Bonjour,
J'ai téléchargé il y a quelques heures un fichier qui contenait un malware, mon fond d'écran s'est changé tout seul et affichait une image qui disait en gros:
Your computer is infected!
Windows has detected spyware infection!
...
J'ai entre temps pu supprimer le fichier qui je pense causait ce problème car le fond d'écran ne bouge plus mais j'ai depuis eu quelques plantages, une fenêtre bleu s'affichait qui disait en gros que windows s'était éteind pour éviter certains problème...
J'ai suivi la procédure décrite sur le site FuturaScience :
Lancement d'ATF Cleaner, DiagHelp puis HijackThis
Ci-joints les deux rapports DiagHelp et HijackThis.
Merci d'avance pour votre aide.
Rapport de diaghelp
DiagHelp version v1.4 - http://www.malekal.com
excute le 21/08/2008 à 2:05:23,01
Liste des derniers fichies modifies/crees dans windir\system32 et prefetch
C:\WINDOWS\prefetch\CMD.EXE-087B4001.pf -->21/08/2008 02:04:59
C:\WINDOWS\prefetch\CHCP.COM-18156052.pf -->21/08/2008 02:04:57
C:\WINDOWS\prefetch\VERCLSID.EXE-3667BD89.pf -->21/08/2008 02:04:39
C:\WINDOWS\prefetch\WINRAR.EXE-39C6DAD9.pf -->21/08/2008 02:03:59
C:\WINDOWS\prefetch\layout.ini -->21/08/2008 01:10:07
C:\WINDOWS\System32\drivers\PnkBstrK.sys -->20/08/2008 00:10:15
C:\WINDOWS\System32\drivers\L6PODLV.sys -->22/03/2008 00:01:20
C:\WINDOWS\System32\drivers\l6dp.sys -->22/03/2008 00:01:20
C:\WINDOWS\System32\drivers\nv4_mini.sys -->05/12/2007 02:41:00
C:\WINDOWS\System32\drivers\scdemu.sys -->07/08/2007 02:15:07
C:\WINDOWS\System32\drivers\AvgAsCln.sys -->30/05/2007 14:10:42
C:\WINDOWS\System32\drivers\hamachi.sys -->18/04/2007 16:59:06
C:\WINDOWS\System32\PnkBstrB.exe -->21/08/2008 00:02:58
C:\WINDOWS\System32\PnkBstrA.exe -->21/08/2008 00:02:58
C:\WINDOWS\System32\pbsvc.exe -->21/08/2008 00:02:54
C:\WINDOWS\System32\blphcc7bj0el8v.scr -->20/08/2008 23:36:29
C:\WINDOWS\System32\phcc7bj0el8v.bmp -->20/08/2008 23:36:27
C:\WINDOWS\System32\wpa.dbl -->20/08/2008 23:30:08
C:\WINDOWS\System32\xfcodec.dll -->13/08/2008 00:08:56
C:\WINDOWS\System32\jupdate-1.6.0_07-b06.log -->12/08/2008 00:53:48
C:\WINDOWS\System32\javaws.exe -->10/06/2008 02:32:34
C:\WINDOWS\System32\javacpl.cpl -->10/06/2008 02:32:34
C:\WINDOWS\System32\javaw.exe -->10/06/2008 01:21:04
C:\WINDOWS\System32\java.exe -->10/06/2008 01:21:01
C:\WINDOWS\System32\FNTCACHE.DAT -->13/05/2008 18:26:13
C:\WINDOWS\System32\jupdate-1.6.0_05-b13.log -->02/05/2008 13:06:52
C:\WINDOWS\System32\SIntfNT.dll -->26/04/2008 23:06:17
C:\WINDOWS\System32\SIntf32.dll -->26/04/2008 23:06:17
C:\WINDOWS\System32\SIntf16.dll -->26/04/2008 23:06:16
C:\WINDOWS\System32\jupdate-1.5.0_04-b05.log -->22/04/2008 23:56:43
C:\WINDOWS\System32\lvcoinst.log -->17/04/2008 22:56:40
C:\WINDOWS\System32\nscompat.tlb -->05/04/2008 16:18:33
C:\WINDOWS\System32\amcompat.tlb -->05/04/2008 16:18:33
C:\WINDOWS\System32\w95inf32.dll -->05/04/2008 16:18:24
C:\WINDOWS\System32\w95inf16.dll -->05/04/2008 16:18:24
C:\WINDOWS\System32\L6DriverControlPanel.cpl -->02/04/2008 23:16:54
C:\WINDOWS\System32\PerfStringBackup.INI -->30/03/2008 14:31:24
C:\WINDOWS\WindowsUpdate.log -->21/08/2008 01:57:59
C:\WINDOWS\0.log -->21/08/2008 01:57:59
C:\WINDOWS\wiaservc.log -->21/08/2008 01:57:57
C:\WINDOWS\wiadebug.log -->21/08/2008 01:57:56
C:\WINDOWS\QTFont.qfn -->21/08/2008 01:57:45
C:\WINDOWS\bootstat.dat -->21/08/2008 01:57:38
C:\WINDOWS\SchedLgU.Txt -->21/08/2008 01:56:39
C:\WINDOWS\NeroDigital.ini -->20/08/2008 23:40:38
C:\WINDOWS\randseed.rnd -->20/08/2008 22:38:34
C:\WINDOWS\win.ini -->23/06/2008 22:24:21
C:\WINDOWS\SIERRA.INI -->01/05/2008 13:32:26
C:\WINDOWS\GearBox.ini -->23/04/2008 00:17:36
C:\WINDOWS\mozver.dat -->19/02/2008 18:46:58
C:\WINDOWS\dxva_sig.txt -->14/02/2008 03:16:02
C:\WINDOWS\nsreg.dat -->06/02/2008 21:42:09
winlogon.exe
Verified: Signed
svchost.exe
Verified: Signed
ws2_32.dll
Verified: Signed
user32.dll
Verified: Signed
tcpip.sys
Verified: Signed
ndis.sys
Verified: Signed
null.sys
Verified: Signed
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright © 1997-2004 Mark Russinovich
Sysinternals - http://www.sysinternals.com
------------------------------------------------------------------------------
explorer.exe pid: 1936
Command line: C:\WINDOWS\Explorer.EXE
Base Size Version Path
