mahii

En fait il se nomme InsydeH20 Setup utility mais je sais pas pourquoi il démarre. J'ai vérifier mon disque dure il ne semble pas avoir de problème.

Bonjour, mon portable démarre 1 fois sur 2 en mode Bios et je ne sais pas pouquoi. J'ai fait un malwarebytes et je ne suis pas infecter. Mon ordi se ferme normalement! Pouvez-vous m'aider?? J'utilise windows 7. Merci d'avance pour vos réponses.

Oui tout est ok!!!! Merci pour ton aide!!!!

Logfile of random's system information tool 1.06 (written by random/random) Run by Administrateur at 2010-01-17 20:21:57 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 22 GB (59%) free of 38 GB Total RAM: 1279 MB (46% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:22:23, on 2010-01-17 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\System32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\Program Files\BellCanada\McciTrayApp.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe C:\Program Files\Nero\Nero 7\InCD\InCD.exe C:\Program Files\lg_fwupdate\fwupdate.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Fichiers communs\Pure Networks Shared\Platform\nmctxth.exe C:\Program Files\Pure Networks\Network Magic\nmapp.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\AGI\common\win32\PythonService.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe C:\Program Files\Common Files\Motive\McciCMService.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\TUProgSt.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Fichiers communs\Pure Networks Shared\Platform\nmsrvc.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Documents and Settings\Administrateur\Bureau\RSIT.exe C:\Program Files\trend micro\Administrateur.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ca.msn.com/defaultf.aspx R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = C:\Program Files\Copernic 2000 Plus\Search Bar.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - (no file) O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [bellCanada_McciTrayApp] C:\Program Files\BellCanada\McciTrayApp.exe O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [securDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Fichiers communs\Pure Networks Shared\Platform\nmctxth.exe" O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Logitech . Enregistrement du produit.lnk = C:\Program Files\Fichiers communs\Logishrd\eReg\SetPoint\eReg.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Chercher avec Copernic - file://C:\Program Files\Copernic 2000 Plus\Search Extension.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {2A465934-E5F0-11D2-91B5-00104B9C4765} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Lancer Copernic - {2A465934-E5F0-11D2-91B5-00104B9C4765} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Copernic - {2A465936-E5F0-11D2-91B5-00104B9C4765} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll O15 - Trusted Zone: http://www.pogo.com O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: High Stakes Pool by pogo - http://game3.pogo.com/v/9.0.1.23/applet/pool2/pool-en_US.cab O16 - DPF: Lottso by pogo - http://game3.pogo.com/v/9.0.1.7/applet/lot...ottso-en_US.cab O16 - DPF: Thousand Island Solitaire by pogo - http://game3.pogo.com/v/9.0.1.10/applet/mi...lbrae-en_US.cab O16 - DPF: Word Search Daily by pogo - http://game3.pogo.com/v/9.0.1.7/applet/wor...earch-en_US.cab O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo...sreqlab_nvd.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1208740950546 O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab O16 - DPF: {9b935470-ad4a-11d5-b63e-00c04faedb18} - O16 - DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} (DinerDash Control) - http://www.worldwinner.com/games/v50/dinerdash/dinerdash.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photo...ol/MSNPUpld.cab O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe O23 - Service: Service Google Update (gupdate1c9ff6270c083b4) (gupdate1c9ff6270c083b4) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Fichiers communs\Pure Networks Shared\Platform\nmsrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 14289 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\Google Software Updater.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\User_Feed_Synchronization-{0A4F36C1-5DDF-446E-A6B2-D244BDFC27BB}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] &Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2009-07-30 909040] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-02 263280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-14 764912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Barre d'outils - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2009-07-30 909040] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "smapp"=C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2003-01-31 98304] "BellCanada_McciTrayApp"=C:\Program Files\BellCanada\McciTrayApp.exe [2008-12-07 1471488] "Kernel and Hardware Abstraction Layer"=KHALMNPR.EXE [] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-03 86016] "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-01 153136] "SecurDisc"=C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [2007-11-26 1629480] "InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2007-11-26 1057064] "LGODDFU"=C:\Program Files\lg_fwupdate\fwupdate.exe [2009-12-16 557056] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "nmctxth"=C:\Program Files\Fichiers communs\Pure Networks Shared\Platform\nmctxth.exe [2009-07-07 647216] "nmapp"=C:\Program Files\Pure Networks\Network Magic\nmapp.exe [2009-07-08 472112] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-07 39408] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage Logitech . Enregistrement du produit.lnk - C:\Program Files\Fichiers communs\Logishrd\eReg\SetPoint\eReg.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\System32\igfxsrvc.dll [2004-09-30 344064] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn] c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll [2009-07-20 72208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\System32\WgaLogon.dll [2009-03-10 265088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\INTERAL\IMC\5.0.2.51026\INTERAL.exe"="C:\Program Files\INTERAL\IMC\5.0.2.51026\INTERAL.exe:*:Enabled:INTERAL Management Console Application" "C:\Program Files\Netscape\Communicator\Program\netscape.exe"="C:\Program Files\Netscape\Communicator\Program\netscape.exe:*:Enabled:Netscape Navigator" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Sony\Media Manager for WALKMAN\MediaManager.exe"="C:\Program Files\Sony\Media Manager for WALKMAN\MediaManager.exe:*:Enabled:Media Manager for WALKMAN 1.2" "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Disabled:Bonjour" "C:\Program Files\LANSchool\Teacher.exe"="C:\Program Files\LANSchool\Teacher.exe:*:Disabled:LanSchool Teacher" "C:\WINDOWS\LMI1A.tmp\lmi_rescue.exe"="C:\WINDOWS\LMI1A.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue" "C:\Program Files\Fichiers communs\Pure Networks Shared\Platform\nmsrvc.exe"="C:\Program Files\Fichiers communs\Pure Networks Shared\Platform\nmsrvc.exe:LocalSubNet,0.0.0.0/255.255.255.255:Enabled:Pure Networks Platform Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\LANSchool\Teacher.exe"="C:\Program Files\LANSchool\Teacher.exe:*:Enabled:LanSchool Teacher" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" ======List of files/folders created in the last 1 months====== 2010-01-17 03:09:34 ----A---- C:\ComboFix.txt 2010-01-16 19:29:57 ----D---- C:\WINDOWS\temp 2010-01-14 20:17:46 ----A---- C:\Boot.bak 2010-01-14 20:17:35 ----RASHD---- C:\cmdcons 2010-01-14 20:15:01 ----A---- C:\WINDOWS\zip.exe 2010-01-14 20:15:01 ----A---- C:\WINDOWS\SWXCACLS.exe 2010-01-14 20:15:01 ----A---- C:\WINDOWS\SWSC.exe 2010-01-14 20:15:01 ----A---- C:\WINDOWS\SWREG.exe 2010-01-14 20:15:01 ----A---- C:\WINDOWS\sed.exe 2010-01-14 20:15:01 ----A---- C:\WINDOWS\PEV.exe 2010-01-14 20:15:01 ----A---- C:\WINDOWS\NIRCMD.exe 2010-01-14 20:15:01 ----A---- C:\WINDOWS\MBR.exe 2010-01-14 20:15:01 ----A---- C:\WINDOWS\grep.exe 2010-01-14 20:14:49 ----D---- C:\WINDOWS\ERDNT 2010-01-14 20:14:39 ----D---- C:\Qoobox 2010-01-13 16:27:16 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$ 2010-01-13 16:15:20 ----D---- C:\Program Files\Pure Networks 2010-01-13 16:14:32 ----D---- C:\Program Files\WebEx 2010-01-13 16:13:35 ----D---- C:\Program Files\Fichiers communs\Pure Networks Shared 2010-01-13 16:12:54 ----D---- C:\Documents and Settings\All Users\Application Data\Pure Networks 2010-01-11 17:12:47 ----D---- C:\Documents and Settings\All Users\Application Data\FarmFrenzy3_America 2010-01-10 16:03:42 ----D---- C:\Documents and Settings\Administrateur\Application Data\iMaxGen 2010-01-07 20:35:02 ----D---- C:\Documents and Settings\Administrateur\Application Data\Leadertech 2010-01-07 20:34:51 ----D---- C:\Documents and Settings\All Users\Application Data\LogiShrd 2010-01-07 20:33:51 ----A---- C:\WINDOWS\imsins.BAK 2010-01-07 20:33:46 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$ 2010-01-07 20:32:18 ----A---- C:\WINDOWS\system32\BtCoreIf.dll 2010-01-07 20:31:40 ----D---- C:\Documents and Settings\All Users\Application Data\Logitech 2010-01-07 20:31:29 ----D---- C:\Program Files\Fichiers communs\Logishrd 2010-01-06 16:04:50 ----D---- C:\Program Files\Spybot - Search & Destroy 2010-01-06 15:48:38 ----D---- C:\Documents and Settings\All Users\Application Data\LightScribe 2010-01-05 23:13:44 ----D---- C:\Documents and Settings\All Users\Application Data\EscapeTheMuseum2 2010-01-04 17:31:25 ----A---- C:\TB.txt 2010-01-04 17:30:35 ----D---- C:\ToolBar SD 2009-12-26 22:13:16 ----D---- C:\Documents and Settings\Administrateur\Application Data\Pogo Games 2009-12-26 21:37:46 ----D---- C:\Program Files\Avira 2009-12-26 21:37:46 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2009-12-26 21:26:58 ----D---- C:\Program Files\trend micro 2009-12-26 18:22:03 ----D---- C:\WINDOWS\pss 2009-12-22 21:49:53 ----D---- C:\rsit 2009-12-21 17:58:41 ----D---- C:\SOPHTEMP 2009-12-19 22:00:36 ----A---- C:\FindyKill.txt 2009-12-19 17:32:46 ----D---- C:\FindyKill 2009-12-19 16:41:19 ----D---- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes 2009-12-19 16:41:11 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-12-19 16:41:11 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-12-19 01:24:42 ----A---- C:\WINDOWS\SchedLgU.Txt ======List of files/folders modified in the last 1 months====== 2010-01-17 20:22:05 ----D---- C:\WINDOWS\Prefetch 2010-01-17 14:52:10 ----SD---- C:\WINDOWS\Tasks 2010-01-17 11:04:47 ----D---- C:\WINDOWS\system32\CatRoot2 2010-01-17 11:03:37 ----A---- C:\WINDOWS\lgfwup.ini 2010-01-17 11:03:34 ----D---- C:\Program Files\lg_fwupdate 2010-01-17 03:09:37 ----D---- C:\WINDOWS\system32\drivers 2010-01-17 02:54:26 ----D---- C:\WINDOWS 2010-01-17 02:54:26 ----A---- C:\WINDOWS\system.ini 2010-01-16 19:29:34 ----RD---- C:\Program Files 2010-01-16 19:26:09 ----D---- C:\WINDOWS\system32 2010-01-16 19:26:09 ----D---- C:\WINDOWS\AppPatch 2010-01-16 19:26:02 ----D---- C:\Program Files\Fichiers communs 2010-01-14 20:28:09 ----D---- C:\WINDOWS\system32\config 2010-01-14 20:26:42 ----SD---- C:\WINDOWS\Downloaded Program Files 2010-01-14 20:17:46 ----RASH---- C:\boot.ini 2010-01-14 20:15:00 ----SHD---- C:\System Volume Information 2010-01-14 20:15:00 ----D---- C:\WINDOWS\system32\Restore 2010-01-14 19:50:58 ----D---- C:\Program Files\Common Files 2010-01-13 16:27:35 ----HD---- C:\WINDOWS\inf 2010-01-13 16:27:20 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-01-13 16:26:37 ----HD---- C:\WINDOWS\$hf_mig$ 2010-01-13 16:17:39 ----D---- C:\WINDOWS\Debug 2010-01-13 16:15:36 ----SHD---- C:\WINDOWS\Installer 2010-01-13 16:15:35 ----D---- C:\Config.Msi 2010-01-13 16:14:01 ----DC---- C:\WINDOWS\system32\DRVSTORE 2010-01-10 18:52:55 ----D---- C:\WINDOWS\network diagnostic 2010-01-10 16:02:38 ----D---- C:\Program Files\WildGames 2010-01-08 23:29:55 ----D---- C:\Documents and Settings\All Users\Application Data\WildTangent 2010-01-07 20:34:49 ----D---- C:\WINDOWS\WinSxS 2010-01-07 20:32:13 ----D---- C:\Program Files\Fichiers communs\Logitech 2010-01-07 20:31:36 ----HD---- C:\Program Files\InstallShield Installation Information 2010-01-07 00:57:57 ----D---- C:\Documents and Settings\All Users\Application Data\MumboJumbo 2010-01-06 21:24:53 ----D---- C:\Documents and Settings\Administrateur\Application Data\Friday's games 2010-01-06 19:39:25 ----D---- C:\WINDOWS\Help 2010-01-06 17:36:21 ----D---- C:\Documents and Settings\Administrateur\Application Data\U3 2010-01-06 17:01:22 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2010-01-05 22:27:05 ----D---- C:\Documents and Settings\Administrateur\Application Data\PlayFirst 2010-01-04 19:17:46 ----A---- C:\WINDOWS\system32\MRT.exe 2009-12-27 18:04:56 ----D---- C:\Documents and Settings\Administrateur\Application Data\LimeWire 2009-12-27 15:17:35 ----HD---- C:\WINDOWS\PIF 2009-12-27 15:08:59 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$ 2009-12-26 22:21:29 ----D---- C:\Documents and Settings\Administrateur\Application Data\ZoomBrowser EX 2009-12-26 22:17:39 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2009-12-26 21:16:58 ----D---- C:\Program Files\WinRAR 2009-12-26 20:02:09 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe 2009-12-26 19:58:09 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip 2009-12-26 19:57:00 ----SD---- C:\Documents and Settings\Administrateur\Application Data\Microsoft 2009-12-26 19:56:55 ----D---- C:\Documents and Settings\All Users\Application Data\avg9 2009-12-26 19:56:21 ----D---- C:\Documents and Settings 2009-12-26 19:51:33 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software 2009-12-26 18:24:20 ----A---- C:\WINDOWS\win.ini 2009-12-19 22:05:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-12-19 16:57:00 ----SHD---- C:\WINDOWS\CSC 2009-12-19 13:54:46 ----D---- C:\Program Files\Google 2009-12-19 00:40:18 ----D---- C:\WINDOWS\Minidump 2009-12-18 18:27:09 ----D---- C:\Documents and Settings\All Users\Application Data\Kodak ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 BANTExt;Belarc SMBios Access; C:\WINDOWS\System32\Drivers\BANTExt.sys [2003-03-06 3840] R1 DcCam;Kodak Camera Proxy; C:\WINDOWS\system32\DRIVERS\DcCam.sys [2005-06-16 37150] R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2007-11-26 36776] R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2007-11-26 38440] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032] R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2002-08-14 17005] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-11-25 56816] R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS [] R2 DCFS2K;Kodak DCFS2K Driver; C:\WINDOWS\system32\drivers\dcfs2k.sys [2005-03-31 38673] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752] R2 LBeepKE;LBeepKE; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2006-09-01 3712] R2 pnarp;Pure Networks Device Discovery Driver; C:\WINDOWS\system32\DRIVERS\pnarp.sys [2009-07-07 25392] R2 purendis;Pure Networks Wireless Driver; C:\WINDOWS\system32\DRIVERS\purendis.sys [2009-07-07 26672] R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-03-13 100224] R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2003-11-21 113152] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2009-06-17 20240] R3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2009-06-17 63248] R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2009-06-17 35472] R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2009-06-17 37392] R3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2009-06-17 79248] R3 lsmirror;lsmirror; C:\WINDOWS\system32\DRIVERS\lsmirror.sys [2005-11-28 5632] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-03 6554496] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-03-19 542976] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000] R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2007-11-26 118952] S1 Exportit;Exportit; C:\WINDOWS\system32\DRIVERS\exportit.sys [2005-03-31 152081] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 DcFpoint;DcFpoint; C:\WINDOWS\system32\DRIVERS\DcFpoint.sys [2005-03-31 61564] S3 DcLps;Legacy Polling Service; C:\WINDOWS\system32\DRIVERS\DcLps.sys [2005-03-31 8022] S3 DcPTP;dcptp; C:\WINDOWS\system32\DRIVERS\DcPTP.sys [2005-03-31 70262] S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [] S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-09-30 752093] S3 LHidKe;SetPoint HID Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidKE.Sys [2006-07-19 27136] S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [] S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [] S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [] S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [] S3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AGWinService;AG Windows Service; C:\Program Files\AGI\common\win32\PythonService.exe [2008-09-24 10240] R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2007-01-31 96370] R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2008-07-21 54784] R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-11-26 1554728] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2007-12-05 79136] R2 LogWatch;Event Log Watch; C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe [2002-09-20 53248] R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2008-01-31 303104] R2 nmservice;Pure Networks Platform Service; C:\Program Files\Fichiers communs\Pure Networks Shared\Platform\nmsrvc.exe [2009-07-07 647216] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056] R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-11-27 604488] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392] S2 gupdate1c9ff6270c083b4;Service Google Update (gupdate1c9ff6270c083b4); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-07 133104] S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-07 190448] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 CA_LIC_CLNT;Client de licence CA; C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe [2002-09-20 77824] S3 CA_LIC_SRVR;Serveur de licence CA; C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe [2002-09-20 77824] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 GameConsoleService;GameConsoleService; C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe [2010-01-04 238328] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 KodakCCS;Kodak Camera Connection Software; C:\WINDOWS\system32\drivers\KodakCCS.exe [2005-03-30 411920] S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe [2009-07-20 121360] S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-09-17 800040] S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 SerialKeys;SerialKeys; C:\WINDOWS\system32\skeys.exe [2008-04-13 26112] S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-12-26 361288] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------

