mayie

j'ai tout formaté correctement, bref je viens de redemarrer, et je peux activer !!! merci à tous , et bonne nuit à vous !!!bonne continuation , mille mercis

merci à tous, je suis en train de télécharger killdisk et je vais tout reinstaller, comme me le dit Bleuet, et je vous tiens au courant .... je le fais de suite

merci bien, mais dis-moi, sur mon pc perso, j'ai sp2 mis à jour sp3, est ce que j'aurais un moyen de copier directement la maj sur un dvd pour éviter de télécharger ? car mon cd initial d'installation est xp home sp2 ... si oui, ça se trouve où le dossier "sp3" à graver pour le reinstaller sur le pc de mon fils, cela me fairait gagner du temps .. si c'était possible... merci de ta réponse

quelle galère, encore tout re-installé, j'en ai pour des heures ... N'y a t'il pas un moyen autre avant de m'assurer qu'il n'y as pas d'autres restes de windows dans le registre ?? je vois que dans la valeur WPAE EVENTS j'ai une clé "lastWPAEventlogged" .... etc et une clé OOBETIMER, sur mon pc , je n'ai pas cette clé "last wpaeventlogged", c'est peut-être un indice non ? j'avoue que je suis démoralisée là , c'est long, sp2, puis mise à niveau sp3 etc etc ,j'ai l'adsl mais en pleine campagne, c'est long, pas beaucoup de débit pour après télécharger les MAJ et GPARTED, cela sert à quoi ? à formater davantage qu'en passant par le formatage classique ? merci, j'aurai tant voulu éviter de tout refaire ... Merci Zonk

2ème message pour Bleut .. J'ai oublié de te dire, oui quand j'ai installé mon xp, il m'a demandé le code , il n'y a pas eu de problème particulier ..

Merci Bleuet, le disque dur n'était pas neuf, c'est un copain qui lui a donné, il l'a formaté... et a installé xp ...avec mon cd d'installation .. et j'ai donc pris la suite, j'ai voulu valider par tél, échec ...puis par internet, échec ... cela me dit comme si mon xp était piraté, c'est impossible .. à moins qu'avant, il y ait eu un xp piraté sur le DD ? et qu'il y est des restes dans le registre ? cela m'a meme empeché ensuite l'ordinateur de redemarrer, et je encore reinstaller mon xp, tout retelecharger les drivers, j'y ai passé la nuit, je n'y comprends rien, car j'ai toujours reinstallé son ordinateur avec mon cd d'installation, à diverses reprises, et jamais je n'ai eu de problème, pour cause, car mon xp est d'origine .. !!j'avoue que là j'ai un peu peur de retenter une validation, et que son pc soit encore bloqué,et d'être à nouveau obligé de tout reinstaller, comment je pourrais faire pour vérifier dans le registre, il y a un truc qui n'est pas clair ou qui n'a pas été surement bien effacé ...et quand je compare le registre de mon ordinateur avec celui de mon fils, sur le sien, il y a plus de lignes .. merci d'avance Bleuet de ta gentillesse

Merci Zonk, c'est windows xp sp3 et c'est un répondeur automatisé, je tape mon code sur le tél,

Coucou, merci à tous, voilà j'ai un gros souci : j'ai dû changer le disque dur sur le pc de mon fiston, pour la troisième fois, bref, impossible d'activer windows, il me refuse par tél, en me disant : clé erronée !!! ce n'est pas possible que ma clé soit fausse, j'ai déjà reinstallé windows auparavant, je n'ai jamais eu ce problème, de plus c'est mon cd initial d'installation, je suis sûre de moi, je vous remercie vivement de me dire ce que je peux faire, d'ailleurs vous m'avez souvent dépanner pour ce pc dans divers forum sécurité, hardware etc ... Merci mille fois

En tout cas, merci pour tout !! tout est nickel !! Pear !

