 Mo/s et est idéale pour les caméras et appareils photo HD. On la trouve ailleurs à partir de 55 €.

Vous pouvez utiliser votre compte Amazon France sur Amazon Allemagne et il n'y a pas de douane. Si vous êtes perdu en allemand, vous pouvez traduire le site en anglais.


> Voir l'offre

Sujets relatifs
Windows ne trouve pas : C/Documents
windows ne trouve pas document
windows ne trouve pas ..c:programmes files exe..
windows ne trouve pas RIUOM.EXE
windows ne trouve pas RIUOM.EXE
windows ne trouve pas le fichier win-fixed.exe
windows ne trouve pas le fichier win-fixed.exe
windows ne trouve pas mqtgsvc.exe + gros pb virus
Pb avec IE7 Windows ne trouve pas '(null)'
Windows ne trouve pas CSVVHSOT.EXE ?!
Plus de sujets relatifs à Windows ne trouve pas...
 > Tous les forums > Forum Sécurité