ComboFix 10-01-16.02 - Administrateur 2010-01-16 19:20:29.2.1 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.2.1036.18.1279.743 [GMT -5:00] Lancé depuis: c:\documents and settings\Administrateur\Bureau\ComboFix.exe Commutateurs utilisés :: c:\documents and settings\Administrateur\Bureau\CFscript.txt AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} FILE :: "C:\dror.exe" . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Administrateur\Local Settings\Application Data\ccsfho c:\documents and settings\Administrateur\Local Settings\Application Data\qbeege C:\dror.exe c:\program files\Kiwee Toolbar c:\program files\Kiwee Toolbar\2.8.167\AGTBCore.dll c:\program files\Kiwee Toolbar\2.8.167\AolIMToolbar.dll c:\program files\Kiwee Toolbar\2.8.167\firefox\chrome.manifest c:\program files\Kiwee Toolbar\2.8.167\firefox\chrome\kiweetoolbar.jar c:\program files\Kiwee Toolbar\2.8.167\firefox\components\AGCore.js c:\program files\Kiwee Toolbar\2.8.167\firefox\components\AGCore.xpt c:\program files\Kiwee Toolbar\2.8.167\firefox\components\KiweeSearchHistory.js c:\program files\Kiwee Toolbar\2.8.167\firefox\components\SearchProtection.js c:\program files\Kiwee Toolbar\2.8.167\firefox\components\SearchProtection.xpt c:\program files\Kiwee Toolbar\2.8.167\firefox\defaults\preferences\defaults.js c:\program files\Kiwee Toolbar\2.8.167\firefox\firefox.xpi c:\program files\Kiwee Toolbar\2.8.167\firefox\install.rdf c:\program files\Kiwee Toolbar\2.8.167\firefox\META-INF\manifest.mf c:\program files\Kiwee Toolbar\2.8.167\firefox\META-INF\zigbert.rsa c:\program files\Kiwee Toolbar\2.8.167\firefox\META-INF\zigbert.sf c:\program files\Kiwee Toolbar\2.8.167\FlashCOM.dll c:\program files\Kiwee Toolbar\2.8.167\KiweeCommonCtrls.dll c:\program files\Kiwee Toolbar\2.8.167\KiweeContentHost.dll c:\program files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll c:\program files\Kiwee Toolbar\2.8.167\KiweeIMToolbar.dll c:\program files\Kiwee Toolbar\2.8.167\KiweeTBCore.dll c:\program files\Kiwee Toolbar\2.8.167\KiweeTBCore.tlb c:\program files\Kiwee Toolbar\2.8.167\kiweetoolbar.zip c:\program files\Kiwee Toolbar\2.8.167\kwtbaim.exe c:\program files\Kiwee Toolbar\2.8.167\mfc80u.dll c:\program files\Kiwee Toolbar\2.8.167\Microsoft.VC80.CRT.manifest c:\program files\Kiwee Toolbar\2.8.167\Microsoft.VC80.MFC.manifest c:\program files\Kiwee Toolbar\2.8.167\msimg32.dll c:\program files\Kiwee Toolbar\2.8.167\MsnIMToolbar.dll c:\program files\Kiwee Toolbar\2.8.167\msvcp80.dll c:\program files\Kiwee Toolbar\2.8.167\msvcr80.dll c:\program files\Kiwee Toolbar\2.8.167\RemoteLib.dll c:\program files\Kiwee Toolbar\2.8.167\Riched20.dll c:\program files\Kiwee Toolbar\2.9.201\AGTBCore.dll c:\program files\Kiwee Toolbar\2.9.201\AolIMToolbar.dll c:\program files\Kiwee Toolbar\2.9.201\firefox\chrome.manifest c:\program files\Kiwee Toolbar\2.9.201\firefox\chrome\kiweetoolbar.jar c:\program files\Kiwee Toolbar\2.9.201\firefox\components\AGCore.js c:\program files\Kiwee Toolbar\2.9.201\firefox\components\AGCore.xpt c:\program files\Kiwee Toolbar\2.9.201\firefox\components\KiweeSearchHistory.js c:\program files\Kiwee Toolbar\2.9.201\firefox\components\SearchProtection.js c:\program files\Kiwee Toolbar\2.9.201\firefox\components\SearchProtection.xpt c:\program files\Kiwee Toolbar\2.9.201\firefox\defaults\preferences\defaults.js c:\program files\Kiwee Toolbar\2.9.201\firefox\firefox.xpi c:\program files\Kiwee Toolbar\2.9.201\firefox\install.rdf c:\program files\Kiwee Toolbar\2.9.201\firefox\META-INF\manifest.mf c:\program files\Kiwee Toolbar\2.9.201\firefox\META-INF\zigbert.rsa c:\program files\Kiwee Toolbar\2.9.201\firefox\META-INF\zigbert.sf c:\program files\Kiwee Toolbar\2.9.201\FlashCOM.dll c:\program files\Kiwee Toolbar\2.9.201\KiweeCommonCtrls.dll c:\program files\Kiwee Toolbar\2.9.201\KiweeContentHost.dll c:\program files\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll c:\program files\Kiwee Toolbar\2.9.201\KiweeIMToolbar.dll c:\program files\Kiwee Toolbar\2.9.201\KiweeTBCore.dll c:\program files\Kiwee Toolbar\2.9.201\KiweeTBCore.tlb c:\program files\Kiwee Toolbar\2.9.201\kiweetoolbar.zip c:\program files\Kiwee Toolbar\2.9.201\kwtbaim.exe c:\program files\Kiwee Toolbar\2.9.201\mfc80u.dll c:\program files\Kiwee Toolbar\2.9.201\Microsoft.VC80.CRT.manifest c:\program files\Kiwee Toolbar\2.9.201\Microsoft.VC80.MFC.manifest c:\program files\Kiwee Toolbar\2.9.201\msimg32.dll c:\program files\Kiwee Toolbar\2.9.201\MsnIMToolbar.dll c:\program files\Kiwee Toolbar\2.9.201\msvcp80.dll c:\program files\Kiwee Toolbar\2.9.201\msvcr80.dll c:\program files\Kiwee Toolbar\2.9.201\RemoteLib.dll c:\program files\Kiwee Toolbar\2.9.201\Riched20.dll . ((((((((((((((((((((((((((((( Fichiers créés du 2009-12-17 au 2010-01-17 )))))))))))))))))))))))))))))))))))) . 2010-01-13 21:15 . 2010-01-13 21:15 -------- d-----w- c:\program files\Pure Networks 2010-01-13 21:14 . 2010-01-13 21:14 -------- d-----w- c:\program files\WebEx 2010-01-13 21:14 . 2009-07-07 19:48 25392 ----a-w- c:\windows\system32\drivers\pnarp.sys 2010-01-13 21:13 . 2009-07-07 19:48 26672 ----a-w- c:\windows\system32\drivers\purendis.sys 2010-01-13 21:13 . 2010-01-13 21:13 -------- d-----w- c:\program files\Fichiers communs\Pure Networks Shared 2010-01-13 21:12 . 2010-01-13 21:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Pure Networks 2010-01-11 22:12 . 2010-01-11 22:48 -------- d-----w- c:\documents and settings\All Users\Application Data\FarmFrenzy3_America 2010-01-10 21:03 . 2010-01-10 21:03 -------- d-----w- c:\documents and settings\Administrateur\Application Data\iMaxGen 2010-01-08 01:35 . 2010-01-08 01:35 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Leadertech 2010-01-08 01:34 . 2010-01-08 01:37 -------- d-----w- c:\documents and settings\All Users\Application Data\LogiShrd 2010-01-08 01:32 . 2009-07-20 17:25 301656 ----a-w- c:\windows\system32\BtCoreIf.dll 2010-01-08 01:31 . 2010-01-08 01:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Logitech 2010-01-08 01:31 . 2010-01-08 01:35 -------- d-----w- c:\program files\Fichiers communs\Logishrd 2010-01-06 21:04 . 2010-01-06 21:51 -------- d-----w- c:\program files\Spybot - Search & Destroy 2010-01-06 20:48 . 2010-01-06 20:48 -------- d-----w- c:\documents and settings\All Users\Application Data\LightScribe 2010-01-06 04:13 . 2010-01-06 04:13 -------- d-----w- c:\documents and settings\All Users\Application Data\EscapeTheMuseum2 2010-01-05 01:49 . 2010-01-05 01:49 -------- d-----r- c:\documents and settings\LocalService\Favoris 2010-01-04 22:30 . 2010-01-06 22:54 -------- d-----w- C:\ToolBar SD 2009-12-27 04:40 . 2009-12-27 04:42 -------- d-----r- c:\documents and settings\LocalService\Mes documents 2009-12-27 03:13 . 2009-12-27 03:13 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Pogo Games 2009-12-27 02:37 . 2009-11-25 16:19 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2009-12-27 02:37 . 2009-03-30 14:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys 2009-12-27 02:37 . 2009-02-13 16:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2009-12-27 02:37 . 2009-02-13 16:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2009-12-27 02:37 . 2010-01-07 22:36 -------- d-----w- c:\program files\Avira 2009-12-27 02:37 . 2009-12-27 02:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2009-12-27 02:26 . 2010-01-13 00:41 -------- d-----w- c:\program files\trend micro 2009-12-23 02:49 . 2009-12-27 02:27 -------- d-----w- C:\rsit 2009-12-21 22:58 . 2009-12-21 22:58 -------- d-----w- C:\SOPHTEMP 2009-12-19 22:32 . 2009-12-20 03:46 -------- d-----w- C:\FindyKill 2009-12-19 21:41 . 2009-12-19 21:41 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Malwarebytes 2009-12-19 21:41 . 2009-12-30 19:54 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-19 21:41 . 2009-12-30 19:55 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-19 21:41 . 2010-01-06 22:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-12-19 21:41 . 2009-12-19 21:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-12-19 04:36 . 2009-12-19 04:36 552 ----a-w- c:\windows\system32\d3d8caps.dat 2009-12-18 22:42 . 2009-12-18 22:43 664 ----a-w- c:\windows\system32\d3d9caps.dat . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-17 07:54 . 2009-12-17 01:36 -------- d-----w- c:\program files\lg_fwupdate 2010-01-15 00:50 . 2006-12-21 15:52 -------- d-----w- c:\program files\Common Files 2010-01-13 21:17 . 2008-04-11 21:40 38168 -c--a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-01-13 21:14 . 2010-01-13 21:14 8892928 ----a-w- c:\documents and settings\All Users\Application Data\atscie.msi 2010-01-10 21:02 . 2009-07-14 03:15 -------- d-----w- c:\program files\WildGames 2010-01-09 04:29 . 2009-07-14 03:15 -------- d-----w- c:\documents and settings\All Users\Application Data\WildTangent 2010-01-08 01:34 . 2010-01-08 01:34 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf 2010-01-08 01:33 . 2010-01-08 01:33 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf 2010-01-08 01:33 . 2010-01-08 01:33 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 2010-01-08 01:32 . 2009-08-27 20:33 -------- d-----w- c:\program files\Fichiers communs\Logitech 2010-01-08 01:31 . 2005-05-17 20:14 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-01-07 05:57 . 2008-08-23 03:44 -------- d-----w- c:\documents and settings\All Users\Application Data\MumboJumbo 2010-01-07 02:24 . 2008-08-12 02:29 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Friday's games 2010-01-06 22:36 . 2008-04-04 14:19 -------- d-----w- c:\documents and settings\Administrateur\Application Data\U3 2010-01-06 22:01 . 2008-05-18 15:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2010-01-06 03:27 . 2008-05-24 01:27 -------- d-----w- c:\documents and settings\Administrateur\Application Data\PlayFirst 2009-12-27 23:04 . 2008-12-04 03:32 -------- d-----w- c:\documents and settings\Administrateur\Application Data\LimeWire 2009-12-27 03:21 . 2009-09-10 22:16 -------- d-----w- c:\documents and settings\Administrateur\Application Data\ZoomBrowser EX 2009-12-27 03:17 . 2008-04-20 21:41 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-12-27 01:02 . 2009-11-27 21:30 361288 ----a-w- c:\windows\system32\TuneUpDefragService.exe 2009-12-27 00:58 . 2009-08-27 01:55 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip 2009-12-27 00:56 . 2009-12-03 14:31 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9 2009-12-27 00:51 . 2008-05-18 15:33 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software 2009-12-20 03:05 . 2004-08-05 12:00 85688 ----a-w- c:\windows\system32\perfc00C.dat 2009-12-20 03:05 . 2004-08-05 12:00 511596 ----a-w- c:\windows\system32\perfh00C.dat 2009-12-19 18:54 . 2009-07-08 00:22 -------- d-----w- c:\program files\Google 2009-12-18 23:27 . 2008-11-02 22:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Kodak 2009-12-18 02:38 . 2009-12-18 02:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Gamers Digital 2009-12-18 02:38 . 2009-12-18 02:38 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Gamers Digital 2009-12-18 01:00 . 2009-12-18 01:00 -------- d-----w- c:\documents and settings\LocalService\Application Data\TuneUp Software 2009-12-18 00:00 . 2009-12-18 00:00 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} 2009-12-17 02:39 . 2009-12-17 02:31 -------- d-----w- c:\program files\RegSeeker 2009-12-17 01:45 . 2009-12-17 01:45 -------- d-----w- c:\program files\Lavalys 2009-12-17 01:37 . 2009-12-17 01:36 16384 ----a-w- c:\windows\system32\lgfwunis.exe 2009-12-17 01:30 . 2006-01-03 20:00 -------- d-----w- c:\program files\Fichiers communs\Ahead 2009-12-17 01:28 . 2009-12-17 01:28 -------- d-----w- c:\program files\Fichiers communs\LightScribe 2009-12-17 01:25 . 2006-01-03 20:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Ahead 2009-12-17 01:23 . 2009-12-17 01:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero 2009-12-17 01:23 . 2009-12-17 01:23 -------- d-----w- c:\program files\Nero 2009-12-17 01:05 . 2009-05-16 03:55 -------- d-----w- c:\program files\CyberLink 2009-12-17 00:41 . 2009-12-17 00:35 -------- d-----w- c:\program files\RegGenie 2009-12-16 23:20 . 2009-12-16 23:20 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Uniblue 2009-12-16 03:37 . 2009-12-16 03:37 -------- d-----w- c:\documents and settings\All Users\Application Data\rionix 2009-12-15 20:20 . 2009-12-15 20:20 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters 2009-12-13 02:32 . 2009-12-13 02:31 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Enlightenus 2009-12-13 02:11 . 2008-12-27 05:36 -------- d-----w- c:\documents and settings\All Users\Application Data\BigFishGamesCache 2009-12-12 02:38 . 2008-12-29 02:38 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Alawar 2009-12-11 03:28 . 2009-07-01 20:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Merscom 2009-12-09 02:22 . 2009-12-09 02:21 -------- d-----w- c:\documents and settings\Administrateur\Application Data\MastersOfMystery2 2009-12-08 04:15 . 2009-12-08 04:15 -------- d-----w- c:\documents and settings\Administrateur\Application Data\VampireSaga 2009-12-03 23:05 . 2009-12-03 23:05 -------- d-----w- c:\documents and settings\All Users\Application Data\SOS 2009-12-03 13:39 . 2009-08-27 19:37 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357} 2009-12-03 02:28 . 2009-11-07 02:30 -------- d-----w- c:\program files\AIDA32 - Enterprise System Information 2009-11-30 05:57 . 2009-04-13 23:53 -------- d-----w- c:\program files\Oberon Media 2009-11-28 02:56 . 2008-05-16 02:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Fugazo 2009-11-27 21:30 . 2009-11-27 21:30 604488 ----a-w- c:\windows\system32\TUProgSt.exe 2009-11-26 05:31 . 2008-09-02 20:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Alawar Stargaze 2009-11-26 05:29 . 2009-11-26 05:29 -------- d-----w- c:\documents and settings\Administrateur\Application Data\WildTangentv1002 2009-11-26 04:04 . 2009-11-26 04:04 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Ph03nixNewMedia 2009-11-26 01:11 . 2009-11-26 01:11 -------- d-----w- c:\documents and settings\Administrateur\Application Data\MA 2009-11-26 00:10 . 2009-02-04 13:28 -------- d-----w- c:\documents and settings\Administrateur\Application Data\GameInvest 2009-11-24 16:00 . 2009-11-24 16:00 -------- d-----w- c:\program files\Apple Software Update 2009-11-24 15:59 . 2009-11-24 15:58 -------- d-----w- c:\program files\QuickTime 2009-11-24 15:58 . 2008-12-02 15:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer 2009-11-21 19:51 . 2009-09-10 22:18 -------- d-----w- c:\documents and settings\Administrateur\Application Data\CameraWindowDC 2009-11-21 06:12 . 2009-10-10 18:23 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Playrix Entertainment 2009-11-20 15:35 . 2009-11-20 15:35 0 ----a-w- c:\documents and settings\Administrateur\errorlog.tmp 2009-11-19 04:57 . 2009-11-19 04:57 -------- d-----w- c:\documents and settings\Administrateur\Application Data\casanova 2009-10-29 07:42 . 2004-08-05 12:00 916480 ------w- c:\windows\system32\wininet.dll 2009-10-21 05:39 . 2004-08-05 12:00 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:39 . 2004-08-05 12:00 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20 . 2004-08-05 12:00 265728 ----a-w- c:\windows\system32\drivers\http.sys 2004-07-22 15:51 . 2004-07-22 15:51 3432656 ----a-w- c:\program files\ManagedDX.CAB 2004-07-20 03:58 . 2004-07-20 03:58 1156363 ----a-w- c:\program files\BDANT.cab 2004-07-20 03:53 . 2004-07-20 03:53 976020 ----a-w- c:\program files\BDAXP.cab 2004-07-09 19:17 . 2004-07-09 19:17 13265040 ----a-w- c:\program files\dxnt.cab 2004-07-09 14:13 . 2004-07-09 14:13 15493481 ----a-w- c:\program files\DirectX.cab 2004-07-09 14:13 . 2004-07-09 14:13 703080 ----a-w- c:\program files\BDA.cab 2004-07-09 09:08 . 2004-07-09 09:08 472576 ----a-w- c:\program files\dxsetup.exe 2004-07-09 09:08 . 2004-07-09 09:08 2242560 ----a-w- c:\program files\dsetup32.dll 2004-07-09 08:03 . 2004-07-09 08:03 62976 ----a-w- c:\program files\DSETUP.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-08 39408] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-01-31 98304] "BellCanada_McciTrayApp"="c:\program files\BellCanada\McciTrayApp.exe" [2008-12-07 1471488] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-03 13529088] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-03 86016] "NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] "SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-11-26 1629480] "InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-11-26 1057064] "LGODDFU"="c:\program files\lg_fwupdate\fwupdate.exe" [2009-12-17 557056] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "nmctxth"="c:\program files\Fichiers communs\Pure Networks Shared\Platform\nmctxth.exe" [2009-07-07 647216] "nmapp"="c:\program files\Pure Networks\Network Magic\nmapp.exe" [2009-07-08 472112] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\ Logitech . Enregistrement du produit.lnk - c:\program files\Fichiers communs\Logishrd\eReg\SetPoint\eReg.exe [2008-11-7 517384] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-8-27 813584] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2009-07-20 17:28 72208 ----a-w- c:\program files\Fichiers communs\Logitech\Bluetooth\LBTWLgn.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "updateMgr"=c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0 "CTFMON.EXE"=c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "ContentTransferWMDetector.exe"=c:\program files\Sony\Content Transfer\ContentTransferWMDetector.exe "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot "QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\INTERAL\\IMC\\5.0.2.51026\\INTERAL.exe"= "c:\\Program Files\\Netscape\\Communicator\\Program\\netscape.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Sony\\Media Manager for WALKMAN\\MediaManager.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\LANSchool\\Teacher.exe"= "c:\\WINDOWS\\LMI1A.tmp\\lmi_rescue.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "6346:TCP"= 6346:TCP:*:Disabled:Shareaza "6346:UDP"= 6346:UDP:*:Disabled:Shareaza R2 AGWinService;AG Windows Service;c:\program files\AGI\common\win32\pythonservice.exe [2008-09-24 10240] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-12-26 108289] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-03-11 54752] R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2009-08-27 3712] R2 LogWatch;Event Log Watch;c:\program files\CA\SharedComponents\CA_LIC\LogWatNT.exe [2002-09-20 53248] R3 lsmirror;lsmirror;c:\windows\system32\drivers\lsmirror.sys [2005-11-28 5632] S2 gupdate1c9ff6270c083b4;Service Google Update (gupdate1c9ff6270c083b4);c:\program files\Google\Update\GoogleUpdate.exe [2009-07-07 133104] S3 CA_LIC_CLNT;Client de licence CA;c:\program files\CA\SharedComponents\CA_LIC\lic98rmt.exe [2002-09-20 77824] S3 CA_LIC_SRVR;Serveur de licence CA;c:\program files\CA\SharedComponents\CA_LIC\lic98rmtd.exe [2002-09-20 77824] S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2007-12-05 17:27 451872 ----a-w- c:\program files\Fichiers communs\LightScribe\LSRunOnce.exe . Contenu du dossier 'Tâches planifiées' 2009-12-12 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34] 2010-01-17 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-08 00:22] 2010-01-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-08 00:24] 2010-01-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-08 00:24] 2010-01-17 c:\windows\Tasks\User_Feed_Synchronization-{0A4F36C1-5DDF-446E-A6B2-D244BDFC27BB}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 08:31] . . ------- Examen supplémentaire ------- . uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms} mSearch Bar = c:\program files\Copernic 2000 Plus\Search Bar.htm mWindow Title = uInternet Settings,ProxyServer = http=127.0.0.1:5555 uInternet Settings,ProxyOverride = <local> IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx IE: Chercher avec Copernic - file://c:\program files\Copernic 2000 Plus\Search Extension.htm IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html Trusted Zone: msn.com\www.ca Trusted Zone: pogo.com\www DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab DPF: High Stakes Pool by pogo - hxxp://game3.pogo.com/v/9.0.1.23/applet/pool2/pool-en_US.cab DPF: Lottso by pogo - hxxp://game3.pogo.com/v/9.0.1.7/applet/lottso/lottso-en_US.cab DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab DPF: Thousand Island Solitaire by pogo - hxxp://game3.pogo.com/v/9.0.1.10/applet/millbrae/millbrae-en_US.cab DPF: Word Search Daily by pogo - hxxp://game3.pogo.com/v/9.0.1.7/applet/wordsearch/wordsearch-en_US.cab . - - - - ORPHELINS SUPPRIMES - - - - URLSearchHooks-{0BC6E3FA-78EF-4886-842C-5A1258C4455A} - (no file) ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-01-17 02:56 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-682003330-1606980848-725345543-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2d,8f,25,52,36,6a,d9,42,b2,52,44,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2d,8f,25,52,36,6a,d9,42,b2,52,44,\ "6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,00,c4,f6,eb,0f,91,0b,49,82,36,70,\ [HKEY_USERS\S-1-5-21-682003330-1606980848-725345543-500\Software\SecuROM\License information*] "datasecu"=hex:88,47,76,dc,2e,29,b0,e8,4b,c1,84,71,bd,a5,7f,f3,bd,07,61,4c,2b, 01,57,db,47,4e,63,00,5a,fd,b1,a6,e7,b1,e0,75,a0,ae,b8,a0,49,4b,8e,23,6b,6a,\ "rkeysecu"=hex:b3,a6,db,3c,87,0c,3e,99,24,5e,0d,1c,06,b7,47,de [HKEY_LOCAL_MACHINE\software\Classes\Software\RealNetworks\RealJukebox\1.0\Preferences\AURestartRecover] @DACL=(02 0000) [HKEY_LOCAL_MACHINE\software\Classes\Software\RealNetworks\RealJukebox\1.0\Preferences\DisplayName] @DACL=(02 0000) @="RealPlayer" [HKEY_LOCAL_MACHINE\software\Classes\Software\RealNetworks\RealJukebox\1.0\Preferences\MainApp] @DACL=(02 0000) @="c:\\Program Files\\Real\\RealPlayer\\realjbox.exe" [HKEY_LOCAL_MACHINE\software\Classes\Software\RealNetworks\Update\6.0\Preferences\Components\Free:6.0\File38\ACCESSPOINT] @DACL=(02 0000) @="QUICKLAUNCH" [HKEY_LOCAL_MACHINE\software\Classes\Software\RealNetworks\Update\6.0\Preferences\Components\Free:6.0\File39\ACCESSPOINT] @DACL=(02 0000) @="DESKTOP" [HKEY_LOCAL_MACHINE\software\Classes\Software\RealNetworks\Update\6.0\Preferences\Components\gtoolbar:6.3\File0\OCX] @DACL=(02 0000) @="" [HKEY_LOCAL_MACHINE\software\Classes\Software\RealNetworks\Update\6.0\Preferences\Components\gtoolbar:6.3\File0\Version] @DACL=(02 0000) @="2.0.0.8" [HKEY_LOCAL_MACHINE\software\ICopyDVDs2\ICopyDVDs2\Drive] @DACL=(02 0000) "drivename"="3:1:0 - LITE-ON DVDRW SOHW-1693S KS06 [D] (Ide)" "driveid"="0" [HKEY_LOCAL_MACHINE\software\ICopyDVDs2\ICopyDVDs2\Settings] @DACL=(02 0000) "promocode"="" "affiliate"="" [HKEY_LOCAL_MACHINE\software\INTERSOLV\ODBC] @DACL=(02 0000) [HKEY_LOCAL_MACHINE\software\McAfee\VirusScan] @DACL=(02 0000) [HKEY_LOCAL_MACHINE\software\Microsoft\Advanced INF Setup\IEHomePageInfo\RegBackup] @DACL=(02 0000) [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*] "OODEFRAG08.00.00.01WORKSTATION"="89E1BC46D30EC21551AD1F44EE43A235E9491516BFE007A5459CB868C63F405D4D709C4CEB5 EBF3ACCB8571E44FACCEAA57D57FAB3BB8374D0CA9047D66A223A353371C540BFAE1FCCE2AABC063C E53397C149AE9B14FAF4E0A7232000A8A51AD31B866CBC1488F4DE2649AC2B425CDF6ABAA1B01B1EF 1375C214983B44786F06A7DFA813E615B33C1613A80A06D32867BECE883CA3181955D06B2845AB68F F6F114C4CA96D1CA106C56D4CDC3BE7F835CC6FDADB6C9D5A9328CE1BBC70CA32915FB29118D320C8 B05ABC62D685E6FF1D1951139DE082F535E4B2EC4CB00384634B6C41F5BF6E86469EB8FBE5416C137 FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CF EBC9E127BECC74CA6A0AC4980AC79339DB7CE019D40AA5CFEBC9E127BECC74C9DB7CE019D40AA5CBB C3E8BA63203E2C04726B79DC5B2954874BB59F32DC81873E19BE499A62EBBD142808BA64B10459C39 62A4540B38C9295B9ABC2E29F72F9DD90AB146D329A83D042D5BF2A7A8427A9B530931B373A0D1F2F AF5A54BA8CD0A60822A928E92D490AEC66AC28C684ED49B176966C09E8BDD3B53E9030C99E4708D2C 3C1443FA32C0CE2A0ECC382D7CA6C524A8A266F65E21ABC2A0C990E865B24AA88192F0A940C54C8C0 6957BFE91F0F40CBACB1D58D7E0B9999FEA26A3AD1D1AA3BEE48C72A0D99A1D51531343990E20B6FB E674BD5D674010699D4E6C0B09B557A06E6999F17405744E4123BD608CA25FD059883C4F458103D93 2BAFB743408C392753C3C5D5E5B6C351B1D1EA32DF64954B0753F4296B4560A895944E9832993D1DC 9B005BAD87260D4B79AAD006F82A55D69B6188398056615F7094A05162A2238FB6B53F81E9FF97344 D9EE28F820F38EEB4DEEDBFA95189CABA5029D49CCD64B0E254109EB37C2AFE97A902131BD97B22DD 8D1CAE52493077BA5E1BFD9771E2F9A34ECA6AD1745912D0A88AB8043FE243F412C2F5F3DC91EA86A 6C8908018E3EAD908CD203005AA8083BE04684796AC12B8FFC2C1F57823064F533DDCC27125AC756E AD1C019B30268E3B9368C8FEE6C6A75D6A69348558F5A7161E4510A69E35FC7632A6DE8D3B5B17CC2 859D17F488EB4363C85ECB319325A7300875ADA545DB49692AC45E9459392544817008B90193715B0 1D5005897530AF1F74AFA2EE81CE200DF354B1F0C481D173AF03CCC44381B0F8202E9DF786AAA8928 173CBCBE6FC2C121E3E4F56D1ECCA906417114C124FDE1C1A0F0329A6243F04ED625623A1CB95A842 8C3EA21EB3D00FC33CAC77096FDC9F8A3DF0B63A7AEB265B54800D3D9BB0EE70CE62551D71BAE7D51 CD754BC321D42831667E3E99EBEF2E1A9F4D06D7E22FEA50AEA2AA7B3A60275866FCCC51929F0FA19 871990C215D2B1705D45035EAA8F0" [HKEY_LOCAL_MACHINE\software\Oracle\ALL_HOMES] @Class="Application Global Data" @DACL=(02 0000) "HOME_COUNTER"="2" "DEFAULT_HOME"="DevSuiteHome" "LAST_HOME"="1" [HKEY_LOCAL_MACHINE\software\Oracle\iSuites] @Class="Application Global Data" @DACL=(02 0000) "MDAC Session Update Status"="Complete" [HKEY_LOCAL_MACHINE\software\Tidestone Technologies\Formula One] @DACL=(02 0000) . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(1148) c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll c:\program files\fichiers communs\logitech\bluetooth\LBTServ.dll - - - - - - - > 'explorer.exe'(164) c:\program files\Logitech\SetPoint\GameHook.dll c:\program files\Logitech\SetPoint\lgscroll.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\windows\system32\eappprxy.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\Google\Update\1.2.183.13\GoogleCrashHandler.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\system32\drivers\CDAC11BA.EXE c:\program files\Nero\Nero 7\InCD\InCDsrv.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Fichiers communs\LightScribe\LSSrvc.exe c:\program files\Common Files\Motive\McciCMService.exe c:\windows\system32\nvsvc32.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Analog Devices\SoundMAX\SMAgent.exe c:\windows\System32\TUProgSt.exe c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe c:\program files\Fichiers communs\Pure Networks Shared\Platform\nmsrvc.exe c:\program files\Canon\CAL\CALMAIN.exe c:\windows\system32\RUNDLL32.EXE c:\program files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE c:\windows\system32\wbem\wmiapsrv.exe . ************************************************************************** . Heure de fin: 2010-01-17 03:09:32 - La machine a redémarré ComboFix-quarantined-files.txt 2010-01-17 08:09 ComboFix2.txt 2010-01-15 01:47 Avant-CF: 23 611 289 600 octets libres Après-CF: 23 592 742 912 octets libres - - End Of File - - 071468CA84B75B8FD55140DC94D502D9