0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll
0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL
0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll
0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL
0x01520000 0x2c6000 3.01.4000.2435 C:\WINDOWS\system32\msi.dll
0x10000000 0x6000 7.02.0000.0157 C:\DOCUME~1\kronos\LOCALS~1\Temp\IadHide5.dll
0x01920000 0x19000 C:\Program Files\eylqvab\ActMntCmd.dll
0x37000000 0x13000 8.00.0000.0448 C:\WINDOWS\system32\EntApi.dll
0x017f0000 0x2c000 C:\Program Files\WinRAR\rarext.dll
0x16200000 0x6000 4.01.0000.0000 C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
0x02200000 0x2a000 7.05.0001.0036 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll
0x183b0000 0x7000 8.00.0000.0912 C:\Program Files\Network Associates\VirusScan\shext.dll
0x192f0000 0x3000 8.00.0000.0912 C:\Program Files\Network Associates\VirusScan\RES0c\ShExtRes.dll
0x01110000 0x6000 C:\Program Files\Unlocker\UnlockerCOM.dll
0x02230000 0x37000 3.08.0000.0000 C:\Program Files\PowerISO\PWRISOSH.DLL
0x012c0000 0x13000 7.05.0001.0036 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll
0x00d40000 0xc000 6.00.0001.1091 C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
0x01c60000 0x15000 1.01.0005.0000 C:\PROGRA~1\FlashGet\jccatch.dll
0x32520000 0x12000 10.00.2609.0000 V:\Program Files\Office10\msohev.dll
ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright © 1997-2004 Mark Russinovich
Sysinternals - http://www.sysinternals.com
------------------------------------------------------------------------------
winlogon.exe pid: 1036
Command line: winlogon.exe
Base Size Version Path
0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe
0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll
0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll
0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll
0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll
0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 7C7A-5667
Répertoire de C:\WINDOWS\system32
20/08/2004 01:09 6 144 csrss.exe
1 fichier(s) 6 144 octets
0 Rép(s) 7 529 672 704 octets libres
Contenu de Downloaded Program Files
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 7C7A-5667
Répertoire de C:\WINDOWS\Downloaded Program Files
07/04/2008 19:23 <REP> .
07/04/2008 19:23 <REP> ..
07/03/2007 02:00 2 504 catalog.dat
16/09/2006 19:39 65 desktop.ini
14/10/1997 18:52 697 DirectAnimation Java Classes.osd
26/07/2007 16:03 214 DivXPlugin.inf
07/03/2007 02:00 6 899 ecbootil.vxd
07/03/2007 02:00 272 040 ecmsvr32.dll
30/08/2006 21:10 551 GameLauncher.inf
01/09/2006 01:40 42 720 GameLauncher.ocx
10/11/2005 14:05 876 jinstall-1_5_0_06.inf
20/01/2000 15:25 1 162 Microsoft XML Parser for Java.osd
20/06/2006 16:44 379 704 MsnPUpld.dll
19/06/2006 15:40 393 MsnPUpld.inf
07/03/2007 02:00 124 536 naveng32.dll
07/03/2007 02:00 902 776 navex32a.dll
12/09/2007 09:46 259 NvidiaSmartScan.inf
04/10/2007 08:52 323 584 NvidiaSmartScan.ocx
20/06/2006 16:44 117 560 PURen-us.dll
09/01/2007 09:30 110 592 PURfr-fr.dll
07/03/2007 02:00 97 744 scrauth.dat
22/06/2006 11:41 5 032 swflash.inf
07/03/2007 02:00 11 875 symaveng.cat
07/03/2007 02:00 1 061 symaveng.inf
07/03/2007 02:00 189 004 tcdefs.dat
07/03/2007 02:00 1 375 779 tcscan7.dat
07/03/2007 02:00 336 864 tcscan8.dat
07/03/2007 02:00 775 155 tcscan9.dat
07/03/2007 02:00 453 tinf.dat
07/03/2007 02:00 148 tinfidx.dat
07/03/2007 02:00 1 957 tinfl.dat
07/03/2007 02:00 65 183 tscan1.dat
07/03/2007 02:00 3 113 tscan1hd.dat
07/03/2007 02:00 4 778 v.grd
07/03/2007 02:00 2 261 v.sig
07/03/2007 02:00 106 244 virscan.inf
07/03/2007 02:00 978 854 virscan1.dat
07/03/2007 02:00 570 174 virscan2.dat
07/03/2007 02:00 147 944 virscan3.dat
07/03/2007 02:00 320 186 virscan4.dat
07/03/2007 02:00 3 544 143 virscan5.dat
07/03/2007 02:00 390 436 virscan6.dat
07/03/2007 02:00 7 377 658 virscan7.dat
07/03/2007 02:00 1 698 312 virscan8.dat
07/03/2007 02:00 4 199 121 virscan9.dat
07/03/2007 02:00 32 virscant.dat
30/07/2007 20:24 293 wuweb.inf
07/03/2007 02:00 224 zdone.dat
46 fichier(s) 24 491 160 octets
Total des fichiers listés :
46 fichier(s) 24 491 160 octets
2 Rép(s) 7 529 668 608 octets libres
Recherche de rootkit! (Merci S!Ri)
Recherche d'infections connues
Export des clefs sensibles..