Merci Thorgal ; j'ai pigé, mais j'ai un souci : cela ne me retrouve pas mes jpeg,cela me dit zéro fichier , et les "doc" , cela me dit "manque convertisseur mswvrd632 " alors que j'ai word original 2000... que puis-je faire ?? Merci Bleut : mais j'ai un souci , car j'ai lu les tutos, mais je n'arrive pas à choisir les options pour éliminer certaines extensions, et je n'arrive pas à programmer ma clé f comme source de destinations ... si jamais tu as un tuto très simple, car je suis loin d'être une pro !! Encore merci à tous les deux pour vos conseils

Merci Thorgal, mais je viens de faire un essai, je n'ai aucun document doc qui apparait, et les images apparaissent jpeg, mais quand je les copie, il n'y a plus l'extention et sont inexploitables ; y aurait-il un tuto ? J'ai peut-être pas bien tout coché ? MERCi d'avance !!

Bonjour, j'espère que je suis sur le bon forum ! Voilà , j'ai un ami qui vient de décédé ; or j'avais des lettres (doc) qui'il m'avait envoyées, des photos et images, et j'en avais effacé certaines . Existe-t-il un logiciel gratuit qui permette de récupérer sur le disque dur des donées effacées ?? J'ai essayé "smart data recovery" mais cela ne m'en trouve pas beaucoup, et mes fichiers doc se retrouvent enregistrés en unicode ut8, enfin je n'y connais pas grand chose.. et ne peux rien exploiter.. Par avance, Merci beaucoup de votre aide

merci, je confirme, mon problème est réglé : plus de fenêtres intempestives ; par contre, Pear, pourriez-vous m'expliquer d'où venait mon problème (virus ou autre) et en quoi OLT a pu résoudre mon problème ?? Merci d'avance !! et Bravo à vous ...

non non a-priori, cela ne le fait plus, cela a l'air d'être résolu, je vais attendre un peu plus pour en être sûre ; pouvez-vous m'expliquer ce qu'il y avait d'incorrect ? cela venait de quoi ?? MERCI BEAUCOUP Pear, et je vous tiens au courant plus tard dans la soirée, mais vraiment, pour l'instant, c'est super !!

Désolée Pear, j'avais du oublier les 2 points devant ; voici le rapport : All processes killed ========== OTL ========== Service OPTENET_FILTER stopped successfully! Service OPTENET_FILTER deleted successfully! File C:\Program Files\Controle Parental\bin\optproxy.exe not found. Service gusvc stopped successfully! Service gusvc deleted successfully! File C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe not found. Service AppMgmt stopped successfully! Service AppMgmt deleted successfully! File C:\WINDOWS\System32\appmgmts.dll not found. Service ACDaemon stopped successfully! Service ACDaemon deleted successfully! File C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe not found. Service USBAAPL stopped successfully! Service USBAAPL deleted successfully! File C:\WINDOWS\System32\Drivers\usbaapl.sys not found. Error: No service named PID_0928) Logitech QuickCam Express(PID_0928 was found to stop! Service\Driver key PID_0928) Logitech QuickCam Express(PID_0928 not found. File C:\WINDOWS\System32\DRIVERS\LV561AV.SYS not found. Error: No service named PID_08A0) Labtec WebCam Pro(PID_08A0 was found to stop! Service\Driver key PID_08A0) Labtec WebCam Pro(PID_08A0 not found. File C:\WINDOWS\System32\DRIVERS\LV302AV.SYS not found. Service LVUSBSta stopped successfully! Service LVUSBSta deleted successfully! File C:\WINDOWS\System32\drivers\lvusbsta.sys not found. Service FBAPI stopped successfully! Service FBAPI deleted successfully! File C:\WINDOWS\System32\drivers\FBAPI.sys not found. Service cel90xbe stopped successfully! Service cel90xbe deleted successfully! File C:\DOCUME~1\martinez\LOCALS~1\Temp\cel90xbe.sys not found. Service catchme stopped successfully! Service catchme deleted successfully! File C:\DOCUME~1\martinez\LOCALS~1\Temp\catchme.sys not found. Service bdfdll stopped successfully! Service bdfdll deleted successfully! File C:\Program Files\Softwin\BitDefender9\bdfdll.sys not found. Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{08C06D61-F1F3-4799-86F8-BE1A89362C85} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08C06D61-F1F3-4799-86F8-BE1A89362C85}\ deleted successfully. Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{08C06D61-F1F3-4799-86F8-BE1A89362C85} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08C06D61-F1F3-4799-86F8-BE1A89362C85}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}\ not found. Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\farstone deleted successfully. Starting removal of ActiveX control {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7} C:\WINDOWS\Downloaded Program Files\gp.inf not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully. File Protocol\Handler\ipp - No CLSID value found not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully. File Protocol\Handler\msdaipp - No CLSID value found not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{65b0ce85-1f90-11de-bb10-0013d3a2577b}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{65b0ce85-1f90-11de-bb10-0013d3a2577b}\ not found. File E:\VFPcAssistant.exe not found. C:\Documents and Settings\martinez\Application Data\PriceGong\Data folder moved successfully. C:\Documents and Settings\martinez\Application Data\PriceGong folder moved successfully. C:\Documents and Settings\martinez\Bureau\c9h7jogz.exe moved successfully. ========== FILES ========== ========== REGISTRY ========== HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E : value set successfully! OTL by OldTimer - Version 3.2.14.1 log created on 10102010_162644 Files\Folders moved on Reboot... Registry entries deleted on Reboot... Merci , alors qu'est ce que ça veut dire ???