Voici le rapport!! ComboFix 10-01-14.02 - Administrateur 2010-01-14 20:20:23.1.1 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.2.1036.18.1279.785 [GMT -5:00] Lancé depuis: c:\documents and settings\Administrateur\Bureau\ComboFix.exe AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Administrateur\Application Data\.# c:\program files\INSTALL.LOG c:\program files\VisualTool c:\program files\VisualTool\pcre3.dll c:\program files\VisualTool\uninstall.exe C:\s c:\windows\7673d9ac.ocx c:\windows\80f54c17.ocx c:\windows\85a58256.ocx c:\windows\c4e7b72c.ocx c:\windows\Downloaded Program Files\popcaploader.inf c:\windows\system32\11478.exe c:\windows\system32\11942.exe c:\windows\system32\12382.exe c:\windows\system32\14604.exe c:\windows\system32\153.exe c:\windows\system32\15724.exe c:\windows\system32\16827.exe c:\windows\system32\17421.exe c:\windows\system32\18467.exe c:\windows\system32\18716.exe c:\windows\system32\19169.exe c:\windows\system32\19718.exe c:\windows\system32\23281.exe c:\windows\system32\24464.exe c:\windows\system32\26500.exe c:\windows\system32\26962.exe c:\windows\system32\28145.exe c:\windows\system32\292.exe c:\windows\system32\29358.exe c:\windows\system32\2995.exe c:\windows\system32\32391.exe c:\windows\system32\3902.exe c:\windows\system32\4827.exe c:\windows\system32\491.exe c:\windows\system32\5436.exe c:\windows\system32\5705.exe c:\windows\system32\6334.exe c:\windows\system32\7158fcfb.ocx c:\windows\system32\92cb8819.ocx c:\windows\system32\9961.exe c:\windows\system32\ef841279.ocx c:\windows\system32\system c:\windows\system32\system\FM20.DLL c:\windows\system32\system\FM20ENU.DLL c:\windows\system32\system\hlp95en.dll c:\windows\system32\system\RICHED20.DLL c:\windows\system32\system\SCP32.DLL c:\windows\system32\system\VBAME.DLL c:\windows\winhelp.ini . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_BOONTY_GAMES -------\Service_Boonty Games ((((((((((((((((((((((((((((( Fichiers créés du 2009-12-15 au 2010-01-15 )))))))))))))))))))))))))))))))))))) . 2010-01-13 21:15 . 2010-01-13 21:15 -------- d-----w- c:\program files\Pure Networks 2010-01-13 21:14 . 2010-01-13 21:14 -------- d-----w- c:\program files\WebEx 2010-01-13 21:14 . 2009-07-07 19:48 25392 ----a-w- c:\windows\system32\drivers\pnarp.sys 2010-01-13 21:13 . 2009-07-07 19:48 26672 ----a-w- c:\windows\system32\drivers\purendis.sys 2010-01-13 21:13 . 2010-01-13 21:13 -------- d-----w- c:\program files\Fichiers communs\Pure Networks Shared 2010-01-13 21:12 . 2010-01-13 21:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Pure Networks 2010-01-11 22:12 . 2010-01-11 22:48 -------- d-----w- c:\documents and settings\All Users\Application Data\FarmFrenzy3_America 2010-01-10 21:03 . 2010-01-10 21:03 -------- d-----w- c:\documents and settings\Administrateur\Application Data\iMaxGen 2010-01-08 01:35 . 2010-01-08 01:35 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Leadertech 2010-01-08 01:34 . 2010-01-08 01:37 -------- d-----w- c:\documents and settings\All Users\Application Data\LogiShrd 2010-01-08 01:32 . 2009-07-20 17:25 301656 ----a-w- c:\windows\system32\BtCoreIf.dll 2010-01-08 01:31 . 2010-01-08 01:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Logitech 2010-01-08 01:31 . 2010-01-08 01:35 -------- d-----w- c:\program files\Fichiers communs\Logishrd 2010-01-06 21:04 . 2010-01-06 21:51 -------- d-----w- c:\program files\Spybot - Search & Destroy 2010-01-06 20:48 . 2010-01-06 20:48 -------- d-----w- c:\documents and settings\All Users\Application Data\LightScribe 2010-01-06 04:13 . 2010-01-06 04:13 -------- d-----w- c:\documents and settings\All Users\Application Data\EscapeTheMuseum2 2010-01-05 01:49 . 2010-01-05 01:49 -------- d-----r- c:\documents and settings\LocalService\Favoris 2010-01-04 22:30 . 2010-01-06 22:54 -------- d-----w- C:\ToolBar SD 2009-12-27 04:40 . 2009-12-27 04:42 -------- d-----r- c:\documents and settings\LocalService\Mes documents 2009-12-27 03:13 . 2009-12-27 03:13 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Pogo Games 2009-12-27 02:37 . 2009-11-25 16:19 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2009-12-27 02:37 . 2009-03-30 14:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys 2009-12-27 02:37 . 2009-02-13 16:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2009-12-27 02:37 . 2009-02-13 16:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2009-12-27 02:37 . 2010-01-07 22:36 -------- d-----w- c:\program files\Avira 2009-12-27 02:37 . 2009-12-27 02:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2009-12-27 02:26 . 2010-01-13 00:41 -------- d-----w- c:\program files\trend micro 2009-12-23 02:49 . 2009-12-27 02:27 -------- d-----w- C:\rsit 2009-12-23 02:45 . 2009-12-27 02:47 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\qbeege 2009-12-21 22:58 . 2009-12-21 22:58 -------- d-----w- C:\SOPHTEMP 2009-12-19 22:32 . 2009-12-20 03:46 -------- d-----w- C:\FindyKill 2009-12-19 21:41 . 2009-12-19 21:41 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Malwarebytes 2009-12-19 21:41 . 2009-12-30 19:54 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-19 21:41 . 2009-12-30 19:55 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-19 21:41 . 2010-01-06 22:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-12-19 21:41 . 2009-12-19 21:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-12-19 04:36 . 2009-12-19 04:36 552 ----a-w- c:\windows\system32\d3d8caps.dat 2009-12-18 22:42 . 2009-12-18 22:43 664 ----a-w- c:\windows\system32\d3d9caps.dat 2009-12-18 20:06 . 2009-12-27 02:47 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\ccsfho 2009-12-18 20:05 . 2009-12-18 20:05 1307 ----a-w- C:\dror.exe 2009-12-18 02:38 . 2009-12-18 02:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Gamers Digital 2009-12-18 02:38 . 2009-12-18 02:38 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Gamers Digital 2009-12-18 01:00 . 2009-12-18 01:00 -------- d-----w- c:\documents and settings\LocalService\Application Data\TuneUp Software 2009-12-18 00:00 . 2009-12-18 00:00 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} 2009-12-17 04:46 . 2009-12-17 04:46 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\ICS 2009-12-17 04:46 . 2009-12-17 04:46 -------- d-----w- c:\windows\LMI1A.tmp 2009-12-17 04:45 . 2009-12-17 04:45 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Deployment 2009-12-17 02:31 . 2009-12-17 02:39 -------- d-----w- c:\program files\RegSeeker 2009-12-17 01:45 . 2009-12-17 01:45 -------- d-----w- c:\program files\Lavalys 2009-12-17 01:36 . 2009-12-17 01:37 16384 ----a-w- c:\windows\system32\lgfwunis.exe 2009-12-17 01:36 . 1998-07-22 05:00 102160 ----a-w- c:\windows\system32\VB6KO.DLL 2009-12-17 01:36 . 2010-01-15 01:31 -------- d-----w- c:\program files\lg_fwupdate 2009-12-17 01:28 . 2009-12-17 01:28 -------- d-----w- c:\program files\Fichiers communs\LightScribe 2009-12-17 01:28 . 2009-12-17 01:28 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Ahead 2009-12-17 01:23 . 2009-12-17 01:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero 2009-12-17 01:23 . 2009-12-17 01:23 -------- d-----w- c:\program files\Nero 2009-12-17 00:35 . 2009-12-17 00:41 -------- d-----w- c:\program files\RegGenie 2009-12-16 23:20 . 2009-12-16 23:20 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Uniblue 2009-12-16 03:37 . 2009-12-16 03:37 -------- d-----w- c:\documents and settings\All Users\Application Data\rionix . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-15 00:50 . 2006-12-21 15:52 -------- d-----w- c:\program files\Common Files 2010-01-13 21:17 . 2008-04-11 21:40 38168 -c--a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-01-13 21:14 . 2010-01-13 21:14 8892928 ----a-w- c:\documents and settings\All Users\Application Data\atscie.msi 2010-01-10 21:02 . 2009-07-14 03:15 -------- d-----w- c:\program files\WildGames 2010-01-09 04:29 . 2009-07-14 03:15 -------- d-----w- c:\documents and settings\All Users\Application Data\WildTangent 2010-01-08 01:34 . 2010-01-08 01:34 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf 2010-01-08 01:33 . 2010-01-08 01:33 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf 2010-01-08 01:33 . 2010-01-08 01:33 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 2010-01-08 01:32 . 2009-08-27 20:33 -------- d-----w- c:\program files\Fichiers communs\Logitech 2010-01-08 01:31 . 2005-05-17 20:14 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-01-07 05:57 . 2008-08-23 03:44 -------- d-----w- c:\documents and settings\All Users\Application Data\MumboJumbo 2010-01-07 02:24 . 2008-08-12 02:29 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Friday's games 2010-01-06 22:36 . 2008-04-04 14:19 -------- d-----w- c:\documents and settings\Administrateur\Application Data\U3 2010-01-06 22:01 . 2008-05-18 15:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2010-01-06 03:27 . 2008-05-24 01:27 -------- d-----w- c:\documents and settings\Administrateur\Application Data\PlayFirst 2009-12-27 23:04 . 2008-12-04 03:32 -------- d-----w- c:\documents and settings\Administrateur\Application Data\LimeWire 2009-12-27 03:21 . 2009-09-10 22:16 -------- d-----w- c:\documents and settings\Administrateur\Application Data\ZoomBrowser EX 2009-12-27 03:17 . 2008-04-20 21:41 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-12-27 01:02 . 2009-11-27 21:30 361288 ----a-w- c:\windows\system32\TuneUpDefragService.exe 2009-12-27 00:58 . 2009-08-27 01:55 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip 2009-12-27 00:56 . 2009-12-03 14:31 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9 2009-12-27 00:51 . 2008-05-18 15:33 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software 2009-12-20 03:05 . 2004-08-05 12:00 85688 ----a-w- c:\windows\system32\perfc00C.dat 2009-12-20 03:05 . 2004-08-05 12:00 511596 ----a-w- c:\windows\system32\perfh00C.dat 2009-12-19 18:54 . 2009-07-08 00:22 -------- d-----w- c:\program files\Google 2009-12-18 23:27 . 2008-11-02 22:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Kodak 2009-12-17 01:30 . 2006-01-03 20:00 -------- d-----w- c:\program files\Fichiers communs\Ahead 2009-12-17 01:25 . 2006-01-03 20:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Ahead 2009-12-17 01:05 . 2009-05-16 03:55 -------- d-----w- c:\program files\CyberLink 2009-12-15 20:20 . 2009-12-15 20:20 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters 2009-12-13 02:32 . 2009-12-13 02:31 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Enlightenus 2009-12-13 02:11 . 2008-12-27 05:36 -------- d-----w- c:\documents and settings\All Users\Application Data\BigFishGamesCache 2009-12-12 02:38 . 2008-12-29 02:38 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Alawar 2009-12-11 03:28 . 2009-07-01 20:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Merscom 2009-12-09 02:22 . 2009-12-09 02:21 -------- d-----w- c:\documents and settings\Administrateur\Application Data\MastersOfMystery2 2009-12-08 04:15 . 2009-12-08 04:15 -------- d-----w- c:\documents and settings\Administrateur\Application Data\VampireSaga 2009-12-03 23:05 . 2009-12-03 23:05 -------- d-----w- c:\documents and settings\All Users\Application Data\SOS 2009-12-03 13:39 . 2009-08-27 19:37 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357} 2009-12-03 02:28 . 2009-11-07 02:30 -------- d-----w- c:\program files\AIDA32 - Enterprise System Information 2009-11-30 05:57 . 2009-04-13 23:53 -------- d-----w- c:\program files\Oberon Media 2009-11-28 02:56 . 2008-05-16 02:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Fugazo 2009-11-27 21:30 . 2009-11-27 21:30 604488 ----a-w- c:\windows\system32\TUProgSt.exe 2009-11-26 05:31 . 2008-09-02 20:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Alawar Stargaze 2009-11-26 05:29 . 2009-11-26 05:29 -------- d-----w- c:\documents and settings\Administrateur\Application Data\WildTangentv1002 2009-11-26 04:04 . 2009-11-26 04:04 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Ph03nixNewMedia 2009-11-26 01:11 . 2009-11-26 01:11 -------- d-----w- c:\documents and settings\Administrateur\Application Data\MA 2009-11-26 00:10 . 2009-02-04 13:28 -------- d-----w- c:\documents and settings\Administrateur\Application Data\GameInvest 2009-11-24 16:00 . 2009-11-24 16:00 -------- d-----w- c:\program files\Apple Software Update 2009-11-24 15:59 . 2009-11-24 15:58 -------- d-----w- c:\program files\QuickTime 2009-11-24 15:58 . 2008-12-02 15:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer 2009-11-21 19:51 . 2009-09-10 22:18 -------- d-----w- c:\documents and settings\Administrateur\Application Data\CameraWindowDC 2009-11-21 06:12 . 2009-10-10 18:23 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Playrix Entertainment 2009-11-20 15:35 . 2009-11-20 15:35 0 ----a-w- c:\documents and settings\Administrateur\errorlog.tmp 2009-11-19 04:57 . 2009-11-19 04:57 -------- d-----w- c:\documents and settings\Administrateur\Application Data\casanova 2009-11-18 03:54 . 2009-11-18 03:54 -------- d-----w- c:\documents and settings\All Users\Application Data\GOA 2009-11-18 03:54 . 2009-11-18 03:54 -------- d-----w- c:\documents and settings\Administrateur\Application Data\GOA 2009-11-17 14:30 . 2009-11-16 23:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion 2009-11-17 01:16 . 2008-05-24 01:27 -------- d-----w- c:\documents and settings\All Users\Application Data\PlayFirst 2009-11-16 23:13 . 2009-11-16 23:13 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Freezetag 2009-11-16 23:10 . 2009-11-16 23:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! 2009-11-16 23:10 . 2009-11-16 23:03 -------- d-----w- c:\program files\Yahoo! 2009-11-16 23:04 . 2009-11-16 23:04 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Yahoo! 2009-10-29 07:42 . 2004-08-05 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2009-10-21 05:39 . 2004-08-05 12:00 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:39 . 2004-08-05 12:00 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20 . 2004-08-05 12:00 265728 ----a-w- c:\windows\system32\drivers\http.sys 2004-07-22 15:51 . 2004-07-22 15:51 3432656 ----a-w- c:\program files\ManagedDX.CAB 2004-07-20 03:58 . 2004-07-20 03:58 1156363 ----a-w- c:\program files\BDANT.cab 2004-07-20 03:53 . 2004-07-20 03:53 976020 ----a-w- c:\program files\BDAXP.cab 2004-07-09 19:17 . 2004-07-09 19:17 13265040 ----a-w- c:\program files\dxnt.cab 2004-07-09 14:13 . 2004-07-09 14:13 15493481 ----a-w- c:\program files\DirectX.cab 2004-07-09 14:13 . 2004-07-09 14:13 703080 ----a-w- c:\program files\BDA.cab 2004-07-09 09:08 . 2004-07-09 09:08 472576 ----a-w- c:\program files\dxsetup.exe 2004-07-09 09:08 . 2004-07-09 09:08 2242560 ----a-w- c:\program files\dsetup32.dll 2004-07-09 08:03 . 2004-07-09 08:03 62976 ----a-w- c:\program files\DSETUP.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{0BC6E3FA-78EF-4886-842C-5A1258C4455A}"= "c:\program files\AGI\common\agcutils.dll" [2010-01-15 43520] [HKEY_CLASSES_ROOT\clsid\{0bc6e3fa-78ef-4886-842c-5a1258c4455a}] [HKEY_CLASSES_ROOT\agcutils.AGSearchHook.1] [HKEY_CLASSES_ROOT\TypeLib\{647B16D8-AD7B-4983-82D7-82A270FC9E6D}] [HKEY_CLASSES_ROOT\agcutils.AGSearchHook] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}] 2009-08-11 13:13 277648 ----a-w- c:\program files\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}"= "c:\program files\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll" [2009-08-11 277648] [HKEY_CLASSES_ROOT\clsid\{6638a9de-0745-4292-8a2e-ae530e7b9b3f}] [HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar.1] [HKEY_CLASSES_ROOT\TypeLib\{259EEB17-79AA-44DF-8410-8E55F82A902A}] [HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}"= "c:\program files\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll" [2009-08-11 277648] [HKEY_CLASSES_ROOT\clsid\{6638a9de-0745-4292-8a2e-ae530e7b9b3f}] [HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar.1] [HKEY_CLASSES_ROOT\TypeLib\{259EEB17-79AA-44DF-8410-8E55F82A902A}] [HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-08 39408] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-01-31 98304] "BellCanada_McciTrayApp"="c:\program files\BellCanada\McciTrayApp.exe" [2008-12-07 1471488] "KiweeHook"="c:\program files\Kiwee Toolbar\2.9.201\kwtbaim.exe" [2009-08-11 56456] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-03 13529088] "nwiz"="nwiz.exe" [2008-05-03 1630208] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-03 86016] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-11 417792] "NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] "SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-11-26 1629480] "InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-11-26 1057064] "LGODDFU"="c:\program files\lg_fwupdate\fwupdate.exe" [2009-12-17 557056] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "nmctxth"="c:\program files\Fichiers communs\Pure Networks Shared\Platform\nmctxth.exe" [2009-07-07 647216] "nmapp"="c:\program files\Pure Networks\Network Magic\nmapp.exe" [2009-07-08 472112] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\ Logitech . Enregistrement du produit.lnk - c:\program files\Fichiers communs\Logishrd\eReg\SetPoint\eReg.exe [2008-11-7 517384] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-8-27 813584] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2009-07-20 17:28 72208 ----a-w- c:\program files\Fichiers communs\Logitech\Bluetooth\LBTWLgn.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "updateMgr"=c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0 "CTFMON.EXE"=c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "KiweeHook"=c:\program files\Kiwee Toolbar\2.8.167\kwtbaim.exe "ContentTransferWMDetector.exe"=c:\program files\Sony\Content Transfer\ContentTransferWMDetector.exe "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot "QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\INTERAL\\IMC\\5.0.2.51026\\INTERAL.exe"= "c:\\Program Files\\Netscape\\Communicator\\Program\\netscape.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Sony\\Media Manager for WALKMAN\\MediaManager.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\LANSchool\\Teacher.exe"= "c:\\WINDOWS\\LMI1A.tmp\\lmi_rescue.exe"= "c:\program files\Fichiers communs\Pure Networks Shared\Platform\nmsrvc.exe"= c:\program files\Fichiers communs\Pure Networks Shared\Platform\nmsrvc.exe:LocalSubNet,0.0.0.0/255.255.255.255:Enabled:Pure Networks Platform Service [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "6346:TCP"= 6346:TCP:*:Disabled:Shareaza "6346:UDP"= 6346:UDP:*:Disabled:Shareaza R2 AGWinService;AG Windows Service;c:\program files\AGI\common\win32\pythonservice.exe [2008-09-24 10240] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-12-26 108289] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-03-11 54752] R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2009-08-27 3712] R2 LogWatch;Event Log Watch;c:\program files\CA\SharedComponents\CA_LIC\LogWatNT.exe [2002-09-20 53248] R3 lsmirror;lsmirror;c:\windows\system32\drivers\lsmirror.sys [2005-11-28 5632] S2 gupdate1c9ff6270c083b4;Service Google Update (gupdate1c9ff6270c083b4);c:\program files\Google\Update\GoogleUpdate.exe [2009-07-07 133104] S3 CA_LIC_CLNT;Client de licence CA;c:\program files\CA\SharedComponents\CA_LIC\lic98rmt.exe [2002-09-20 77824] S3 CA_LIC_SRVR;Serveur de licence CA;c:\program files\CA\SharedComponents\CA_LIC\lic98rmtd.exe [2002-09-20 77824] S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2007-12-05 17:27 451872 ----a-w- c:\program files\Fichiers communs\LightScribe\LSRunOnce.exe . Contenu du dossier 'Tâches planifiées' 2009-12-12 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34] 2010-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-08 00:24] 2010-01-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-08 00:24] 2010-01-14 c:\windows\Tasks\User_Feed_Synchronization-{0A4F36C1-5DDF-446E-A6B2-D244BDFC27BB}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 08:31] . . ------- Examen supplémentaire ------- . uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms} mSearch Bar = c:\program files\Copernic 2000 Plus\Search Bar.htm mWindow Title = uInternet Settings,ProxyServer = http=127.0.0.1:5555 uInternet Settings,ProxyOverride = <local> IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx IE: Chercher avec Copernic - file://c:\program files\Copernic 2000 Plus\Search Extension.htm IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html Trusted Zone: msn.com\www.ca Trusted Zone: pogo.com\www DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab DPF: High Stakes Pool by pogo - hxxp://game3.pogo.com/v/9.0.1.23/applet/pool2/pool-en_US.cab DPF: Lottso by pogo - hxxp://game3.pogo.com/v/9.0.1.7/applet/lottso/lottso-en_US.cab DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab DPF: Thousand Island Solitaire by pogo - hxxp://game3.pogo.com/v/9.0.1.10/applet/millbrae/millbrae-en_US.cab DPF: Word Search Daily by pogo - hxxp://game3.pogo.com/v/9.0.1.7/applet/wordsearch/wordsearch-en_US.cab . - - - - ORPHELINS SUPPRIMES - - - - Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) AddRemove-VisualTool - c:\program files\VisualTool\uninstall.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-01-14 20:32 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-682003330-1606980848-725345543-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2d,8f,25,52,36,6a,d9,42,b2,52,44,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2d,8f,25,52,36,6a,d9,42,b2,52,44,\ "6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,00,c4,f6,eb,0f,91,0b,49,82,36,70,\ [HKEY_USERS\S-1-5-21-682003330-1606980848-725345543-500\Software\SecuROM\License information*] "datasecu"=hex:88,47,76,dc,2e,29,b0,e8,4b,c1,84,71,bd,a5,7f,f3,bd,07,61,4c,2b, 01,57,db,47,4e,63,00,5a,fd,b1,a6,e7,b1,e0,75,a0,ae,b8,a0,49,4b,8e,23,6b,6a,\ "rkeysecu"=hex:b3,a6,db,3c,87,0c,3e,99,24,5e,0d,1c,06,b7,47,de [HKEY_LOCAL_MACHINE\software\Classes\Software\RealNetworks\RealJukebox\1.0\Preferences\AURestartRecover] @DACL=(02 0000) [HKEY_LOCAL_MACHINE\software\Classes\Software\RealNetworks\RealJukebox\1.0\Preferences\DisplayName] @DACL=(02 0000) @="RealPlayer" [HKEY_LOCAL_MACHINE\software\Classes\Software\RealNetworks\RealJukebox\1.0\Preferences\MainApp] @DACL=(02 0000) @="c:\\Program Files\\Real\\RealPlayer\\realjbox.exe" [HKEY_LOCAL_MACHINE\software\Classes\Software\RealNetworks\Update\6.0\Preferences\Components\Free:6.0\File38\ACCESSPOINT] @DACL=(02 0000) @="QUICKLAUNCH" [HKEY_LOCAL_MACHINE\software\Classes\Software\RealNetworks\Update\6.0\Preferences\Components\Free:6.0\File39\ACCESSPOINT] @DACL=(02 0000) @="DESKTOP" [HKEY_LOCAL_MACHINE\software\Classes\Software\RealNetworks\Update\6.0\Preferences\Components\gtoolbar:6.3\File0\OCX] @DACL=(02 0000) @="" [HKEY_LOCAL_MACHINE\software\Classes\Software\RealNetworks\Update\6.0\Preferences\Components\gtoolbar:6.3\File0\Version] @DACL=(02 0000) @="2.0.0.8" [HKEY_LOCAL_MACHINE\software\ICopyDVDs2\ICopyDVDs2\Drive] @DACL=(02 0000) "drivename"="3:1:0 - LITE-ON DVDRW SOHW-1693S KS06 [D] (Ide)" "driveid"="0" [HKEY_LOCAL_MACHINE\software\ICopyDVDs2\ICopyDVDs2\Settings] @DACL=(02 0000) "promocode"="" "affiliate"="" [HKEY_LOCAL_MACHINE\software\INTERSOLV\ODBC] @DACL=(02 0000) [HKEY_LOCAL_MACHINE\software\McAfee\VirusScan] @DACL=(02 0000) [HKEY_LOCAL_MACHINE\software\Microsoft\Advanced INF Setup\IEHomePageInfo\RegBackup] @DACL=(02 0000) [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*] "OODEFRAG08.00.00.01WORKSTATION"="89E1BC46D30EC21551AD1F44EE43A235E9491516BFE007A5459CB868C63F405D4D709C4CEB5 EBF3ACCB8571E44FACCEAA57D57FAB3BB8374D0CA9047D66A223A353371C540BFAE1FCCE2AABC063C E53397C149AE9B14FAF4E0A7232000A8A51AD31B866CBC1488F4DE2649AC2B425CDF6ABAA1B01B1EF 1375C214983B44786F06A7DFA813E615B33C1613A80A06D32867BECE883CA3181955D06B2845AB68F F6F114C4CA96D1CA106C56D4CDC3BE7F835CC6FDADB6C9D5A9328CE1BBC70CA32915FB29118D320C8 B05ABC62D685E6FF1D1951139DE082F535E4B2EC4CB00384634B6C41F5BF6E86469EB8FBE5416C137 FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CF EBC9E127BECC74CA6A0AC4980AC79339DB7CE019D40AA5CFEBC9E127BECC74C9DB7CE019D40AA5CBB C3E8BA63203E2C04726B79DC5B2954874BB59F32DC81873E19BE499A62EBBD142808BA64B10459C39 62A4540B38C9295B9ABC2E29F72F9DD90AB146D329A83D042D5BF2A7A8427A9B530931B373A0D1F2F AF5A54BA8CD0A60822A928E92D490AEC66AC28C684ED49B176966C09E8BDD3B53E9030C99E4708D2C 3C1443FA32C0CE2A0ECC382D7CA6C524A8A266F65E21ABC2A0C990E865B24AA88192F0A940C54C8C0 6957BFE91F0F40CBACB1D58D7E0B9999FEA26A3AD1D1AA3BEE48C72A0D99A1D51531343990E20B6FB E674BD5D674010699D4E6C0B09B557A06E6999F17405744E4123BD608CA25FD059883C4F458103D93 2BAFB743408C392753C3C5D5E5B6C351B1D1EA32DF64954B0753F4296B4560A895944E9832993D1DC 9B005BAD87260D4B79AAD006F82A55D69B6188398056615F7094A05162A2238FB6B53F81E9FF97344 D9EE28F820F38EEB4DEEDBFA95189CABA5029D49CCD64B0E254109EB37C2AFE97A902131BD97B22DD 8D1CAE52493077BA5E1BFD9771E2F9A34ECA6AD1745912D0A88AB8043FE243F412C2F5F3DC91EA86A 6C8908018E3EAD908CD203005AA8083BE04684796AC12B8FFC2C1F57823064F533DDCC27125AC756E AD1C019B30268E3B9368C8FEE6C6A75D6A69348558F5A7161E4510A69E35FC7632A6DE8D3B5B17CC2 859D17F488EB4363C85ECB319325A7300875ADA545DB49692AC45E9459392544817008B90193715B0 1D5005897530AF1F74AFA2EE81CE200DF354B1F0C481D173AF03CCC44381B0F8202E9DF786AAA8928 173CBCBE6FC2C121E3E4F56D1ECCA906417114C124FDE1C1A0F0329A6243F04ED625623A1CB95A842 8C3EA21EB3D00FC33CAC77096FDC9F8A3DF0B63A7AEB265B54800D3D9BB0EE70CE62551D71BAE7D51 CD754BC321D42831667E3E99EBEF2E1A9F4D06D7E22FEA50AEA2AA7B3A60275866FCCC51929F0FA19 871990C215D2B1705D45035EAA8F0" [HKEY_LOCAL_MACHINE\software\Oracle\ALL_HOMES] @Class="Application Global Data" @DACL=(02 0000) "HOME_COUNTER"="2" "DEFAULT_HOME"="DevSuiteHome" "LAST_HOME"="1" [HKEY_LOCAL_MACHINE\software\Oracle\iSuites] @Class="Application Global Data" @DACL=(02 0000) "MDAC Session Update Status"="Complete" [HKEY_LOCAL_MACHINE\software\Tidestone Technologies\Formula One] @DACL=(02 0000) . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(1080) c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll c:\program files\fichiers communs\logitech\bluetooth\LBTServ.dll - - - - - - - > 'explorer.exe'(3704) c:\program files\Logitech\SetPoint\GameHook.dll c:\program files\Logitech\SetPoint\lgscroll.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\windows\system32\eappprxy.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\system32\drivers\CDAC11BA.EXE c:\program files\Nero\Nero 7\InCD\InCDsrv.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Google\Update\1.2.183.13\GoogleCrashHandler.exe c:\program files\Fichiers communs\LightScribe\LSSrvc.exe c:\program files\Common Files\Motive\McciCMService.exe c:\windows\system32\nvsvc32.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Analog Devices\SoundMAX\SMAgent.exe c:\windows\System32\TUProgSt.exe c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe c:\program files\Fichiers communs\Pure Networks Shared\Platform\nmsrvc.exe c:\windows\system32\RUNDLL32.EXE c:\program files\Canon\CAL\CALMAIN.exe c:\program files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE c:\windows\system32\wbem\wmiapsrv.exe . ************************************************************************** . Heure de fin: 2010-01-14 20:47:30 - La machine a redémarré ComboFix-quarantined-files.txt 2010-01-15 01:47 Avant-CF: 23 420 571 648 octets libres Après-CF: 23 707 217 920 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect - - End Of File - - E8048B3F7745BE5711F4F11FD1D770E3