Liste des fichiers en exception sur le pare-feu XP SP2
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MessengerDiscovery\\MessengerDiscovery Live.exe"="C:\\Program Files\\MessengerDiscovery\\MessengerDiscovery Live.exe:*:Enabled:MessengerDiscovery Live the Windows Live Messenger addon"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"C:\\Jeux\\Steam\\SteamApps\\kronos89\\counter-strike source\\hl2.exe"="C:\\Jeux\\Steam\\SteamApps\\kronos89\\counter-strike source\\hl2.exe:*:Enabled:hl2"
"C:\\Jeux\\Titan Quest\\Titan Quest.exe"="C:\\Jeux\\Titan Quest\\Titan Quest.exe:*:Enabled:Titan Quest"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:µTorrent"
"C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe"="C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix"
"C:\\Jeux\\Steam\\Steam.exe"="C:\\Jeux\\Steam\\Steam.exe:*:Enabled:Steam Client"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\\Jeux\\Exteel\\System\\Exteel.exe"="C:\\Jeux\\Exteel\\System\\Exteel.exe:*:Enabled:Exteel"
"C:\\Jeux\\Project Torque\\ProjectTorque\\ProjectTorque.bin"="C:\\Jeux\\Project Torque\\ProjectTorque\\ProjectTorque.bin:*:Enabled:Project Torque"
"C:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"="C:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Jeux\\Call Of Duty 4\\iw3mp.exe"="C:\\Jeux\\Call Of Duty 4\\iw3mp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare "
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Jeux\\Exteel\\System\\Exteel.exe"="C:\\Jeux\\Exteel\\System\\Exteel.exe:*:Enabled:Exteel"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
Export de la clef SharedTaskScheduler
[sharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
exports des policies
REGEDIT4
[system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...
catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-21 02:06:35
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:8b9a4118
"s2"=dword:42722df3
"h0"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:42,77,10,c3,db,85,4e,95,6f,c4,20,82,2c,e1,a8,dd,df,81,7a,f7,e0,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,09,61,f9,95,06,18,4c,8e,e9,a9,fd,53,37,03,25,9a,3f,..
"khjeh"=hex:c0,b3,73,96,13,b3,42,9a,aa,64,36,7a,c6,f5,25,da,94,da,65,17,40,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:0f,16,6f,39,60,9e,6a,a2,0a,5f,b8,20,53,f3,49,b8,4c,3d,58,24,a9,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:ef,ca,6d,25,39,1e,12,1f,56,27,7e,7a,a9,b4,3a,74,1b,ec,d5,99,b2,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,09,61,f9,95,06,18,4c,8e,e9,a9,fd,53,37,03,25,9a,3f,..
"khjeh"=hex:c0,b3,73,96,13,b3,42,9a,aa,64,36,7a,c6,f5,25,da,94,da,65,17,40,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:0f,16,6f,39,60,9e,6a,a2,0a,5f,b8,20,53,f3,49,b8,4c,3d,58,24,a9,..
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden services: 0
hidden files: 0
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (http://www.security.org.sg'>http://www.security.org.sg)
Process list by traversal of KiWaitListHead
4 - System
220 - razerhid.exe
236 - RTHDCPL.exe
244 - alg.exe
288 - shstat.exe
308 - UpdaterUI.exe
336 - TBMon.exe
344 - looknstop.exe
352 - LVCOMSX.EXE
500 - iTunesHelper.ex
668 - ctfmon.exe
684 - LogitechDesktop
696 - msnmsgr.exe
748 - LWEMon.exe
756 - Steam.exe
1012 - csrss.exe
1036 - winlogon.exe
1080 - services.exe
1092 - lsass.exe
1264 - svchost.exe
1312 - svchost.exe
1424 - svchost.exe
1492 - NkbMonitor.exe
1508 - svchost.exe
1568 - svchost.exe
1936 - explorer.exe
2052 - AppleMobileDevi
2072 - guard.exe
2124 - FrameworkServic
2144 - Mcshield.exe
2196 - VsTskMgr.exe
2276 - naPrdMgr.exe
2400 - nvsvc32.exe
2464 - PnkBstrA.exe
2632 - RichVideo.exe
3052 - cmd.exe
3064 - firefox.exe
3160 - ServiceLayer.ex
3296 - iPodService.exe
3848 - NclRSSrv.exe
Total number of processes = 40
NOTE: Under WinXP, this will not show all processes.
KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (http://www.security.org.sg)
Driver/Module list by traversal of PsLoadedModuleList
804D7000 - \WINDOWS\system32\ntkrnlpa.exe
806E2000 - \WINDOWS\system32\hal.dll
BADA8000 - \WINDOWS\system32\KDCOM.DLL
BACB8000 - \WINDOWS\system32\BOOTVID.dll
BA6D0000 - sptd.sys
BADAA000 - \WINDOWS\System32\Drivers\WMILIB.SYS
BA6B8000 - \WINDOWS\System32\Drivers\SCSIPORT.SYS
BA689000 - ACPI.sys
BA678000 - pci.sys
BA8A8000 - isapnp.sys
BAE70000 - pciide.sys
BAB28000 - \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
BA8B8000 - MountMgr.sys
BA659000 - ftdisk.sys
BADAC000 - dmload.sys
BA633000 - dmio.sys
BAB30000 - PartMgr.sys
BA8C8000 - sfsync02.sys
BA8D8000 - VolSnap.sys
BA61B000 - atapi.sys
BA8E8000 - jraid.sys
BA8F8000 - disk.sys
BA908000 - \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
BA5FB000 - fltmgr.sys
BA5E9000 - sr.sys
BA918000 - PxHelp20.sys
BA5D2000 - KSecDD.sys
BA545000 - Ntfs.sys