Coucou Pear, j'ai fait ce que tu m'as indiqué, relancé OLT, mon ordinateur a donc redémarré, et voici le rapport: All processes killed Error: Unable to interpret <OTL> in the current context! Error: Unable to interpret <SRV - File not found [Disabled | Stopped] -- C:\Program Files\Controle Parental\bin\optproxy.exe -- (OPTENET_FILTER)> in the current context! Error: Unable to interpret <SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)> in the current context! Error: Unable to interpret <SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)> in the current context! Error: Unable to interpret <SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)> in the current context! Error: Unable to interpret <DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\usbaapl.sys -- (USBAAPL)> in the current context! Error: Unable to interpret <DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)> in the current context! Error: Unable to interpret <DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\LV302AV.SYS -- (PID_08A0) Labtec WebCam Pro(PID_08A0)> in the current context! Error: Unable to interpret <DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\lvusbsta.sys -- (LVUSBSta)> in the current context! Error: Unable to interpret <DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\FBAPI.sys -- (FBAPI)> in the current context! Error: Unable to interpret <DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\martinez\LOCALS~1\Temp\cel90xbe.sys -- (cel90xbe)> in the current context! Error: Unable to interpret <DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\martinez\LOCALS~1\Temp\catchme.sys -- (catchme)> in the current context! Error: Unable to interpret <DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Softwin\BitDefender9\bdfdll.sys -- (bdfdll)> in the current context! Error: Unable to interpret <IE - HKU\.DEFAULT\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - Reg Error: Key error. File not found> in the current context! Error: Unable to interpret <IE - HKU\S-1-5-18\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - Reg Error: Key error. File not found> in the current context! Error: Unable to interpret <O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.> in the current context! Error: Unable to interpret <O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.> in the current context! Error: Unable to interpret <O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [farstone] File not found> in the current context! Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)> in the current context! Error: Unable to interpret <O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)> in the current context! Error: Unable to interpret <O18 - Protocol\Handler\ipp - No CLSID value found> in the current context! Error: Unable to interpret <O18 - Protocol\Handler\msdaipp - No CLSID value found> in the current context! Error: Unable to interpret <O33 - MountPoints2\{65b0ce85-1f90-11de-bb10-0013d3a2577b}\Shell\AutoRun\command - "" = E:\VFPcAssistant.exe -- File not found> in the current context! Error: Unable to interpret <[2010/09/25 21:23:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\martinez\Application Data\PriceGong> in the current context! Error: Unable to interpret <[2010/10/10 05:38:40 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\martinez\Bureau\c9h7jogz.exe> in the current context! ========== FILES ========== ========== REGISTRY ========== HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E : value set successfully! OTL by OldTimer - Version 3.2.14.1 log created on 10102010_112414 Files\Folders moved on Reboot... Registry entries deleted on Reboot... MERCI