Voilà!!!!! Merci encore pour l'aide!!!!! Logfile of random's system information tool 1.06 (written by random/random) Run by Administrateur at 2010-01-12 19:41:56 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 23 GB (60%) free of 38 GB Total RAM: 1279 MB (57% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:42:13, on 2010-01-12 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\System32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\Program Files\BellCanada\McciTrayApp.exe C:\Program Files\Kiwee Toolbar\2.9.201\kwtbaim.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe C:\Program Files\Nero\Nero 7\InCD\InCD.exe C:\Program Files\lg_fwupdate\fwupdate.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\AGI\common\win32\PythonService.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe C:\Program Files\Common Files\Motive\McciCMService.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\TUProgSt.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Documents and Settings\Administrateur\Bureau\RSIT.exe C:\Program Files\trend micro\Administrateur.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ca.msn.com/defaultf.aspx R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = C:\Program Files\Copernic 2000 Plus\Search Bar.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [bellCanada_McciTrayApp] C:\Program Files\BellCanada\McciTrayApp.exe O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar\2.9.201\kwtbaim.exe" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [securDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Logitech . Enregistrement du produit.lnk = C:\Program Files\Fichiers communs\Logishrd\eReg\SetPoint\eReg.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Chercher avec Copernic - file://C:\Program Files\Copernic 2000 Plus\Search Extension.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {2A465934-E5F0-11D2-91B5-00104B9C4765} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Lancer Copernic - {2A465934-E5F0-11D2-91B5-00104B9C4765} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Copernic - {2A465936-E5F0-11D2-91B5-00104B9C4765} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll O15 - Trusted Zone: http://www.pogo.com O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: High Stakes Pool by pogo - http://game3.pogo.com/v/9.0.1.23/applet/pool2/pool-en_US.cab O16 - DPF: Lottso by pogo - http://game3.pogo.com/v/9.0.1.7/applet/lot...ottso-en_US.cab O16 - DPF: Thousand Island Solitaire by pogo - http://game3.pogo.com/v/9.0.1.10/applet/mi...lbrae-en_US.cab O16 - DPF: Word Search Daily by pogo - http://game3.pogo.com/v/9.0.1.7/applet/wor...earch-en_US.cab O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo...sreqlab_nvd.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1208740950546 O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab O16 - DPF: {9b935470-ad4a-11d5-b63e-00c04faedb18} - O16 - DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} (DinerDash Control) - http://www.worldwinner.com/games/v50/dinerdash/dinerdash.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photo...ol/MSNPUpld.cab O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing) O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe O23 - Service: Service Google Update (gupdate1c9ff6270c083b4) (gupdate1c9ff6270c083b4) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 14483 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\Google Software Updater.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\Maintenance automatique.job C:\WINDOWS\tasks\User_Feed_Synchronization-{0A4F36C1-5DDF-446E-A6B2-D244BDFC27BB}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] &Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2009-07-30 909040] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}] Kiwee Toolbar - C:\Program Files\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll [2009-08-11 277648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-02 263280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-14 764912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - Kiwee Toolbar - C:\Program Files\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll [2009-08-11 277648] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Barre d'outils - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2009-07-30 909040] {CCC7A320-B3CA-4199-B1A6-9F516DD69829} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "smapp"=C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2003-01-31 98304] "BellCanada_McciTrayApp"=C:\Program Files\BellCanada\McciTrayApp.exe [2008-12-07 1471488] "KiweeHook"=C:\Program Files\Kiwee Toolbar\2.9.201\kwtbaim.exe [2009-08-11 56456] "Kernel and Hardware Abstraction Layer"=KHALMNPR.EXE [] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088] "nwiz"=nwiz.exe /install [] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-03 86016] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-11-10 417792] "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-01 153136] "SecurDisc"=C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [2007-11-26 1629480] "InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2007-11-26 1057064] "LGODDFU"=C:\Program Files\lg_fwupdate\fwupdate.exe [2009-12-16 557056] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-07 39408] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage Logitech . Enregistrement du produit.lnk - C:\Program Files\Fichiers communs\Logishrd\eReg\SetPoint\eReg.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\System32\igfxsrvc.dll [2004-09-30 344064] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn] c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll [2009-07-20 72208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\System32\WgaLogon.dll [2009-03-10 265088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoSetActiveDesktop"=0 "NoActiveDesktopChanges"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoSetActiveDesktop"= "NoActiveDesktopChanges"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer" "C:\Program Files\INTERAL\IMC\5.0.2.51026\INTERAL.exe"="C:\Program Files\INTERAL\IMC\5.0.2.51026\INTERAL.exe:*:Enabled:INTERAL Management Console Application" "C:\Program Files\Netscape\Communicator\Program\netscape.exe"="C:\Program Files\Netscape\Communicator\Program\netscape.exe:*:Enabled:Netscape Navigator" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Sony\Media Manager for WALKMAN\MediaManager.exe"="C:\Program Files\Sony\Media Manager for WALKMAN\MediaManager.exe:*:Enabled:Media Manager for WALKMAN 1.2" "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Disabled:Bonjour" "C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe"="C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Disabled:Kodak Software Updater" "C:\Program Files\LANSchool\Teacher.exe"="C:\Program Files\LANSchool\Teacher.exe:*:Disabled:LanSchool Teacher" "D:\CDS\Nero\Installation\SetupX.exe"="D:\CDS\Nero\Installation\SetupX.exe:*:Enabled:Nero ProductSetup" "C:\WINDOWS\LMI1A.tmp\lmi_rescue.exe"="C:\WINDOWS\LMI1A.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue" "C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Disabled:EasyShare" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\LANSchool\Teacher.exe"="C:\Program Files\LANSchool\Teacher.exe:*:Enabled:LanSchool Teacher" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F] shell\AutoRun\command - F:\LaunchU3.exe ======List of files/folders created in the last 1 months====== 2010-01-11 17:12:47 ----D---- C:\Documents and Settings\All Users\Application Data\FarmFrenzy3_America 2010-01-10 16:03:42 ----D---- C:\Documents and Settings\Administrateur\Application Data\iMaxGen 2010-01-07 20:35:02 ----D---- C:\Documents and Settings\Administrateur\Application Data\Leadertech 2010-01-07 20:34:51 ----D---- C:\Documents and Settings\All Users\Application Data\LogiShrd 2010-01-07 20:33:46 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$ 2010-01-07 20:32:18 ----A---- C:\WINDOWS\system32\BtCoreIf.dll 2010-01-07 20:31:40 ----D---- C:\Documents and Settings\All Users\Application Data\Logitech 2010-01-07 20:31:29 ----D---- C:\Program Files\Fichiers communs\Logishrd 2010-01-06 16:04:50 ----D---- C:\Program Files\Spybot - Search & Destroy 2010-01-06 15:48:38 ----D---- C:\Documents and Settings\All Users\Application Data\LightScribe 2010-01-05 23:13:44 ----D---- C:\Documents and Settings\All Users\Application Data\EscapeTheMuseum2 2010-01-04 17:31:25 ----A---- C:\TB.txt 2010-01-04 17:30:35 ----D---- C:\ToolBar SD 2009-12-26 22:13:16 ----D---- C:\Documents and Settings\Administrateur\Application Data\Pogo Games 2009-12-26 21:37:46 ----D---- C:\Program Files\Avira 2009-12-26 21:37:46 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2009-12-26 21:26:58 ----D---- C:\Program Files\trend micro 2009-12-26 18:22:03 ----D---- C:\WINDOWS\pss 2009-12-22 21:49:53 ----D---- C:\rsit 2009-12-21 17:58:41 ----D---- C:\SOPHTEMP 2009-12-19 22:00:36 ----A---- C:\FindyKill.txt 2009-12-19 17:32:46 ----D---- C:\FindyKill 2009-12-19 16:41:19 ----D---- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes 2009-12-19 16:41:11 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-12-19 16:41:11 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-12-19 01:24:42 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-12-19 01:06:35 ----A---- C:\WINDOWS\system32\19718.exe 2009-12-19 00:46:35 ----A---- C:\WINDOWS\system32\18716.exe 2009-12-19 00:26:35 ----A---- C:\WINDOWS\system32\17421.exe 2009-12-19 00:06:34 ----A---- C:\WINDOWS\system32\12382.exe 2009-12-18 23:46:34 ----A---- C:\WINDOWS\system32\292.exe 2009-12-18 23:26:34 ----A---- C:\WINDOWS\system32\153.exe 2009-12-18 23:06:34 ----A---- C:\WINDOWS\system32\3902.exe 2009-12-18 22:46:34 ----A---- C:\WINDOWS\system32\14604.exe 2009-12-18 22:26:33 ----A---- C:\WINDOWS\system32\32391.exe 2009-12-18 22:06:32 ----A---- C:\WINDOWS\system32\5436.exe 2009-12-18 21:46:32 ----A---- C:\WINDOWS\system32\4827.exe 2009-12-18 21:26:31 ----A---- C:\WINDOWS\system32\11942.exe 2009-12-18 21:06:31 ----A---- C:\WINDOWS\system32\2995.exe 2009-12-18 20:46:30 ----A---- C:\WINDOWS\system32\491.exe 2009-12-18 20:26:30 ----A---- C:\WINDOWS\system32\9961.exe 2009-12-18 20:06:30 ----A---- C:\WINDOWS\system32\16827.exe 2009-12-18 19:46:29 ----A---- C:\WINDOWS\system32\23281.exe 2009-12-18 19:26:29 ----A---- C:\WINDOWS\system32\28145.exe 2009-12-18 19:06:29 ----A---- C:\WINDOWS\system32\5705.exe 2009-12-18 18:46:28 ----A---- C:\WINDOWS\system32\24464.exe 2009-12-18 18:26:28 ----A---- C:\WINDOWS\system32\26962.exe 2009-12-18 18:06:28 ----A---- C:\WINDOWS\system32\29358.exe 2009-12-18 17:46:28 ----A---- C:\WINDOWS\system32\11478.exe 2009-12-18 17:26:28 ----A---- C:\WINDOWS\system32\15724.exe 2009-12-18 17:06:28 ----A---- C:\WINDOWS\system32\19169.exe 2009-12-18 16:46:28 ----A---- C:\WINDOWS\system32\26500.exe 2009-12-18 16:26:28 ----A---- C:\WINDOWS\system32\6334.exe 2009-12-18 16:06:27 ----A---- C:\WINDOWS\system32\18467.exe 2009-12-18 15:05:06 ----A---- C:\dror.exe 2009-12-17 21:38:46 ----D---- C:\Documents and Settings\All Users\Application Data\Gamers Digital 2009-12-17 21:38:46 ----D---- C:\Documents and Settings\Administrateur\Application Data\Gamers Digital 2009-12-17 19:00:04 ----SHD---- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} 2009-12-16 23:46:01 ----D---- C:\WINDOWS\LMI1A.tmp 2009-12-16 21:31:52 ----D---- C:\Program Files\RegSeeker 2009-12-16 21:05:21 ----D---- C:\Program Files\Registry Mechanic 2009-12-16 20:45:54 ----D---- C:\Program Files\Lavalys 2009-12-16 20:36:12 ----A---- C:\WINDOWS\lgfwup.ini 2009-12-16 20:36:07 ----A---- C:\WINDOWS\system32\VB6KO.DLL 2009-12-16 20:36:07 ----A---- C:\WINDOWS\system32\lgfwunis.exe 2009-12-16 20:36:06 ----D---- C:\Program Files\lg_fwupdate 2009-12-16 20:28:46 ----D---- C:\Program Files\Fichiers communs\LightScribe 2009-12-16 20:23:14 ----D---- C:\Program Files\Nero 2009-12-16 20:23:14 ----D---- C:\Documents and Settings\All Users\Application Data\Nero 2009-12-16 20:22:30 ----A---- C:\WINDOWS\system32\d3dx9_30.dll 2009-12-16 20:22:23 ----A---- C:\WINDOWS\system32\d3dx9_28.dll 2009-12-16 19:41:21 ----A---- C:\WINDOWS\RegGenie.ini 2009-12-16 19:35:54 ----D---- C:\Program Files\RegGenie 2009-12-16 18:20:32 ----D---- C:\Documents and Settings\Administrateur\Application Data\Uniblue 2009-12-15 22:37:38 ----D---- C:\Documents and Settings\All Users\Application Data\rionix 2009-12-15 20:03:00 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$ 2009-12-15 18:17:59 ----D---- C:\Documents and Settings\Administrateur\Application Data\WinRAR 2009-12-15 18:17:05 ----D---- C:\Program Files\WinRAR 2009-12-15 15:20:22 ----D---- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters ======List of files/folders modified in the last 1 months====== 2010-01-12 19:42:03 ----D---- C:\WINDOWS\Prefetch 2010-01-12 19:24:16 ----D---- C:\WINDOWS\Temp 2010-01-12 19:23:42 ----D---- C:\WINDOWS\system32\CatRoot2 2010-01-10 18:52:55 ----D---- C:\WINDOWS\network diagnostic 2010-01-10 16:02:38 ----D---- C:\Program Files\WildGames 2010-01-08 23:29:55 ----D---- C:\Documents and Settings\All Users\Application Data\WildTangent 2010-01-07 20:37:57 ----D---- C:\WINDOWS 2010-01-07 20:35:02 ----SHD---- C:\WINDOWS\Installer 2010-01-07 20:35:02 ----SHD---- C:\Config.Msi 2010-01-07 20:34:49 ----D---- C:\WINDOWS\WinSxS 2010-01-07 20:34:28 ----HD---- C:\WINDOWS\inf 2010-01-07 20:34:18 ----D---- C:\WINDOWS\system32\drivers 2010-01-07 20:34:16 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-01-07 20:34:11 ----D---- C:\WINDOWS\system32 2010-01-07 20:32:13 ----D---- C:\Program Files\Fichiers communs\Logitech 2010-01-07 20:31:36 ----HD---- C:\Program Files\InstallShield Installation Information 2010-01-07 20:31:29 ----D---- C:\Program Files\Fichiers communs 2010-01-07 18:37:46 ----RD---- C:\Program Files 2010-01-07 00:57:57 ----D---- C:\Documents and Settings\All Users\Application Data\MumboJumbo 2010-01-06 21:24:53 ----D---- C:\Documents and Settings\Administrateur\Application Data\Friday's games 2010-01-06 19:39:25 ----D---- C:\WINDOWS\Help 2010-01-06 17:36:21 ----D---- C:\Documents and Settings\Administrateur\Application Data\U3 2010-01-06 17:25:34 ----A---- C:\WINDOWS\system.ini 2010-01-06 17:01:22 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2010-01-06 17:01:13 ----SD---- C:\WINDOWS\Tasks 2010-01-05 22:27:05 ----D---- C:\Documents and Settings\Administrateur\Application Data\PlayFirst 2009-12-27 18:04:56 ----D---- C:\Documents and Settings\Administrateur\Application Data\LimeWire 2009-12-27 15:17:35 ----HD---- C:\WINDOWS\PIF 2009-12-27 15:08:59 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$ 2009-12-26 22:21:29 ----D---- C:\Documents and Settings\Administrateur\Application Data\ZoomBrowser EX 2009-12-26 22:17:39 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2009-12-26 20:02:09 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe 2009-12-26 19:58:09 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip 2009-12-26 19:57:00 ----SD---- C:\Documents and Settings\Administrateur\Application Data\Microsoft 2009-12-26 19:56:55 ----D---- C:\Documents and Settings\All Users\Application Data\avg9 2009-12-26 19:56:21 ----D---- C:\Documents and Settings 2009-12-26 19:51:33 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software 2009-12-26 18:24:20 ----SH---- C:\boot.ini 2009-12-26 18:24:20 ----A---- C:\WINDOWS\win.ini 2009-12-26 18:20:10 ----SHD---- C:\System Volume Information 2009-12-26 18:20:10 ----D---- C:\WINDOWS\system32\Restore 2009-12-19 22:05:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-12-19 16:57:00 ----SHD---- C:\WINDOWS\CSC 2009-12-19 13:54:46 ----D---- C:\Program Files\Google 2009-12-19 00:40:22 ----D---- C:\WINDOWS\Debug 2009-12-19 00:40:18 ----D---- C:\WINDOWS\Minidump 2009-12-18 18:27:09 ----D---- C:\Documents and Settings\All Users\Application Data\Kodak 2009-12-16 21:13:34 ----D---- C:\WINDOWS\system32\config 2009-12-16 20:30:33 ----D---- C:\Program Files\Fichiers communs\Ahead 2009-12-16 20:25:58 ----D---- C:\Documents and Settings\All Users\Application Data\Ahead 2009-12-16 20:22:32 ----D---- C:\WINDOWS\system32\DirectX 2009-12-16 20:05:13 ----D---- C:\Program Files\CyberLink 2009-12-16 19:35:55 ----RSD---- C:\WINDOWS\Fonts 2009-12-15 20:05:14 ----D---- C:\WINDOWS\AppPatch 2009-12-15 20:01:57 ----HD---- C:\WINDOWS\$hf_mig$ 2009-12-15 15:20:07 ----RSD---- C:\WINDOWS\assembly ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 BANTExt;Belarc SMBios Access; C:\WINDOWS\System32\Drivers\BANTExt.sys [2003-03-06 3840] R1 DcCam;Kodak Camera Proxy; C:\WINDOWS\system32\DRIVERS\DcCam.sys [2005-06-16 37150] R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2007-11-26 36776] R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2007-11-26 38440] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032] R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2002-08-14 17005] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-11-25 56816] R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS [] R2 DCFS2K;Kodak DCFS2K Driver; C:\WINDOWS\system32\drivers\dcfs2k.sys [2005-03-31 38673] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752] R2 LBeepKE;LBeepKE; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2006-09-01 3712] R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-03-13 100224] R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2003-11-21 113152] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2009-06-17 20240] R3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2009-06-17 63248] R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2009-06-17 35472] R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2009-06-17 37392] R3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2009-06-17 79248] R3 lsmirror;lsmirror; C:\WINDOWS\system32\DRIVERS\lsmirror.sys [2005-11-28 5632] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-03 6554496] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-03-19 542976] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000] R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2007-11-26 118952] S1 Exportit;Exportit; C:\WINDOWS\system32\DRIVERS\exportit.sys [2005-03-31 152081] S3 DcFpoint;DcFpoint; C:\WINDOWS\system32\DRIVERS\DcFpoint.sys [2005-03-31 61564] S3 DcLps;Legacy Polling Service; C:\WINDOWS\system32\DRIVERS\DcLps.sys [2005-03-31 8022] S3 DcPTP;dcptp; C:\WINDOWS\system32\DRIVERS\DcPTP.sys [2005-03-31 70262] S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [] S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-09-30 752093] S3 LHidKe;SetPoint HID Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidKE.Sys [2006-07-19 27136] S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [] S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [] S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [] S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [] S3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-13 73600] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AGWinService;AG Windows Service; C:\Program Files\AGI\common\win32\PythonService.exe [2008-09-24 10240] R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2007-01-31 96370] R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2008-07-21 54784] R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-11-26 1554728] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2007-12-05 79136] R2 LogWatch;Event Log Watch; C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe [2002-09-20 53248] R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2008-01-31 303104] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056] R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-11-27 604488] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392] S2 gupdate1c9ff6270c083b4;Service Google Update (gupdate1c9ff6270c083b4); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-07 133104] S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-07 190448] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [] S3 CA_LIC_CLNT;Client de licence CA; C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe [2002-09-20 77824] S3 CA_LIC_SRVR;Serveur de licence CA; C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe [2002-09-20 77824] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 GameConsoleService;GameConsoleService; C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe [2010-01-04 238328] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 KodakCCS;Kodak Camera Connection Software; C:\WINDOWS\system32\drivers\KodakCCS.exe [2005-03-30 411920] S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe [2009-07-20 121360] S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-09-17 800040] S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 SerialKeys;SerialKeys; C:\WINDOWS\system32\skeys.exe [2008-04-13 26112] S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-12-26 361288] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------