BA518000 - NDIS.sys
BA504000 - sfvfs02.sys
BAB38000 - sfhlp02.sys
BA4F2000 - sfdrv01.sys
BA4D7000 - Mup.sys
BADAE000 - JGOGO.sys
BA9B8000 - \SystemRoot\System32\DRIVERS\intelppm.sys
B95B5000 - \SystemRoot\System32\DRIVERS\nv4_mini.sys
B95A1000 - \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS
BAB48000 - \SystemRoot\System32\DRIVERS\usbuhci.sys
B957E000 - \SystemRoot\System32\DRIVERS\USBPORT.SYS
BAB78000 - \SystemRoot\System32\DRIVERS\usbehci.sys
B9559000 - \SystemRoot\System32\DRIVERS\HDAudBus.sys
BA9C8000 - \SystemRoot\System32\DRIVERS\cdrom.sys
BAB80000 - \SystemRoot\System32\Drivers\GEARAspiWDM.sys
B951D000 - \SystemRoot\System32\DRIVERS\yk51x86.sys
BAB88000 - \SystemRoot\System32\DRIVERS\fdc.sys
B950C000 - \SystemRoot\System32\DRIVERS\serial.sys
BA487000 - \SystemRoot\System32\DRIVERS\serenum.sys
B94F8000 - \SystemRoot\System32\DRIVERS\parport.sys
B94AE000 - \SystemRoot\System32\Drivers\a0mfo94w.SYS
BABD8000 - \SystemRoot\System32\Drivers\l6dp.sys
BAFB0000 - \SystemRoot\System32\DRIVERS\audstub.sys
BAA28000 - \SystemRoot\System32\DRIVERS\rasl2tp.sys
B9EE5000 - \SystemRoot\System32\DRIVERS\ndistapi.sys
B9497000 - \SystemRoot\System32\DRIVERS\ndiswan.sys
BAA38000 - \SystemRoot\System32\DRIVERS\raspppoe.sys
BAA48000 - \SystemRoot\System32\DRIVERS\raspptp.sys
BABE0000 - \SystemRoot\System32\DRIVERS\TDI.SYS
B9486000 - \SystemRoot\System32\DRIVERS\psched.sys
BAA58000 - \SystemRoot\System32\DRIVERS\msgpc.sys
BABE8000 - \SystemRoot\System32\DRIVERS\ptilink.sys
BABF0000 - \SystemRoot\System32\DRIVERS\raspti.sys
B9455000 - \SystemRoot\System32\DRIVERS\rdpdr.sys
BAA68000 - \SystemRoot\System32\DRIVERS\termdd.sys
BABF8000 - \SystemRoot\System32\DRIVERS\kbdclass.sys
BAC00000 - \SystemRoot\System32\DRIVERS\mouclass.sys
BAA78000 - \SystemRoot\System32\DRIVERS\lnsfw.sys
BAE16000 - \SystemRoot\System32\DRIVERS\swenum.sys
B9432000 - \SystemRoot\System32\DRIVERS\ks.sys
B93FE000 - \SystemRoot\System32\DRIVERS\update.sys
B9EC5000 - \SystemRoot\System32\DRIVERS\mssmbios.sys
B9EC1000 - \SystemRoot\system32\drivers\WmBEnum.sys
BAA88000 - \SystemRoot\system32\drivers\WmXlCore.sys
BAA98000 - \SystemRoot\System32\DRIVERS\redbook.sys
BAAA8000 - \SystemRoot\System32\Drivers\NDProxy.SYS
BAAB8000 - \SystemRoot\System32\DRIVERS\usbhub.sys
BAE1C000 - \SystemRoot\System32\DRIVERS\USBD.SYS
B6E9A000 - \SystemRoot\system32\drivers\RtkHDAud.sys
B6E76000 - \SystemRoot\system32\drivers\portcls.sys
BAAD8000 - \SystemRoot\system32\drivers\drmk.sys
BAC10000 - \SystemRoot\System32\DRIVERS\flpydisk.sys
BAE20000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS
BAF7A000 - \SystemRoot\System32\Drivers\Null.SYS
BAE22000 - \SystemRoot\System32\Drivers\Beep.SYS
BAF7B000 - \SystemRoot\System32\DRIVERS\AvgAsCln.sys
BAC20000 - \SystemRoot\System32\DRIVERS\HIDPARSE.SYS
BAC28000 - \SystemRoot\System32\drivers\vga.sys
BAE26000 - \SystemRoot\System32\Drivers\mnmdd.SYS
BAE28000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys
BAC30000 - \SystemRoot\System32\Drivers\Msfs.SYS
BAC38000 - \SystemRoot\System32\Drivers\Npfs.SYS
BA497000 - \SystemRoot\System32\DRIVERS\rasacd.sys
B6E1B000 - \SystemRoot\System32\DRIVERS\ipsec.sys
B6DC3000 - \SystemRoot\System32\DRIVERS\tcpip.sys
B6DB0000 - \SystemRoot\System32\Drivers\lnsfw1.SYS
B6D67000 - \SystemRoot\System32\DRIVERS\ipnat.sys
BAB08000 - \SystemRoot\system32\drivers\mvstdi5x.sys
B6D3F000 - \SystemRoot\System32\DRIVERS\netbt.sys
BAB18000 - \SystemRoot\System32\DRIVERS\wanarp.sys
B6D1D000 - \SystemRoot\System32\drivers\afd.sys
BA948000 - \SystemRoot\System32\DRIVERS\netbios.sys
BAC40000 - \SystemRoot\System32\Drivers\SCDEmu.SYS
B6CF2000 - \SystemRoot\System32\DRIVERS\rdbss.sys
BAF86000 - \SystemRoot\System32\Drivers\PQNTDrv.SYS
B6C83000 - \SystemRoot\System32\DRIVERS\mrxsmb.sys
B9D3D000 - \SystemRoot\System32\Drivers\Fips.SYS
BAF88000 - \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys
B9D1D000 - \SystemRoot\System32\Drivers\Cdfs.SYS
BAC50000 - \SystemRoot\System32\DRIVERS\usbccgp.sys
B9D0D000 - \SystemRoot\system32\drivers\lvusbsta.sys
B9CFD000 - \SystemRoot\system32\drivers\usbaudio.sys
B93DE000 - \SystemRoot\System32\DRIVERS\hidusb.sys
B9CED000 - \SystemRoot\System32\DRIVERS\HIDCLASS.SYS
BAC58000 - \SystemRoot\System32\Drivers\Razerlow.sys
B93DA000 - \SystemRoot\System32\DRIVERS\mouhid.sys
B93D6000 - \SystemRoot\System32\DRIVERS\kbdhid.sys
B6B6B000 - \SystemRoot\system32\DRIVERS\Camdrl.sys
B9CDD000 - \SystemRoot\system32\DRIVERS\STREAM.SYS
B6950000 - \SystemRoot\system32\DRIVERS\lvsvf2.sys
B6E6E000 - \SystemRoot\system32\drivers\LUsbKbd.sys
B6938000 - \SystemRoot\System32\Drivers\dump_atapi.sys
BAE30000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS
BF800000 - \SystemRoot\System32\win32k.sys
B6E5E000 - \SystemRoot\System32\drivers\Dxapi.sys
BAC68000 - \SystemRoot\System32\watchdog.sys