Coucou Pear, je fais de suite la manip, je relance OLT comme indiqué ; entre-temps j'ai relancé gmer, qui ne s'est pas arrêté cette fois, mais cela ne m'a pas indiqué une fenetre "terminé", alors je ne sais pas si ce que j'ai sauvegardé est analysable , je te le fais passer ; merci beaucoup, et je te fais suivre le nouveau rapport OLt GMER 1.0.15.15281 - GMER - Rootkit Detector and Remover Rootkit scan 2010-10-10 10:43:35 Windows 5.1.2600 Service Pack 3 Running: c9h7jogz.exe; Driver: C:\DOCUME~1\martinez\LOCALS~1\Temp\pgdoraod.sys ---- System - GMER 1.0.15 ---- SSDT F7A931FE ZwCreateKey SSDT F7A931F4 ZwCreateThread SSDT F7A93203 ZwDeleteKey SSDT F7A9320D ZwDeleteValueKey SSDT F7A93212 ZwLoadKey SSDT F7A931E0 ZwOpenProcess SSDT F7A931E5 ZwOpenThread SSDT F7A9321C ZwReplaceKey SSDT F7A93217 ZwRestoreKey SSDT F7A93208 ZwSetValueKey SSDT F7A931EF ZwTerminateProcess ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] kernel32.dll!LoadResource 7C80A055 7 Bytes JMP 2806C580 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] kernel32.dll!FindResourceExW 7C80AD28 7 Bytes JMP 2806C3E0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] kernel32.dll!FindResourceW 7C80BC6E 7 Bytes JMP 2806C360 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] kernel32.dll!SizeofResource 7C80BD09 7 Bytes JMP 2806C630 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] kernel32.dll!FindResourceA 7C80BF29 7 Bytes JMP 2806C460 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] kernel32.dll!LockResource 7C80CD37 5 Bytes JMP 2806C6A0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] kernel32.dll!CreateEventA 7C8308B5 5 Bytes JMP 2806BFC0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] kernel32.dll!FindResourceExA 7C835FA8 7 Bytes JMP 2806C4F0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] ADVAPI32.dll!CryptDeriveKey 77DB9FFD 7 Bytes JMP 2806BAD0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] ADVAPI32.dll!CryptDecrypt 77DBA129 7 Bytes JMP 2806BB30 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] USER32.dll!GetWindowLongW 7E3988A6 7 Bytes JMP 28070560 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] USER32.dll!PeekMessageW 7E39929B 5 Bytes JMP 2806E560 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] USER32.dll!SetWindowPlacement 7E39DE46 5 Bytes JMP 2806FB00 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] USER32.dll!CreateDialogParamW 7E39EA3B 5 Bytes JMP 2806FC50 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] USER32.dll!LoadImageW 7E3A7B97 5 Bytes JMP 280702B0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] USER32.dll!CreateWindowExW 7E3AD0A3 5 Bytes JMP 2806DB40 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] USER32.dll!SetWindowRgn 7E3AE528 7 Bytes JMP 2806FBA0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] USER32.dll!LoadIconW 7E3AE8BC 5 Bytes JMP 28070430 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] USER32.dll!MessageBoxIndirectW 7E3E64D5 5 Bytes JMP 2806FE50 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] USER32.dll!TrackPopupMenuEx 7E3ECF62 5 Bytes JMP 2806EBE0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] WS2_32.dll!closesocket 719F3E2B 5 Bytes JMP 280748C0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] WS2_32.dll!send 719F4C27 5 Bytes JMP 28074580 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] WS2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 280743D0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] WS2_32.dll!recv 719F676F 5 Bytes JMP 280742A0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] WS2_32.dll!WSASend 719F68FA 5 Bytes JMP 280746F0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] SHELL32.dll!Shell_NotifyIconW 7CA3A587 5 Bytes JMP 2806D230 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] ole32.dll!CoInitializeEx 774BEF7B 5 Bytes JMP 2806C900 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] ole32.dll!CoCreateInstance 774C057E 5 Bytes JMP 2806CC80 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] ole32.dll!CoRegisterClassObject 774D7E90 5 Bytes JMP 2806CA00 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] WININET.dll!InternetReadFile 404B654B 5 Bytes JMP 280734B0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] WININET.dll!InternetCloseHandle 404B9088 5 Bytes JMP 280735F0 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] WININET.dll!HttpOpenRequestA 404BD508 5 Bytes JMP 28073350 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) .text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] WININET.dll!HttpSendRequestA 404CEE89 5 Bytes JMP 28073550 C:\Program Files\Messenger Plus! Live\MsgPlusLive1.dll (Messenger Plus! Live Add-On/Yuna Software) ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\WINDOWS\Explorer.EXE[1484] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [014E2E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\Explorer.EXE[1484] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [014E2C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\Explorer.EXE[1484] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [014E2C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\Explorer.EXE[1484] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [014E2C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Logitech\QuickCam10\COCIManager.exe[1548] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00AF2E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Logitech\QuickCam10\COCIManager.exe[1548] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00AF2C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Logitech\QuickCam10\COCIManager.exe[1548] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00AF2C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Logitech\QuickCam10\COCIManager.exe[1548] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00AF2C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\VTtrayp.exe[2480] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [003D2E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\VTtrayp.exe[2480] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [003D2C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\VTtrayp.exe[2480] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [003D2C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