Oui je l'ai fait!!! J'ai juste oublié de le mettre!!! Désoler. -----------\\ ToolBar S&D 1.2.6 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : Intel® Pentium® 4 CPU 2.53GHz ) BIOS : 786B2 v1.10 USER : Administrateur ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.32 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:37 Go (Free:22 Go) D:\ (CD or DVD) E:\ (Local Disk) - NTFS - Total:93 Go (Free:75 Go) "C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 ) Option : [2] ( 2010-01-06|17:51 ) -----------\\ SUPPRESSION Supprime! - C:\Program Files\GamesBar\Localization-French.ini Supprime! - C:\Program Files\GamesBar -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://ca.msn.com/defaultf.aspx" "Search Page"="http://www.google.com" "Search Bar"="http://www.google.com/ie" "SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}" "Start Page Redirect Cache"="http://sympatico.msn.ca/defaultf.aspx?lang=fr-ca&ocid=iehp" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://www.msn.com/" --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\ADMINI~1\Favoris\EASY CRACKS - the largest cracks keygens and serials database.url C:\DOCUME~1\ADMINI~1\Mes documents\Mes fichiers re‡us\tuneup_utilities_2009_v8_0_2000_35_keygen_only_tun_93813.rar C:\DOCUME~1\ADMINI~1\Mes documents\TuneUp.Utilities.2010.v9.0.2000.16.Keymaker.Only-CORE\keygen.exe C:\DOCUME~1\ALLUSE~1\Application Data\SpecialBit\Haunted Hotel 2\cached\sounds\nearBoiler\WOOD CRACKING 1.wav 1 - "C:\ToolBar SD\TB_1.txt" - 2010-01-04|17:33 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - 2010-01-06|17:54 - Option : [2] -----------\\ Fin du rapport a 17:54:34.10