BF9C2000 - \SystemRoot\System32\drivers\dxg.sys
BAE98000 - \SystemRoot\System32\drivers\dxgthk.sys
BF9D4000 - \SystemRoot\System32\nv4_disp.dll
B637A000 - \SystemRoot\system32\drivers\wdmaud.sys
B64EF000 - \SystemRoot\system32\drivers\sysaudio.sys
B5404000 - \SystemRoot\System32\DRIVERS\mrxdav.sys
BFFA0000 - \SystemRoot\System32\ATMFD.DLL
BAE0E000 - \SystemRoot\System32\Drivers\ParVdm.SYS
B52C2000 - \SystemRoot\System32\DRIVERS\srv.sys
B5182000 - \SystemRoot\System32\DRIVERS\secdrv.sys
B4F85000 - \??\C:\Program Files\CyberLink\PowerDVD\000.fcl
B4E04000 - \SystemRoot\System32\Drivers\HTTP.sys
B4D6F000 - \SystemRoot\system32\drivers\naiavf5x.sys
B4D33000 - \??\C:\WINDOWS\system32\drivers\EntDrv51.sys
B4A21000 - \SystemRoot\system32\drivers\kmixer.sys
BAF43000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys
Total number of drivers = 140
Liste des programmes installes
@BIOS B06.0601.01
Adobe Flash Player 9 ActiveX
Adobe Flash Player Plugin
Adobe Reader 6.0.1
Apple Mobile Device Support
Apple Software Update
Archiveur WinRAR
Assistant de connexion Windows Live
Audacity 1.2.6
AVG Anti-Spyware 7.5
Call of Duty® 4 - Modern Warfare
Call of Duty® 4 - Modern Warfare
Call of Duty® 4 - Modern Warfare 1.2 Patch
Call of Duty® 4 - Modern Warfare 1.2 Patch
Call of Duty® 4 - Modern Warfare 1.3 Patch
Call of Duty® 4 - Modern Warfare 1.3 Patch
Call of Duty® 4 - Modern Warfare 1.4 Patch
Call of Duty® 4 - Modern Warfare 1.4 Patch
Call of Duty® 4 - Modern Warfare 1.5 Multiplayer Patch
Call of Duty® 4 - Modern Warfare 1.5 Patch
Call of Duty® 4 - Modern Warfare 1.6 Patch
Call of Duty® 4 - Modern Warfare 1.6 Patch
Call of Duty® 4 - Modern Warfare 1.7 Patch
Call of Duty® 4 - Modern Warfare 1.7 Patch
CCleaner (remove only)
Correctif Windows XP - KB873339
Correctif Windows XP - KB885835
Correctif Windows XP - KB885836
Correctif Windows XP - KB886185
Correctif Windows XP - KB887472
Correctif Windows XP - KB888302
Correctif Windows XP - KB890859
Correctif Windows XP - KB891781
DivX Content Uploader
DivX Web Player
EVEREST Corporate Edition v4.20
Far Cry (Patch 1.3)
Far Cry (Patch 1.31)
Far Cry (Patch 1.33)
FlashGet(JetCar)
Free Music Zilla
Garry's Mod
Gigabyte Raid Configurer
GIGABYTE VGA Utility Manager
GUILD WARS
High Definition Audio Driver Package - KB888111
HijackThis 1.99.1
IGN Download Manager 2.3.2
iPod for Windows 2006-01-10
iPod for Windows 2006-01-10
iTunes
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 4
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 9
Java 6 Update 2
Java 6 Update 3
Java 6 Update 5
Java 6 Update 7
Java SE Runtime Environment 6 Update 1
Line 6 Edit (remove only)
Line 6 Uninstaller
Livebox
Logiciel QuickCam de Logitech
Logitech Desktop Messenger
Logitech Gaming Software
Logitech SetPoint
Look 'n' Stop 2.05p2
McAfee VirusScan Enterprise
Messenger Plus! Live
Microsoft .NET Framework 2.0
Microsoft .NET Framework 2.0
Microsoft Office XP Media Content
Microsoft Office XP Professional avec FrontPage
mIRC
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)
Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734)
Mise à jour de sécurité pour Windows XP (KB890046)
Mise à jour de sécurité pour Windows XP (KB893756)
Mise à jour de sécurité pour Windows XP (KB896358)
Mise à jour de sécurité pour Windows XP (KB896423)
Mise à jour de sécurité pour Windows XP (KB896424)
Mise à jour de sécurité pour Windows XP (KB896428)
Mise à jour de sécurité pour Windows XP (KB899587)
Mise à jour de sécurité pour Windows XP (KB899589)
Mise à jour de sécurité pour Windows XP (KB899591)
Mise à jour de sécurité pour Windows XP (KB900725)
Mise à jour de sécurité pour Windows XP (KB901017)
Mise à jour de sécurité pour Windows XP (KB901214)
Mise à jour de sécurité pour Windows XP (KB902400)
Mise à jour de sécurité pour Windows XP (KB904706)
Mise à jour de sécurité pour Windows XP (KB905414)
Mise à jour de sécurité pour Windows XP (KB905749)
Mise à jour de sécurité pour Windows XP (KB908519)
Mise à jour de sécurité pour Windows XP (KB911562)
Mise à jour de sécurité pour Windows XP (KB911567)
Mise à jour de sécurité pour Windows XP (KB911927)
Mise à jour de sécurité pour Windows XP (KB912919)
Mise à jour de sécurité pour Windows XP (KB913580)
Mise à jour de sécurité pour Windows XP (KB914388)
Mise à jour de sécurité pour Windows XP (KB914389)
Mise à jour de sécurité pour Windows XP (KB917159)
Mise à jour de sécurité pour Windows XP (KB917344)
Mise à jour de sécurité pour Windows XP (KB917422)
Mise à jour de sécurité pour Windows XP (KB917953)
Mise à jour de sécurité pour Windows XP (KB918899)
Mise à jour de sécurité pour Windows XP (KB919007)
Mise à jour de sécurité pour Windows XP (KB920213)
Mise à jour de sécurité pour Windows XP (KB920214)
Mise à jour de sécurité pour Windows XP (KB920670)
Mise à jour de sécurité pour Windows XP (KB920683)