\VTtrayp.exe[2480] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [003D2C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\VTTimer.exe[2496] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00392E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\VTTimer.exe[2496] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00392C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\VTTimer.exe[2496] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00392C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\VTTimer.exe[2496] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00392C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe[2512] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00DB2E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe[2512] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00DB2C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe[2512] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00DB2C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe[2512] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00DB2C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2532] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00BF2E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2532] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00BF2C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2532] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00BF2C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2532] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00BF2C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Logitech\QuickCam10\QuickCam10.exe[2600] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00B42E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Logitech\QuickCam10\QuickCam10.exe[2600] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00B42C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Logitech\QuickCam10\QuickCam10.exe[2600] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00B42C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Logitech\QuickCam10\QuickCam10.exe[2600] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00B42C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\VIAudioi\SBADeck\ADeck.exe[2668] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00B32E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\VIAudioi\SBADeck\ADeck.exe[2668] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00B32C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\VIAudioi\SBADeck\ADeck.exe[2668] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00B32C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\VIAudioi\SBADeck\ADeck.exe[2668] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00B32C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe[2716] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00C92E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe[2716] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00C92C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe[2716] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00C92C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe[2716] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00C92C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [01252E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [01252C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [01252C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2740] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [01252C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Messenger\msmsgs.exe[3016] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00B52E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Messenger\msmsgs.exe[3016] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00B52C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Messenger\msmsgs.exe[3016] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00B52C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Messenger\msmsgs.exe[3016] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00B52C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3028] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009D2E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3028] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009D2C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3028] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009D2C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Windows Media Player\WMPNSCFG.exe[3028] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009D2C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\ctfmon.exe[3240] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009F2E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\ctfmon.exe[3240] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009F2C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\ctfmon.exe[3240] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009F2C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\ctfmon.exe[3240] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009F2C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\notepad.exe[3264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009D2E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\notepad.exe[3264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009D2C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\notepad.exe[3264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009D2C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\notepad.exe[3264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009D2C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3448] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00A92E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3448] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00A92C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3448] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00A92C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe[3448] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00A92C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\pointsoft\lanceur.exe[3488] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00AB2E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\pointsoft