Voici le résultat je crois que c ok!!! Merci beaucoup pour ton aide!!! Malwarebytes' Anti-Malware 1.43 Version de la base de données: 3504 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 2010-01-06 18:09:51 mbam-log-2010-01-06 (18-09-51).txt Type de recherche: Examen rapide Eléments examinés: 112411 Temps écoulé: 11 minute(s), 10 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

Désoler pour le délai!! Voici les résultats -----------\\ ToolBar S&D 1.2.6 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : Intel® Pentium® 4 CPU 2.53GHz ) BIOS : 786B2 v1.10 USER : Administrateur ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.32 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:37 Go (Free:23 Go) D:\ (CD or DVD) E:\ (Local Disk) - NTFS - Total:93 Go (Free:75 Go) "C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 ) Option : [1] ( 2010-01-04|17:31 ) -----------\\ Recherche de Fichiers / Dossiers ... C:\Program Files\GamesBar C:\Program Files\GamesBar\Localization-French.ini -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://ca.msn.com/defaultf.aspx" "Search Page"="http://www.google.com" "Search Bar"="http://www.google.com/ie" "SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}" "Start Page Redirect Cache"="http://sympatico.msn.ca/defaultf.aspx?lang=fr-ca&ocid=iehp" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\ADMINI~1\Favoris\EASY CRACKS - the largest cracks keygens and serials database.url C:\DOCUME~1\ADMINI~1\Mes documents\Mes fichiers re‡us\tuneup_utilities_2009_v8_0_2000_35_keygen_only_tun_93813.rar C:\DOCUME~1\ADMINI~1\Mes documents\TuneUp.Utilities.2010.v9.0.2000.16.Keymaker.Only-CORE\keygen.exe C:\DOCUME~1\ALLUSE~1\Application Data\SpecialBit\Haunted Hotel 2\cached\sounds\nearBoiler\WOOD CRACKING 1.wav 1 - "C:\ToolBar SD\TB_1.txt" - 2010-01-04|17:33 - Option : [1] -----------\\ Fin du rapport a 17:33:06.98