Mise à jour de sécurité pour Windows XP (KB920685)
Mise à jour de sécurité pour Windows XP (KB921398)
Mise à jour de sécurité pour Windows XP (KB921883)
Mise à jour de sécurité pour Windows XP (KB922616)
Mise à jour de sécurité pour Windows XP (KB922760)
Mise à jour de sécurité pour Windows XP (KB922819)
Mise à jour de sécurité pour Windows XP (KB923191)
Mise à jour de sécurité pour Windows XP (KB923414)
Mise à jour de sécurité pour Windows XP (KB923980)
Mise à jour de sécurité pour Windows XP (KB924191)
Mise à jour de sécurité pour Windows XP (KB924270)
Mise à jour de sécurité pour Windows XP (KB924496)
Mise à jour de sécurité pour Windows XP (KB925486)
Mise à jour pour Windows XP (KB898461)
Mise à jour pour Windows XP (KB900485)
Mise à jour pour Windows XP (KB908531)
Mise à jour pour Windows XP (KB910437)
Mise à jour pour Windows XP (KB911280)
Mise à jour pour Windows XP (KB916595)
Mise à jour pour Windows XP (KB920872)
Mise à jour pour Windows XP (KB922582)
Mozilla Firefox (2.0.0.16)
MSVC80_x86
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 Parser and SDK
Nero OEM
Nikon FotoShare
Nikon Message Center
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia PC Suite
Norton PartitionMagic
Norton PartitionMagic 8.0
NVIDIA Drivers
Package de pilotes Windows - Nokia Modem (08/03/2007 6.84.0.2)
Package de pilotes Windows - Nokia Modem (10/12/2007 3.6)
Panda TotalScan
PC Connectivity Solution
PictureProject
Pirates, Vikings and Knights II Beta 1.0
Postal 2 Share The Pain
PowerDVD
PowerDVD Ultra
PowerISO
Programme de gestion Camera de Logitech®
PunkBuster Services
QuickTime
Razer Copperhead
Real Alternative 1.39
Realtek High Definition Audio Driver
Steam
Team Fortress 2
TeamSpeak 2 RC2
Test Drive Unlimited
Unlocker 1.8.5
Ventrilo Client
VideoLAN VLC media player 0.8.5
Virtools 3D Life Player
WebFldrs XP
Winamp (remove only)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Live installer
Windows Live Messenger
Windows Media Format Runtime
Windows XP Service Pack 2
WinZip
World of Warcraft
Wow Cartographe 1.07
Xfire (remove only)
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 7C7A-5667
Répertoire de C:\Program Files
20/08/2008 22:34 <REP> .
20/08/2008 22:34 <REP> ..
16/09/2006 21:01 <REP> Adobe
03/12/2006 23:08 <REP> Ahead
15/09/2007 12:20 <REP> Apple Software Update
09/05/2008 00:27 <REP> Audacity
03/11/2006 00:17 <REP> Audio Converter
30/11/2007 19:05 <REP> Azureus
06/02/2007 20:58 <REP> CCleaner
23/04/2008 00:17 <REP> Common Files
16/09/2006 19:38 <REP> ComPlus Applications
12/01/2008 20:45 <REP> CyberLink
08/02/2007 14:21 <REP> DAEMON Tools
25/02/2008 22:31 <REP> DIFX
15/02/2008 01:22 <REP> DivX
27/08/2007 15:52 <REP> DJ2000 Demo
20/08/2008 22:34 <REP> eylqvab
16/07/2008 20:24 <REP> Fichiers communs
09/05/2008 11:40 <REP> FlashGet
03/06/2008 19:35 <REP> Free Music Zilla
16/09/2006 21:04 <REP> GigaByte
13/09/2007 21:12 <REP> Grisoft
16/10/2006 19:38 <REP> Guitar Pro 5
17/06/2008 13:54 <REP> IDoser v4
28/01/2007 23:04 <REP> IGN
16/09/2006 20:50 <REP> Intel
19/02/2008 18:43 <REP> Internet Explorer
19/11/2007 02:12 <REP> iPod
19/11/2007 02:12 <REP> iTunes
12/08/2008 00:53 <REP> Java
21/11/2007 01:36 <REP> Lavalys
23/04/2008 00:17 <REP> Line6
04/02/2007 19:49 <REP> Logitech
24/04/2008 02:33 <REP> Media Player Classic
17/09/2006 23:03 <REP> Messenger
29/10/2007 15:43 <REP> Messenger Plus! Live
09/02/2007 15:45 <REP> MessengerDiscovery
16/09/2006 19:40 <REP> microsoft frontpage
12/04/2008 00:23 <REP> mIRC
17/09/2006 01:48 <REP> Movie Maker
21/08/2008 01:58 <REP> Mozilla Firefox
16/09/2006 19:38 <REP> MSN
16/09/2006 19:37 <REP> MSN Gaming Zone
29/10/2007 15:36 <REP> MSN Messenger
12/04/2007 19:51 <REP> MSNServersX
24/11/2006 00:18 <REP> MSXML 4.0
17/09/2006 01:45 <REP> NetMeeting
16/09/2006 22:11 <REP> Network Associates
08/08/2007 15:56 <REP> Nikon
25/02/2008 22:31 <REP> Nokia
17/09/2006 23:03 <REP> Outlook Express
19/02/2008 18:48 <REP> Panda Security
25/02/2008 22:31 <REP> PC Connectivity Solution
12/01/2008 19:10 <REP> PowerISO
19/11/2007 02:11 <REP> QuickTime
16/09/2006 20:04 <REP> Razer
24/04/2008 02:33 <REP> Real Alternative
16/09/2006 20:52 <REP> Realtek
16/09/2006 21:29 <REP> SAGEM
16/09/2006 19:38 <REP> Services en ligne
16/09/2006 22:35 <REP> Soft4Ever
13/01/2008 21:10 <REP> Symantec
17/09/2006 02:13 <REP> Teamspeak2_RC2
16/04/2007 13:10 <REP> Unlocker
04/01/2008 18:13 <REP> uTorrent
17/12/2007 17:58 <REP> Ventrilo
02/10/2006 21:56 <REP> VideoLAN
09/12/2007 20:38 <REP> Virtools
07/01/2008 22:56 <REP> Winamp
29/10/2007 15:20 <REP> Windows Live
05/04/2008 16:18 <REP> Windows Media Player
17/09/2006 01:45 <REP> Windows NT
10/11/2006 21:13 <REP> WinRAR
27/09/2006 21:23 <REP> WinZip
17/07/2008 20:21 <REP> WowCartographe
16/09/2006 19:40 <REP> xerox
18/08/2008 21:33 <REP> Xfire
16/09/2006 20:45 <REP> Yahoo!