\lanceur.exe[3488] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00AB2C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\pointsoft\lanceur.exe[3488] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00AB2C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\pointsoft\lanceur.exe[3488] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00AB2C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\msagent\AgentSvr.exe[3568] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009C2E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\msagent\AgentSvr.exe[3568] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009C2C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\msagent\AgentSvr.exe[3568] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009C2C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\msagent\AgentSvr.exe[3568] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009C2C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe[3592] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00AC2E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe[3592] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00AC2C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe[3592] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00AC2C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe[3592] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00AC2C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Microsoft Office\Office\WINWORD.EXE[3612] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00AC2E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Microsoft Office\Office\WINWORD.EXE[3612] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00AC2C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Microsoft Office\Office\WINWORD.EXE[3612] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00AC2C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Program Files\Microsoft Office\Office\WINWORD.EXE[3612] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00AC2C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\cidaemon.exe[3640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009C2E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\cidaemon.exe[3640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009C2C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\cidaemon.exe[3640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009C2C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\WINDOWS\system32\cidaemon.exe[3640] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009C2C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Documents and Settings\martinez\Bureau\c9h7jogz.exe[5300] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00A52E70] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Documents and Settings\martinez\Bureau\c9h7jogz.exe[5300] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00A52C30] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Documents and Settings\martinez\Bureau\c9h7jogz.exe[5300] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00A52C50] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) IAT C:\Documents and Settings\martinez\Bureau\c9h7jogz.exe[5300] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00A52C40] C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys@start 1 Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys@type 1 Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys@imagepath \systemroot\system32\drivers\UACcymruvdigafhabx.sys Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys@group file system Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys\modules (not active ControlSet) Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys\modules@UACd \\?\globalroot\systemroot\system32\drivers\UACcymruvdigafhabx.sys Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys\modules@UACc \\?\globalroot\systemroot\system32\UACtuikkustwxwtdcs.dll Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys\modules@uacsr \\?\globalroot\systemroot\system32\UACixwbmuoqvklnwyf.dat Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys\modules@uaclog \\?\globalroot\systemroot\system32\UACwqdiuoycxsyevne.dll Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys\modules@uacmask \\?\globalroot\systemroot\system32\UACufkhsebsebsajye.dll Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys\modules@uacserf \\?\globalroot\systemroot\system32\UACvaejyvigbbyordp.dll Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys\modules@uacmal \\?\globalroot\systemroot\system32\UACljqyubqjbcafmyx.db Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys\modules@uacrem \\?\globalroot\systemroot\system32\UACbglqiwfjtnapcdv.dll Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys\modules@uacbbr \\?\globalroot\systemroot\system32\UAClexeqjbhsknmcpy.dll Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys\modules@UACproc \\?\globalroot\systemroot\system32\UACutoidlsfbjxywua.log Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys\modules@uacurls \\?\globalroot\systemroot\system32\UACsufwjvkhmyejhsf.log Reg HKLM\SYSTEM\ControlSet001\Services\UACd.sys\modules@uacerrors \\?\globalroot\systemroot\system32\UACtxlkyofrmxdcgru.log Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys@start 1 Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys@type 1 Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys@imagepath \systemroot\system32\drivers\UACcymruvdigafhabx.sys Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys@group file system Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@UACd \\?\globalroot\systemroot\system32\drivers\UACcymruvdigafhabx.sys Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@UACc \\?\globalroot\systemroot\system32\UACtuikkustwxwtdcs.dll Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@uacsr \\?\globalroot\systemroot\system32\UACixwbmuoqvklnwyf.dat Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@uaclog \\?\globalroot\systemroot\system32\UACwqdiuoycxsyevne.dll Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@uacmask \\?\globalroot\systemroot\system32\UACufkhsebsebsajye.dll Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@uacserf \\?\globalroot\systemroot\system32\UACvaejyvigbbyordp.dll Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@uacmal \\?