Voici le 2 ièmes Logfile of random's system information tool 1.06 (written by random/random) Run by Administrateur at 2009-12-26 21:31:10 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 24 GB (62%) free of 38 GB Total RAM: 1279 MB (57% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:31:59, on 2009-12-26 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\System32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\a-squared Free\a2service.exe C:\Program Files\AGI\common\win32\PythonService.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\Program Files\BellCanada\McciTrayApp.exe C:\Program Files\Kiwee Toolbar\2.9.201\kwtbaim.exe C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe C:\Program Files\Nero\Nero 7\InCD\InCD.exe C:\Program Files\lg_fwupdate\fwupdate.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Motive\McciCMService.exe C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\TUProgSt.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Documents and Settings\Administrateur\Application Data\U3\08C04960A37388F3\LaunchPad.exe C:\WINDOWS\system32\wuauclt.exe G:\RSIT.exe C:\Program Files\trend micro\Administrateur.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ca.msn.com/defaultf.aspx R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = C:\Program Files\Copernic 2000 Plus\Search Bar.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [bellCanada_McciTrayApp] C:\Program Files\BellCanada\McciTrayApp.exe O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar\2.9.201\kwtbaim.exe" O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [securDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun O4 - HKLM\..\Run: [vhjbarcg] C:\Documents and Settings\Administrateur\Local Settings\Application Data\ccsfho\uxhjsysguard.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [sbhtwami] C:\Documents and Settings\Administrateur\Local Settings\Application Data\qbeege\pgtgsysguard.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [vhjbarcg] C:\Documents and Settings\Administrateur\Local Settings\Application Data\ccsfho\uxhjsysguard.exe O4 - HKCU\..\Run: [sbhtwami] C:\Documents and Settings\Administrateur\Local Settings\Application Data\qbeege\pgtgsysguard.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Logitech SetPoint.lnk = ? O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Chercher avec Copernic - file://C:\Program Files\Copernic 2000 Plus\Search Extension.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {2A465934-E5F0-11D2-91B5-00104B9C4765} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Lancer Copernic - {2A465934-E5F0-11D2-91B5-00104B9C4765} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Copernic - {2A465936-E5F0-11D2-91B5-00104B9C4765} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll O15 - Trusted Zone: http://www.pogo.com O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: High Stakes Pool by pogo - http://game3.pogo.com/v/9.0.1.23/applet/pool2/pool-en_US.cab O16 - DPF: Lottso by pogo - http://game3.pogo.com/v/9.0.1.7/applet/lot...ottso-en_US.cab O16 - DPF: Thousand Island Solitaire by pogo - http://game3.pogo.com/v/9.0.1.10/applet/mi...lbrae-en_US.cab O16 - DPF: Word Search Daily by pogo - http://game3.pogo.com/v/9.0.1.7/applet/wor...earch-en_US.cab O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo...sreqlab_nvd.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1208740950546 O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab O16 - DPF: {9b935470-ad4a-11d5-b63e-00c04faedb18} - O16 - DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} (DinerDash Control) - http://www.worldwinner.com/games/v50/dinerdash/dinerdash.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photo...ol/MSNPUpld.cab O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe O23 - Service: Service Google Update (gupdate1c9ff6270c083b4) (gupdate1c9ff6270c083b4) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 14683 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\Google Software Updater.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\Maintenance automatique.job C:\WINDOWS\tasks\Malwarebytes' Scheduled Scan for Administrateur.job C:\WINDOWS\tasks\Malwarebytes' Scheduled Update for Administrateur.job C:\WINDOWS\tasks\User_Feed_Synchronization-{0A4F36C1-5DDF-446E-A6B2-D244BDFC27BB}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] &Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2009-07-30 909040] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}] Kiwee Toolbar - C:\Program Files\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll [2009-08-11 277648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-02 263280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-14 764912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - Kiwee Toolbar - C:\Program Files\Kiwee Toolbar\2.9.201\KiweeIEToolbar.dll [2009-08-11 277648] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Barre d'outils - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2009-07-30 909040] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-02 263280] {CCC7A320-B3CA-4199-B1A6-9F516DD69829} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "smapp"=C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2003-01-31 98304] "BellCanada_McciTrayApp"=C:\Program Files\BellCanada\McciTrayApp.exe [2008-12-07 1471488] "KiweeHook"=C:\Program Files\Kiwee Toolbar\2.9.201\kwtbaim.exe [2009-08-11 56456] "Logitech Hardware Abstraction Layer"=KHALMNPR.EXE [] ""= [] "Kernel and Hardware Abstraction Layer"=KHALMNPR.EXE [] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088] "nwiz"=nwiz.exe /install [] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-03 86016] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-11-10 417792] "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-01 153136] "SecurDisc"=C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [2007-11-26 1629480] "InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2007-11-26 1057064] "LGODDFU"=C:\Program Files\lg_fwupdate\fwupdate.exe [2009-12-16 557056] "vhjbarcg"=C:\Documents and Settings\Administrateur\Local Settings\Application Data\ccsfho\uxhjsysguard.exe [2009-12-18 250624] "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-02-11 399504] "sbhtwami"=C:\Documents and Settings\Administrateur\Local Settings\Application Data\qbeege\pgtgsysguard.exe [2009-12-22 280832] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-07 39408] "LightScribe Control Panel"=C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [2007-12-05 2295072] "vhjbarcg"=C:\Documents and Settings\Administrateur\Local Settings\Application Data\ccsfho\uxhjsysguard.exe [2009-12-18 250624] "sbhtwami"=C:\Documents and Settings\Administrateur\Local Settings\Application Data\qbeege\pgtgsysguard.exe [2009-12-22 280832] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\System32\igfxsrvc.dll [2004-09-30 344064] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\System32\WgaLogon.dll [2009-03-10 265088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoSetActiveDesktop"=0 "NoActiveDesktopChanges"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoSetActiveDesktop"= "NoActiveDesktopChanges"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer" "C:\Program Files\INTERAL\IMC\5.0.2.51026\INTERAL.exe"="C:\Program Files\INTERAL\IMC\5.0.2.51026\INTERAL.exe:*:Enabled:INTERAL Management Console Application" "C:\Program Files\Netscape\Communicator\Program\netscape.exe"="C:\Program Files\Netscape\Communicator\Program\netscape.exe:*:Enabled:Netscape Navigator" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Sony\Media Manager for WALKMAN\MediaManager.exe"="C:\Program Files\Sony\Media Manager for WALKMAN\MediaManager.exe:*:Enabled:Media Manager for WALKMAN 1.2" "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Disabled:Bonjour" "C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe"="C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Disabled:Kodak Software Updater" "C:\Program Files\LANSchool\Teacher.exe"="C:\Program Files\LANSchool\Teacher.exe:*:Disabled:LanSchool Teacher" "D:\CDS\Nero\Installation\SetupX.exe"="D:\CDS\Nero\Installation\SetupX.exe:*:Enabled:Nero ProductSetup" "C:\WINDOWS\LMI1A.tmp\lmi_rescue.exe"="C:\WINDOWS\LMI1A.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue" "C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Disabled:EasyShare" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\LANSchool\Teacher.exe"="C:\Program Files\LANSchool\Teacher.exe:*:Enabled:LanSchool Teacher" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F] shell\AutoRun\command - F:\LaunchU3.exe ======List of files/folders created in the last 1 months====== 2009-12-26 21:26:58 ----D---- C:\Program Files\trend micro 2009-12-26 18:22:03 ----D---- C:\WINDOWS\pss 2009-12-22 21:49:53 ----D---- C:\rsit 2009-12-21 17:58:41 ----D---- C:\SOPHTEMP 2009-12-19 22:00:36 ----A---- C:\FindyKill.txt 2009-12-19 17:32:46 ----D---- C:\FindyKill 2009-12-19 16:41:19 ----D---- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes 2009-12-19 16:41:11 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-12-19 16:41:11 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-12-19 01:24:42 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-12-19 01:06:35 ----A---- C:\WINDOWS\system32\19718.exe 2009-12-19 00:46:35 ----A---- C:\WINDOWS\system32\18716.exe 2009-12-19 00:26:35 ----A---- C:\WINDOWS\system32\17421.exe 2009-12-19 00:06:34 ----A---- C:\WINDOWS\system32\12382.exe 2009-12-18 23:46:34 ----A---- C:\WINDOWS\system32\292.exe 2009-12-18 23:26:34 ----A---- C:\WINDOWS\system32\153.exe 2009-12-18 23:06:34 ----A---- C:\WINDOWS\system32\3902.exe 2009-12-18 22:46:34 ----A---- C:\WINDOWS\system32\14604.exe 2009-12-18 22:26:33 ----A---- C:\WINDOWS\system32\32391.exe 2009-12-18 22:06:32 ----A---- C:\WINDOWS\system32\5436.exe 2009-12-18 21:46:32 ----A---- C:\WINDOWS\system32\4827.exe 2009-12-18 21:26:31 ----A---- C:\WINDOWS\system32\11942.exe 2009-12-18 21:06:31 ----A---- C:\WINDOWS\system32\2995.exe 2009-12-18 20:46:30 ----A---- C:\WINDOWS\system32\491.exe 2009-12-18 20:26:30 ----A---- C:\WINDOWS\system32\9961.exe 2009-12-18 20:06:30 ----A---- C:\WINDOWS\system32\16827.exe 2009-12-18 19:46:29 ----A---- C:\WINDOWS\system32\23281.exe 2009-12-18 19:26:29 ----A---- C:\WINDOWS\system32\28145.exe 2009-12-18 19:06:29 ----A---- C:\WINDOWS\system32\5705.exe 2009-12-18 18:46:28 ----A---- C:\WINDOWS\system32\24464.exe 2009-12-18 18:26:28 ----A---- C:\WINDOWS\system32\26962.exe 2009-12-18 18:06:28 ----A---- C:\WINDOWS\system32\29358.exe 2009-12-18 17:46:28 ----A---- C:\WINDOWS\system32\11478.exe 2009-12-18 17:26:28 ----A---- C:\WINDOWS\system32\15724.exe 2009-12-18 17:06:28 ----A---- C:\WINDOWS\system32\19169.exe 2009-12-18 16:46:28 ----A---- C:\WINDOWS\system32\26500.exe 2009-12-18 16:26:28 ----A---- C:\WINDOWS\system32\6334.exe 2009-12-18 16:06:27 ----A---- C:\WINDOWS\system32\18467.exe 2009-12-18 15:15:05 ----A---- C:\WINDOWS\system32\41.exe 2009-12-18 15:15:04 ----A---- C:\WINDOWS\system32\AVR10.exe 2009-12-18 15:15:01 ----A---- C:\WINDOWS\system32\winhelper86.dll 2009-12-18 15:05:06 ----A---- C:\dror.exe 2009-12-17 21:38:46 ----D---- C:\Documents and Settings\All Users\Application Data\Gamers Digital 2009-12-17 21:38:46 ----D---- C:\Documents and Settings\Administrateur\Application Data\Gamers Digital 2009-12-17 19:00:04 ----SHD---- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} 2009-12-16 23:46:01 ----D---- C:\WINDOWS\LMI1A.tmp 2009-12-16 21:31:52 ----D---- C:\Program Files\RegSeeker 2009-12-16 21:05:21 ----D---- C:\Program Files\Registry Mechanic 2009-12-16 20:45:54 ----D---- C:\Program Files\Lavalys 2009-12-16 20:36:12 ----A---- C:\WINDOWS\lgfwup.ini 2009-12-16 20:36:07 ----A---- C:\WINDOWS\system32\VB6KO.DLL 2009-12-16 20:36:07 ----A---- C:\WINDOWS\system32\lgfwunis.exe 2009-12-16 20:36:06 ----D---- C:\Program Files\lg_fwupdate 2009-12-16 20:28:46 ----D---- C:\Program Files\Fichiers communs\LightScribe 2009-12-16 20:23:14 ----D---- C:\Program Files\Nero 2009-12-16 20:23:14 ----D---- C:\Documents and Settings\All Users\Application Data\Nero 2009-12-16 20:22:30 ----A---- C:\WINDOWS\system32\d3dx9_30.dll 2009-12-16 20:22:23 ----A---- C:\WINDOWS\system32\d3dx9_28.dll 2009-12-16 19:41:21 ----A---- C:\WINDOWS\RegGenie.ini 2009-12-16 19:35:55 ----A---- C:\WINDOWS\RegGenieOnUninstall.exe 2009-12-16 19:35:54 ----D---- C:\Program Files\RegGenie 2009-12-16 18:20:32 ----D---- C:\Documents and Settings\Administrateur\Application Data\Uniblue 2009-12-15 22:37:38 ----D---- C:\Documents and Settings\All Users\Application Data\rionix 2009-12-15 20:03:00 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$ 2009-12-15 18:17:59 ----D---- C:\Documents and Settings\Administrateur\Application Data\WinRAR 2009-12-15 18:17:05 ----D---- C:\Program Files\WinRAR 2009-12-15 15:20:22 ----D---- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters 2009-12-12 21:31:50 ----D---- C:\Documents and Settings\Administrateur\Application Data\Enlightenus 2009-12-09 17:09:08 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$ 2009-12-09 17:08:47 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$ 2009-12-09 17:07:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$ 2009-12-09 17:07:26 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$ 2009-12-09 17:07:09 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$ 2009-12-08 21:21:34 ----D---- C:\Documents and Settings\Administrateur\Application Data\MastersOfMystery2 2009-12-07 23:15:09 ----D---- C:\Documents and Settings\Administrateur\Application Data\VampireSaga 2009-12-03 18:05:34 ----D---- C:\Documents and Settings\All Users\Application Data\SOS 2009-12-03 09:31:12 ----D---- C:\Program Files\AVG 2009-12-03 09:31:07 ----D---- C:\Documents and Settings\All Users\Application Data\avg9 2009-12-03 08:36:56 ----D---- C:\Program Files\a-squared Free 2009-11-27 16:30:51 ----A---- C:\WINDOWS\system32\TUProgSt.exe 2009-11-27 16:30:46 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe ======List of files/folders modified in the last 1 months====== 2009-12-26 21:26:58 ----RD---- C:\Program Files 2009-12-26 21:26:03 ----D---- C:\Documents and Settings\Administrateur\Application Data\U3 2009-12-26 21:18:15 ----D---- C:\WINDOWS\Temp 2009-12-26 21:17:55 ----D---- C:\WINDOWS 2009-12-26 20:05:17 ----D---- C:\WINDOWS\system32 2009-12-26 19:59:28 ----SHD---- C:\WINDOWS\Installer 2009-12-26 19:59:25 ----SHD---- C:\Config.Msi 2009-12-26 19:59:25 ----D---- C:\WINDOWS\system32\drivers 2009-12-26 19:59:25 ----D---- C:\WINDOWS\Help 2009-12-26 19:58:09 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip 2009-12-26 19:57:00 ----SD---- C:\Documents and Settings\Administrateur\Application Data\Microsoft 2009-12-26 19:56:21 ----D---- C:\Documents and Settings 2009-12-26 19:51:33 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software 2009-12-26 19:50:52 ----SD---- C:\WINDOWS\Tasks 2009-12-26 18:24:20 ----SH---- C:\boot.ini 2009-12-26 18:24:20 ----A---- C:\WINDOWS\win.ini 2009-12-26 18:24:20 ----A---- C:\WINDOWS\system.ini 2009-12-26 18:22:13 ----D---- C:\WINDOWS\Prefetch 2009-12-26 18:20:10 ----SHD---- C:\System Volume Information 2009-12-26 18:20:10 ----D---- C:\WINDOWS\system32\Restore 2009-12-19 22:05:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-12-19 21:25:26 ----D---- C:\WINDOWS\network diagnostic 2009-12-19 16:57:00 ----SHD---- C:\WINDOWS\CSC 2009-12-19 14:53:16 ----D---- C:\WINDOWS\system32\CatRoot2 2009-12-19 13:54:46 ----D---- C:\Program Files\Google 2009-12-19 00:40:22 ----D---- C:\WINDOWS\Debug 2009-12-19 00:40:18 ----D---- C:\WINDOWS\Minidump 2009-12-18 18:30:50 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-12-18 18:27:09 ----D---- C:\Documents and Settings\All Users\Application Data\Kodak 2009-12-17 23:01:19 ----D---- C:\Documents and Settings\All Users\Application Data\WildTangent 2009-12-17 22:06:27 ----D---- C:\Program Files\WildGames 2009-12-17 00:10:43 ----HD---- C:\WINDOWS\inf 2009-12-16 22:20:44 ----D---- C:\Program Files\Fichiers communs 2009-12-16 21:43:30 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2009-12-16 21:13:34 ----D---- C:\WINDOWS\system32\config 2009-12-16 20:36:06 ----HD---- C:\Program Files\InstallShield Installation Information 2009-12-16 20:30:33 ----D---- C:\Program Files\Fichiers communs\Ahead 2009-12-16 20:25:58 ----D---- C:\Documents and Settings\All Users\Application Data\Ahead 2009-12-16 20:22:32 ----D---- C:\WINDOWS\system32\DirectX 2009-12-16 20:05:13 ----D---- C:\Program Files\CyberLink 2009-12-16 19:35:55 ----RSD---- C:\WINDOWS\Fonts 2009-12-15 20:05:14 ----D---- C:\WINDOWS\AppPatch 2009-12-15 20:03:03 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-12-15 20:01:57 ----HD---- C:\WINDOWS\$hf_mig$ 2009-12-15 15:20:07 ----RSD---- C:\WINDOWS\assembly 2009-12-12 21:11:37 ----D---- C:\Documents and Settings\All Users\Application Data\BigFishGamesCache 2009-12-11 21:38:37 ----D---- C:\Documents and Settings\Administrateur\Application Data\Alawar 2009-12-10 22:28:18 ----D---- C:\Documents and Settings\All Users\Application Data\Merscom 2009-12-09 17:08:27 ----D---- C:\Program Files\Internet Explorer 2009-12-08 23:35:52 ----D---- C:\Documents and Settings\Administrateur\Application Data\PlayFirst 2009-12-05 23:52:39 ----D---- C:\WINDOWS\fontstore 2009-12-05 22:20:04 ----A---- C:\WINDOWS\winhelp.ini 2009-12-03 16:56:19 ----D---- C:\Program Files\Copernic 2000 Plus 2009-12-03 09:30:32 ----D---- C:\WINDOWS\WinSxS 2009-12-03 09:30:32 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2009-12-03 08:39:53 ----SHD---- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357} 2009-12-03 08:39:47 ----D---- C:\TuneUp Utilities 2008 2009-12-02 22:37:14 ----D---- C:\Documents and Settings\Administrateur\Application Data\ZoomBrowser EX 2009-12-02 21:28:35 ----D---- C:\Program Files\AIDA32 - Enterprise System Information 2009-12-01 15:06:19 ----A---- C:\WINDOWS\system32\MRT.exe 2009-11-30 00:57:42 ----D---- C:\Program Files\Oberon Media 2009-11-27 21:56:41 ----D---- C:\Documents and Settings\All Users\Application Data\Fugazo ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 BANTExt;Belarc SMBios Access; C:\WINDOWS\System32\Drivers\BANTExt.sys [2003-03-06 3840] R1 DcCam;Kodak Camera Proxy; C:\WINDOWS\system32\DRIVERS\DcCam.sys [2005-06-16 37150] R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2007-11-26 36776] R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2007-11-26 38440] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032] R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2002-08-14 17005] R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS [] R2 DCFS2K;Kodak DCFS2K Driver; C:\WINDOWS\system32\drivers\dcfs2k.sys [2005-03-31 38673] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752] R2 LBeepKE;LBeepKE; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2006-09-01 3712] R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-03-13 100224] R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2003-11-21 113152] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2006-07-19 13568] R3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2006-07-19 55936] R3 LHidKe;SetPoint HID Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidKE.Sys [2006-07-19 27136] R3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2006-07-19 71936] R3 lsmirror;lsmirror; C:\WINDOWS\system32\DRIVERS\lsmirror.sys [2005-11-28 5632] R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-03 6554496] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-03-19 542976] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2007-11-26 118952] S1 Exportit;Exportit; C:\WINDOWS\system32\DRIVERS\exportit.sys [2005-03-31 152081] S3 DcFpoint;DcFpoint; C:\WINDOWS\system32\DRIVERS\DcFpoint.sys [2005-03-31 61564] S3 DcLps;Legacy Polling Service; C:\WINDOWS\system32\DRIVERS\DcLps.sys [2005-03-31 8022] S3 DcPTP;dcptp; C:\WINDOWS\system32\DRIVERS\DcPTP.sys [2005-03-31 70262] S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [] S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-09-30 752093] S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [] S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [] S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [] S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [] S3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-13 73600] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-10-01 1858144] R2 AGWinService;AG Windows Service; C:\Program Files\AGI\common\win32\PythonService.exe [2008-09-24 10240] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2007-01-31 96370] R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2008-07-21 54784] R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-11-26 1554728] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2007-12-05 79136] R2 LogWatch;Event Log Watch; C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe [2002-09-20 53248] R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2009-02-11 179856] R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2008-01-31 303104] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056] R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-11-27 604488] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392] S2 gupdate1c9ff6270c083b4;Service Google Update (gupdate1c9ff6270c083b4); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-07 133104] S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-07 190448] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2008-07-05 69120] S3 CA_LIC_CLNT;Client de licence CA; C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe [2002-09-20 77824] S3 CA_LIC_SRVR;Serveur de licence CA; C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe [2002-09-20 77824] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 GameConsoleService;GameConsoleService; C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe [2009-11-13 238328] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 KodakCCS;Kodak Camera Connection Software; C:\WINDOWS\system32\drivers\KodakCCS.exe [2005-03-30 411920] S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-09-17 800040] S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 SerialKeys;SerialKeys; C:\WINDOWS\system32\skeys.exe [2008-04-13 26112] S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-12-26 361288] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------