0 fichier(s) 0 octets
78 Rép(s) 7 528 542 208 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 7C7A-5667
Répertoire de C:\Program Files\fichiers communs
16/07/2008 20:24 <REP> .
16/07/2008 20:24 <REP> ..
16/09/2006 23:04 <REP> Adobe
03/12/2006 23:08 <REP> Ahead
07/07/2007 12:51 <REP> Apple
16/07/2008 20:24 <REP> Blizzard Entertainment
16/09/2006 22:11 <REP> Cisco Systems
12/11/2007 22:14 <REP> Designer
16/10/2006 20:10 <REP> InstallShield
15/10/2006 02:18 <REP> Java
04/02/2007 19:49 <REP> Logitech
26/02/2008 19:31 <REP> Microsoft Shared
16/09/2006 19:38 <REP> MSSoap
08/08/2007 16:10 <REP> muvee Technologies
16/09/2006 22:11 <REP> Network Associates
08/08/2007 16:10 <REP> Nikon
25/02/2008 22:31 <REP> Nokia
16/09/2006 21:27 <REP> ODBC
25/02/2008 22:31 <REP> PCSuite
16/09/2006 19:38 <REP> Services
16/09/2006 21:26 <REP> SpeechEngines
12/11/2007 22:13 <REP> System
17/12/2007 17:57 <REP> Wise Installation Wizard
0 fichier(s) 0 octets
23 Rép(s) 7 528 542 208 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 7C7A-5667
Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders
12/11/2007 22:14 <REP> .
12/11/2007 22:14 <REP> ..
12/11/2007 22:14 <REP> 1033
12/11/2007 22:14 <REP> 1036
15/02/2001 06:45 1 318 912 MSONSEXT.DLL
13/02/2001 09:23 58 784 MSOSV.DLL
03/06/1999 14:09 122 937 MSOWS409.DLL
07/03/2001 09:00 127 033 MSOWS40c.DLL
06/08/2000 10:04 401 462 MSVCP60.DLL
22/01/2001 04:25 69 632 PKMAXCTL.DLL
22/01/2001 04:25 872 448 PKMCDO.DLL
22/01/2001 04:25 159 744 PKMCORE.DLL
07/02/2001 10:59 106 496 PKMFORMS.DLL
12/02/2001 05:03 684 032 PKMRES.DLL
22/01/2001 04:25 28 672 PKMSSTLB.DLL
22/01/2001 04:25 40 960 PKMTEMPL.DLL
22/01/2001 04:25 24 576 PKMTRACE.DLL
22/01/2001 04:25 86 016 PKMWS.DLL
22/01/2001 04:25 237 568 PROMDEMO.DLL
22/01/2001 04:25 184 320 SECMGR.DLL
22/01/2001 04:25 323 584 VAIDDMGR.DLL
22/01/2001 04:25 32 768 VAIMEM.DLL
18 fichier(s) 4 879 944 octets
4 Rép(s) 7 528 542 208 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le numéro de série du volume est 7C7A-5667
Répertoire de C:\Program Files\common files
23/04/2008 00:17 <REP> .
23/04/2008 00:17 <REP> ..
23/04/2008 00:17 <REP> Digidesign
27/05/2008 18:20 <REP> INCA Shared
0 fichier(s) 0 octets
4 Rép(s) 7 528 542 208 octets libres
c:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.5.0.20\iTunesSetupAdmin.exe
c:\Documents and Settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Nokia_PC_Suite_rel_6_85_14_1_fre.exe
c:\Documents and Settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Installer\CommonCustomActions\UninstCCD.exe
c:\Documents and Settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Installer\CommonCustomActions\UninstPCS.exe
c:\Documents and Settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
c:\Documents and Settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Packages\Nokia_PC_Suite\CustomActions\NSU_Inst_fix.exe
c:\Documents and Settings\All Users\Application Data\Installations\{3741689E-584D-40C9-B011-373A0371846D}\Installer\CommonCustomActions\Sleep.exe
c:\Documents and Settings\All Users\Application Data\Installations\{3741689E-584D-40C9-B011-373A0371846D}\Installer\CommonCustomActions\vcredistExec.exe
c:\Documents and Settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstCCD.exe
c:\Documents and Settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCS.exe
c:\Documents and Settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCSFEMsi.exe
c:\Documents and Settings\kronos\Application Data\Microsoft\Installer\{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}\ARPPRODUCTICON.exe
c:\Documents and Settings\kronos\Application Data\WholeSecurity\CAT\WSOOPScan.exe
c:\Documents and Settings\kronos\Application Data\WholeSecurity\CAT\WSUIEE.exe
c:\Documents and Settings\kronos\Bureau\realalt-pc.exe
c:\Documents and Settings\kronos\Bureau\sa-mp-0.2.2-R2.exe
c:\Documents and Settings\kronos\Bureau\clé usb\GP5.exe
c:\Documents and Settings\kronos\Bureau\guitare\ccsetup137.exe
c:\Documents and Settings\kronos\Bureau\guitare\daemon408-x86.exe
c:\Documents and Settings\kronos\Bureau\guitare\Postal2_ShareThePain_Patch1409.exe
c:\Documents and Settings\kronos\Bureau\guitare\punisherfr.exe
c:\Documents and Settings\kronos\Bureau\guitare\qc848fra.exe
c:\Documents and Settings\kronos\Bureau\guitare\Divers\ArchBot 0.3.exe
c:\Documents and Settings\kronos\Bureau\guitare\Divers\fgf173.exe
c:\Documents and Settings\kronos\Bureau\guitare\Divers\MDL_1.00.19.exe
c:\Documents and Settings\kronos\Bureau\guitare\Divers\MsgPlusLive-401.exe
c:\Documents and Settings\kronos\Bureau\guitare\Divers\patchts2fr.exe
c:\Documents and Settings\kronos\Bureau\guitare\Divers\ts2_client_rc2_2032.exe
c:\Documents and Settings\kronos\Bureau\Nouveau dossier\rFactor.1.150.loader.exe
c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\catchme.exe
c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\diff.exe
c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\dumphive.exe
c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\FilesInfoCmd.exe
c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\find2.exe
c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\Fport.exe
c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\grep.exe
c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\gzip.exe
c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\KProcCheck.exe