\globalroot\systemroot\system32\UACljqyubqjbcafmyx.db Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@uacrem \\?\globalroot\systemroot\system32\UACbglqiwfjtnapcdv.dll Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@uacbbr \\?\globalroot\systemroot\system32\UAClexeqjbhsknmcpy.dll Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@UACproc \\?\globalroot\systemroot\system32\UACutoidlsfbjxywua.log Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@uacurls \\?\globalroot\systemroot\system32\UACsufwjvkhmyejhsf.log Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@uacerrors \\?\globalroot\systemroot\system32\UACtxlkyofrmxdcgru.log Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys@start 1 Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys@type 1 Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys@imagepath \systemroot\system32\drivers\UACcymruvdigafhabx.sys Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys@group file system Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@UACd \\?\globalroot\systemroot\system32\drivers\UACcymruvdigafhabx.sys Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@UACc \\?\globalroot\systemroot\system32\UACtuikkustwxwtdcs.dll Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@uacsr \\?\globalroot\systemroot\system32\UACixwbmuoqvklnwyf.dat Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@uaclog \\?\globalroot\systemroot\system32\UACwqdiuoycxsyevne.dll Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@uacmask \\?\globalroot\systemroot\system32\UACufkhsebsebsajye.dll Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@uacserf \\?\globalroot\systemroot\system32\UACvaejyvigbbyordp.dll Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@uacmal \\?\globalroot\systemroot\system32\UACljqyubqjbcafmyx.db Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@uacrem \\?\globalroot\systemroot\system32\UACbglqiwfjtnapcdv.dll Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@uacbbr \\?\globalroot\systemroot\system32\UAClexeqjbhsknmcpy.dll Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@UACproc \\?\globalroot\systemroot\system32\UACutoidlsfbjxywua.log Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@uacurls \\?\globalroot\systemroot\system32\UACsufwjvkhmyejhsf.log Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@uacerrors \\?\globalroot\systemroot\system32\UACtxlkyofrmxdcgru.log Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys@start 1 Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys@type 1 Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys@imagepath \systemroot\system32\drivers\UACcymruvdigafhabx.sys Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys@group file system Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules (not active ControlSet) Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@UACd \\?\globalroot\systemroot\system32\drivers\UACcymruvdigafhabx.sys Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@UACc \\?\globalroot\systemroot\system32\UACtuikkustwxwtdcs.dll Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@uacsr \\?\globalroot\systemroot\system32\UACixwbmuoqvklnwyf.dat Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@uaclog \\?\globalroot\systemroot\system32\UACwqdiuoycxsyevne.dll Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@uacmask \\?\globalroot\systemroot\system32\UACufkhsebsebsajye.dll Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@uacserf \\?\globalroot\systemroot\system32\UACvaejyvigbbyordp.dll Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@uacmal \\?\globalroot\systemroot\system32\UACljqyubqjbcafmyx.db Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@uacrem \\?\globalroot\systemroot\system32\UACbglqiwfjtnapcdv.dll Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@uacbbr \\?\globalroot\systemroot\system32\UAClexeqjbhsknmcpy.dll Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@UACproc \\?\globalroot\systemroot\system32\UACutoidlsfbjxywua.log Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@uacurls \\?\globalroot\systemroot\system32\UACsufwjvkhmyejhsf.log Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@uacerrors \\?\globalroot\systemroot\system32\UACtxlkyofrmxdcgru.log Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys@start 1 Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys@type 1 Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys@imagepath \systemroot\system32\drivers\UACcymruvdigafhabx.sys Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys@group file system Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys\modules (not active ControlSet) Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys\modules@UACd \\?\globalroot\systemroot\system32\drivers\UACcymruvdigafhabx.sys Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys\modules@UACc \\?\globalroot\systemroot\system32\UACtuikkustwxwtdcs.dll Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys\modules@uacsr \\?\globalroot\systemroot\system32\UACixwbmuoqvklnwyf.dat Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys\modules@uaclog \\?\globalroot\systemroot\system32\UACwqdiuoycxsyevne.dll Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys\modules@uacmask \\?\globalroot\systemroot\system32\UACufkhsebsebsajye.dll Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys\modules@uacserf \\?\globalroot\systemroot\system32\UACvaejyvigbbyordp.dll Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys\modules@uacmal \\?\globalroot\systemroot\system32\UACljqyubqjbcafmyx.db Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys\modules@uacrem \\?\globalroot\systemroot\system32\UACbglqiwfjtnapcdv.dll Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys\modules@uacbbr \\?\globalroot\systemroot\system32\UAClexeqjbhsknmcpy.dll Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys\modules@UACproc \\?\globalroot\systemroot\system32\UACutoidlsfbjxywua.log Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys\modules@uacurls \\?\globalroot\systemroot\system32\UACsufwjvkhmyejhsf.log Reg HKLM\SYSTEM\ControlSet006\Services\UACd.sys\modules@uacerrors \\?\globalroot\systemroot\system32\UACtxlkyofrmxdcgru.log ---- Disk sectors - GMER 1.0.15 ---- Disk \Device\Harddisk0\DR0 sector 10: copy of MBR ---- EOF - GMER 1.0.15 ----