Salut j'ai finallement réussi a faire fonctionner le fameux RSIT voici un des 2 résultats!!!info.txt logfile of random's system information tool 1.06 2009-12-26 21:27:04 ======Uninstall list====== Groupe de travail Microsoft Project 98-->C:\Program Files\Microsoft Office\Office\Install\wgsetup.exe /w wgsetup.stf -->"C:\Program Files\WildGames\Game Console - WildGames\Uninstall.exe" -->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE -->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 -->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\WINDOWS\NuNInst.exe /UNINSTALL -->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf ACDSee-->C:\PROGRA~1\ACDSYS~1\ACDSee\UNWISE.EXE C:\PROGRA~1\ACDSYS~1\ACDSee\INSTALL.LOG Adobe AIR-->c:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->MsiExec.exe /X{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B} Adobe Reader 7.1.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A71000000002} Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143} Apple Mobile Device Support-->MsiExec.exe /I{AFA20D47-69C3-4030-8DF8-D37466E70F13} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} a-squared Free 4.5-->"C:\Program Files\a-squared Free\unins000.exe" Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2} Belarc Advisor 6.1-->C:\PROGRA~1\Belarc\Advisor\Uninstall.exe C:\PROGRA~1\Belarc\Advisor\INSTALL.LOG Big Fish Games Client-->C:\Program Files\bfgclient\Uninstall.exe Bing Maps 3D-->MsiExec.exe /I{2D87E961-577B-492B-AD54-1368680FB9A7} Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B} Broadcom NetXtreme Ethernet Controller-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{BE6890C7-31EF-478C-812E-1E2899ABFCA9} /l1036 Calendrier de TELUS-->MsiExec.exe /X{61DC7A47-88B3-0FF4-7606-C29F3C4CCADA} Canon Camera Access Library-->"C:\Program Files\Fichiers communs\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini" Canon Digital Camera Solution Disk 40-46 Guide de démarrage des logiciels-->"C:\Program Files\Fichiers communs\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files\Canon\SoftwareStarterGuide-DCSD40_46\Uninst.ini" Canon Guide d'impression personnelle-->"C:\Program Files\Fichiers communs\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files\Canon\Personal Printing Guide\Uninst.ini" Canon MOV Decoder-->"C:\Program Files\Fichiers communs\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files\Canon\Canon MOV Decoder\CanonMOVDecoderUnInstall.ini" Canon MOV Encoder-->"C:\Program Files\Fichiers communs\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files\Canon\Canon MOV Encoder\CanonMOVEncoderUnInstall.ini" Canon MovieEdit Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\MVWUninst.ini" Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini" Canon Utilities CameraWindow DC-->"C:\Program Files\Fichiers communs\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDC\Uninst.ini" Canon Utilities CameraWindow-->"C:\Program Files\Fichiers communs\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowLauncher\Uninst.ini" Canon Utilities MyCamera DC-->"C:\Program Files\Fichiers communs\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\MyCameraDC\Uninst.ini" Canon Utilities MyCamera-->"C:\Program Files\Fichiers communs\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\MyCamera\Uninst.ini" Canon Utilities PhotoStitch-->"C:\Program Files\Fichiers communs\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini" Canon Utilities RemoteCapture Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini" Canon Utilities ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini" Canon ZoomBrowser EX Memory Card Utility-->"C:\Program Files\Fichiers communs\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX MCU\Uninst.ini" CardRd81-->MsiExec.exe /I{54C8FE84-89C4-40E8-976C-439EB0729BD6} CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" CCScore-->MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992} CodeBaby Player (Remove Only) 1.0.2.15-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\codebaby.1.0.2.15.inf,DefaultUninstall,5 Content Transfer-->MsiExec.exe /X{CFADE4AF-C0CF-4A04-A776-741318F1658F} Copernic 2000 Plus-->C:\WINDOWS\IsUn0c0c.exe -f"C:\Program Files\Copernic 2000 Plus\Uninst.isu" -c"C:\Program Files\Copernic 2000 Plus\CopernicUninstall.dll" Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe" Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe" CR2-->MsiExec.exe /I{432C3720-37BF-4BD7-8E49-F38E090246D0} Delicious Emily's Holiday Season-->"C:\Program Files\WildGames\Delicious Emily's Holiday Season\Uninstall.exe" Detective Stories - Hollywood-->"C:\Program Files\WildGames\Detective Stories - Hollywood\Uninstall.exe" ESSBrwr-->MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6} ESSCDBK-->MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD} ESScore-->MsiExec.exe /I{9D8FEE90-0377-49A9-AEFB-525BDE549BA4} ESSCT-->MsiExec.exe /I{8BB4B58A-A402-4DE8-8FCD-287E60B88DD8} ESSgui-->MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A} ESShelp-->MsiExec.exe /I{87843A41-7808-4F2E-B13F-25C1E67CF2FD} ESSini-->MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765} ESSPCD-->MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5} ESSPDock-->MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091} ESSSONIC-->MsiExec.exe /I{4F677FC7-7AA8-412B-A957-F13CBE1C7331} ESSTOOLS-->MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589} ESSTUTOR-->MsiExec.exe /I{CA60320D-6A16-49C8-A34F-84EEF4799567} ESSvpaht-->MsiExec.exe /I{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69} ESSvpot-->MsiExec.exe /I{48C82F7A-F100-4DAB-A310-8E18BF2159E1} EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe" Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D} Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1} Google Chrome-->"C:\Program Files\Google\Chrome\Application\3.0.195.38\Installer\setup.exe" --uninstall --system-level Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Google Earth-->MsiExec.exe /X{C084BC61-E537-11DE-8616-005056806466} HLPIndex-->MsiExec.exe /I{38441BE7-79B0-42B8-8297-833704F949FE} HLPPDOCK-->MsiExec.exe /I{154508C0-07C5-4659-A7A0-E49968750D21} HLPRFO-->MsiExec.exe /I{AADAC983-FDE9-42FA-8FD9-7BB324155593} Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31} Intel® Extreme Graphics 2 Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2572 Java 2 Runtime Environment, SE v1.4.2_05-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142050} Java 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF} Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Jeux WildTangent-->"C:\Program Files\WildGames\Uninstall.exe" Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} KhalSetup-->MsiExec.exe /I{EE7B9A8D-19F0-450D-8E94-3E391E6044CD} Kiwee Toolbar-->"C:\Program Files\AGI\common\bootstrapper.exe" -uninstall"\"C:/Program Files/AGI/Python25\pythonw.exe\" \"C:\Program Files\AGI\common\pyagcore\installer.pyc\" -u KiweeToolbar" KSU-->MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267} Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall LG ODD Auto Firmware Update-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6179550A-3E7C-499E-BCC9-9E8113E0A285}\Setup.exe" LightScribe System Software 1.10.27.1-->MsiExec.exe /X{CBCF859F-04BE-4A07-B6FA-F4FAD69EF1ED} LimeWire 5.2.8-->"C:\Program Files\LimeWire\uninstall.exe" Little Folk of Faery-->"C:\Program Files\WildGames\Little Folk of Faery\Uninstall.exe" LiveReg (Symantec Corporation)-->C:\Program Files\Fichiers communs\Symantec Shared\LiveReg\VcSetup.exe /REMOVE LiveUpdate 1.80 (Symantec Corporation)-->C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U Logitech SetPoint-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x40c -removeonly Lottso! Deluxe-->"C:\Program Files\Oberon Media\Lottso! Deluxe\Uninstall.exe" "C:\Program Files\Oberon Media\Lottso! Deluxe\install.log" Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Media Manager for WALKMAN 1.2-->MsiExec.exe /X{5A6ED905-D19D-4954-8499-0DAF386460F7} Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929} Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office 2000 SR-1 Premium-->MsiExec.exe /I{0000040C-78E1-11D2-B60F-006097C998E7} Microsoft Office Visio Professional 2003-->MsiExec.exe /I{9051040C-6000-11D3-8CFE-0150048383C9} Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB971180)-->"C:\WINDOWS\ie8updates\KB971180-IE8\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} Nero 7 Essentials-->MsiExec.exe /X{1596098A-FCEC-48F0-B7C7-08A31B771033} neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} Netscape Communicator 4.78-->C:\WINDOWS\cd32.exe 4.78 (fr) Notifier-->MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2} NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74} OTtBP-->MsiExec.exe /I{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C} OTtBPSDK-->MsiExec.exe /I{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353} Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} PokerStars-->"C:\Program Files\PokerStars\PokerStarsUninstall.exe" /u:PokerStars QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2} RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 SafeCast Shared Components-->C:\Program Files\Fichiers communs\Macrovision Shared\SafeCast\Install\CDAC13BA.EXE /uninstall SecurDisc Viewer-->MsiExec.exe /X{BE90CE58-41DE-4708-9291-A9D1D49B1033} Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} SFR-->MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B} SHASTA-->MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237} SKIN0001-->MsiExec.exe /I{FDF9943A-3D5C-46B3-9679-586BD237DDEE} SKINXSDK-->MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F} SoundMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe" Surligneur (Windows Live Toolbar)-->MsiExec.exe /X{81B5F83F-2291-48B0-8375-36B63A9BF5B0} System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe The Lost Inca Prophecy-->"C:\Program Files\WildGames\The Lost Inca Prophecy\Uninstall.exe" Tropical Farm-->"C:\Program Files\WildGames\Tropical Farm\Uninstall.exe" Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Vérification Internet-->C:\Program Files\BellCanada\bcunwise.exe VisualTool-->C:\Program Files\VisualTool\uninstall.exe VPRINTOL-->MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370} Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC} Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66} Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA} Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818} Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1} Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353} Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" WIRELESS-->MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F} xp-AntiSpy 3.95-->C:\Program Files\xp-AntiSpy\Uninstall.exe Yahoo! Barre d'outils-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE Yahoo! Software Update-->C:\PROGRA~1\Yahoo!\SOFTWA~1\UNINST~1.EXE ======Hosts File====== 192.168.1.3 qualite 192.168.1.12 haf_prod.hafner.ca haf_prod 192.168.1.9 maillon.hafner.ca maillon 192.168.1.8 proxy 192.168.1.7 courrier 192.168.1.35 hafnerp.hafner.ca hafnerp 192.168.1.26 depot 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com ======System event log====== Computer Name: POSTE24 Event Code: 7026 Message: Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger : i8042prt Record Number: 50836 Source Name: Service Control Manager Time Written: 20091212185526.000000-300 Event Type: error User: Computer Name: POSTE24 Event Code: 7026 Message: Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger : i8042prt Record Number: 50803 Source Name: Service Control Manager Time Written: 20091212092626.000000-300 Event Type: error User: Computer Name: POSTE24 Event Code: 1002 Message: Le bail de l'adresse IP 192.168.2.10 pour la carte réseau dont l'adresse réseau est 000BCDBE52B4 a été refusé par le serveur DHCP 192.168.2.1 (celui-ci a envoyé un message DHCPNACK). Record Number: 50800 Source Name: Dhcp Time Written: 20091212092510.000000-300 Event Type: error User: Computer Name: POSTE24 Event Code: 4 Message: Broadcom NetXtreme Gigabit Ethernet for hp: The network link is down. Check to make sure the network cable is properly connected. Record Number: 50792 Source Name: b57w2k Time Written: 20091212023919.000000-300 Event Type: warning User: Computer Name: POSTE24 Event Code: 36 Message: Le service de temps n'a pas pu synchroniser l'heure système de 49152 secondes car aucun fournisseur de temps n'a pu fournir de datage utilisable. L'horloge système n'est pas synchronisée. Record Number: 50791 Source Name: W32Time Time Written: 20091211215357.000000-300 Event Type: warning User: =====Application event log===== Computer Name: POSTE24 Event Code: 1517 Message: Windows a sauvegardé le Registre utilisateur POSTE24\Administrateur alors qu'une application ou un service utilisait toujours le Registre pendant la fermeture de la session. La mémoire utilisée par le Registre de l'utilisateur n'a pas été libérée. le Registre sera déchargé lorsqu'il ne sera plus utilisé. Cela est souvent causé par des services s'exécutant en tant que compte d'utilisateur, essayez de configurer les services pour s'exécuter dans le compte service réseau ou service local. Record Number: 5416 Source Name: Userenv Time Written: 20091021014732.000000-240 Event Type: warning User: AUTORITE NT\SYSTEM Computer Name: POSTE24 Event Code: 1517 Message: Windows a sauvegardé le Registre utilisateur POSTE24\Administrateur alors qu'une application ou un service utilisait toujours le Registre pendant la fermeture de la session. La mémoire utilisée par le Registre de l'utilisateur n'a pas été libérée. le Registre sera déchargé lorsqu'il ne sera plus utilisé. Cela est souvent causé par des services s'exécutant en tant que compte d'utilisateur, essayez de configurer les services pour s'exécuter dans le compte service réseau ou service local. Record Number: 5405 Source Name: Userenv Time Written: 20091020144031.000000-240 Event Type: warning User: AUTORITE NT\SYSTEM Computer Name: POSTE24 Event Code: 1517 Message: Windows a sauvegardé le Registre utilisateur POSTE24\Administrateur alors qu'une application ou un service utilisait toujours le Registre pendant la fermeture de la session. La mémoire utilisée par le Registre de l'utilisateur n'a pas été libérée. le Registre sera déchargé lorsqu'il ne sera plus utilisé. Cela est souvent causé par des services s'exécutant en tant que compte d'utilisateur, essayez de configurer les services pour s'exécuter dans le compte service réseau ou service local. Record Number: 5394 Source Name: Userenv Time Written: 20091020110500.000000-240 Event Type: warning User: AUTORITE NT\SYSTEM Computer Name: POSTE24 Event Code: 1517 Message: Windows a sauvegardé le Registre utilisateur POSTE24\Administrateur alors qu'une application ou un service utilisait toujours le Registre pendant la fermeture de la session. La mémoire utilisée par le Registre de l'utilisateur n'a pas été libérée. le Registre sera déchargé lorsqu'il ne sera plus utilisé. Cela est souvent causé par des services s'exécutant en tant que compte d'utilisateur, essayez de configurer les services pour s'exécuter dans le compte service réseau ou service local. Record Number: 5385 Source Name: Userenv Time Written: 20091020013232.000000-240 Event Type: warning User: AUTORITE NT\SYSTEM Computer Name: POSTE24 Event Code: 1517 Message: Windows a sauvegardé le Registre utilisateur POSTE24\Administrateur alors qu'une application ou un service utilisait toujours le Registre pendant la fermeture de la session. La mémoire utilisée par le Registre de l'utilisateur n'a pas été libérée. le Registre sera déchargé lorsqu'il ne sera plus utilisé. Cela est souvent causé par des services s'exécutant en tant que compte d'utilisateur, essayez de configurer les services pour s'exécuter dans le compte service réseau ou service local. Record Number: 5376 Source Name: Userenv Time Written: 20091019222028.000000-240 Event Type: warning User: AUTORITE NT\SYSTEM ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 7, GenuineIntel "PROCESSOR_REVISION"=0207 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip -----------------EOF----------------- llement réussi a faire fonctionner le fameux RSIT voici un des 2 résultats!!!

Non il ne fonctionne pas!!! La fenêtre apparait mais je n'ai même pas le temps de voir quoi ce soit elle se ferme tout suite et j'ai un pop-up qu'il est infecter!!!! Si je formate mon ordi est-ce que sa pourrai régler le problème????

Merci pour l'info!!! Mais je crois que j'ai vraiment un gros problème ma connection internet ne fonctionne pas et quand j'installe un fichier j'ai un message qui me dit que le fichier est infecté!!!!! J'ai été infecter par ce trojan parce que l'autre personne qui ce sert de mon ordi à cliquer sur un message qui a apparut comme quoi j'étais infecter par le tojan SPM/LX et il y a eu un scan d'un antivirus nommer Antivirus Live qui n'est pas mon antivirus. Depuis ce jour je suis prise avec cela!!! Puis-je faire quelque chose ou je dois aller la porter à quelqu'un qui va pouvoir déboguer tout sa!!?? Merci d'avance de votre réponse!!!!

Bonjour je voudrai savoir comment enlever ce merveilleux trojan. Mon pc ne peux plus ce connecter à internet je ne peux donc télécharger aucun anti-malaware. Avez vous une solution??