c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\LFiles.exe
c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\LISTDLLS.exe
c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\md5sums.exe
c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\pslist.exe
c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\sigcheck.exe
c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\streams.exe
c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\swreg.exe
c:\Documents and Settings\kronos\Bureau\Nouveau dossier\DiagHelp\tar.exe
c:\Documents and Settings\kronos\Bureau\POD\Line 6 Monkey v1[1].15 Installer.exe
c:\Documents and Settings\kronos\Bureau\Radio\HipHop6.exe
c:\Documents and Settings\kronos\Bureau\tampon\Installation_LooknStop_205.exe
c:\Documents and Settings\kronos\Bureau\tampon\wrar360fr.exe
c:\Documents and Settings\kronos\Local Settings\Application Data\assembly\dl3\8AJZEQNX.AX3\DZHXO8G1.TYR\80dfc463\004fcd5c_eceec701\_Launcher.EXE
c:\Documents and Settings\kronos\Local Settings\Application Data\assembly\dl3\8AJZEQNX.AX3\DZHXO8G1.TYR\80dfc463\bede22d5_1a40c801\_Launcher.EXE
c:\Documents and Settings\kronos\Mes documents\My Games\Titan Quest\TitanQuest1_15.exe
c:\Documents and Settings\kronos\Mes documents\My Games\Titan Quest\TitanQuest1_20.exe
c:\Documents and Settings\All Users\Application Data\Grisoft\AVG Anti-Spyware 7.5\Downloads\help.dll
c:\Documents and Settings\All Users\Application Data\Line 6\L6TWXG\L6TWXG.dll
c:\Documents and Settings\All Users\Application Data\Line 6\L6TWXG\data\twx\L6TWX.dll
c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll
c:\Documents and Settings\kronos\Application Data\Microsoft\IdentityCRL\Production\ppcrlconfig.dll
c:\Documents and Settings\kronos\Local Settings\Application Data\assembly\dl3\8AJZEQNX.AX3\DZHXO8G1.TYR\1e71a7f5\00db1220_48eac701\NLog.DLL
c:\Documents and Settings\kronos\Local Settings\Application Data\assembly\dl3\8AJZEQNX.AX3\DZHXO8G1.TYR\573ef35d\0070e32d_b0ebc701\NC.Logging.DLL
c:\Documents and Settings\kronos\Local Settings\Application Data\assembly\dl3\8AJZEQNX.AX3\DZHXO8G1.TYR\573ef35d\b62ff3d4_1a40c801\NC.Logging.DLL
c:\Documents and Settings\kronos\Local Settings\Application Data\assembly\dl3\8AJZEQNX.AX3\DZHXO8G1.TYR\f28527a5\00132dc9_b9ebc701\UnRar.Net.DLL
c:\Documents and Settings\kronos\Local Settings\Application Data\assembly\dl3\8AJZEQNX.AX3\DZHXO8G1.TYR\f28527a5\3258dbd4_1a40c801\UnRar.Net.DLL
c:\Documents and Settings\kronos\Local Settings\Application Data\assembly\dl3\8AJZEQNX.AX3\DZHXO8G1.TYR\fdb6c786\003eea69_eceec701\_Launcher.resources.DLL
c:\Documents and Settings\kronos\Local Settings\Application Data\assembly\dl3\8AJZEQNX.AX3\DZHXO8G1.TYR\fdb6c786\c456fad4_1a40c801\_Launcher.resources.DLL
****** Fin du rapport DiagHelp
Rapport de hijackthis:
Logfile of HijackThis v1.99.1
Scan saved at 02:18:40, on 21/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Razer\Copperhead\razerhid.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Soft4Ever\looknstop\looknstop.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\Profiler\lwemon.exe
V:\Program Files\Nikon\NkbMonitor.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Razer\Copperhead\razertra.exe
C:\Program Files\Razer\Copperhead\razerofa.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\kronos\Bureau\Nouveau dossier\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~1\FlashGet\getflash.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [skyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [GBB36X Configure] C:\WINDOWS\System32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [Look 'n' Stop] "C:\Program Files\Soft4Ever\looknstop\looknstop.exe" -auto
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1036
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [bDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [lphcc7bj0el8v] C:\WINDOWS\system32\lphcc7bj0el8v.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\IGN\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKCU\..\Run: [start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui
O4 - HKCU\..\Run: [steam] "C:\Jeux\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [infoproc] C:\WINDOWS\system32\kpglkxub.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = V:\Program Files\Office10\OSA.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = V:\Program Files\Nikon\NkbMonitor.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://V:\PROGRA~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.line6.net
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/ ... .6.108.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 3663720312
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player ... taller.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{C193F000-A84E-4B7D-8BF8-C4660A10FB0E}: NameServer = 192.168.1.1
O18 - Protocol: bw+0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {DD3B0901-56E8-4EA8-8C2C-897A9B61D8C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: ActMntCmd - {3BEC3050-8B2F-5E91-FCBF-08891E626AE7} - C:\Program Files\eylqvab\ActMntCmd.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Windows Audio Server (Audios) - Unknown owner - c:\Recycle\svchost.exe (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Window Image Worker (windownetpker) - Unknown owner - C:\Program Files\Internet Explorer\svchost.exe (file missing)