Hello Pear, dlée, j'ai dû m'absenter hier aprem, et ce matin je me remets au boulot !! merci pour tes conseils, mais impossible de faire un scan avec GMER, c'est interrompu par une fenetre intempestive "accueil windows live" et cela s'arrête ; j'ai décoché les cases comme indiquées, mais toujours le même problème .. voici le résultat OTL OTL logfile created on: 10/10/2010 07:05:40 - Run 1 OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\martinez\Bureau Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 447,00 Mb Total Physical Memory | 140,00 Mb Available Physical Memory | 31,00% Memory free 1,00 Gb Paging File | 1,00 Gb Available in Paging File | 67,00% Paging File free Paging file location(s): c:\pagefile.sys 672 1344 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 140,77 Gb Total Space | 28,54 Gb Free Space | 20,27% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MAYIE-233E48F Current User Name: martinez Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010/10/10 07:00:05 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\martinez\Bureau\OTL.scr PRC - [2010/09/21 20:37:40 | 000,932,288 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe PRC - [2009/08/19 04:35:41 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2009/07/14 17:26:32 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2009/05/19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe PRC - [2009/03/02 13:08:11 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2008/04/13 19:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008/04/13 19:33:54 | 000,256,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\msagent\agentsvr.exe PRC - [2007/09/25 20:27:50 | 000,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe PRC - [2007/08/07 02:03:18 | 000,067,128 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe PRC - [2006/06/26 11:34:58 | 000,166,448 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\QuickCam10\COCIManager.exe PRC - [2006/06/26 11:34:40 | 000,614,960 | ---- | M] () -- C:\Program Files\Logitech\QuickCam10\QuickCam10.exe PRC - [2006/06/26 11:33:42 | 000,099,888 | ---- | M] (Logitech Inc.) -- c:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcSrv.exe PRC - [2006/06/26 11:33:32 | 000,243,248 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe PRC - [2006/06/26 10:46:04 | 000,497,200 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe PRC - [2005/06/02 16:54:34 | 000,086,606 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe PRC - [2005/04/08 13:00:00 | 000,512,000 | ---- | M] (VIA Technologies, Inc.) -- C:\Program Files\VIAudioi\SBADeck\ADeck.exe PRC - [2005/03/11 18:33:00 | 000,147,456 | ---- | M] (S3 Graphics Co., Ltd.) -- C:\WINDOWS\system32\VTTrayp.exe PRC - [2005/03/08 04:33:00 | 000,053,248 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe PRC - [2002/09/30 09:29:48 | 008,826,932 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office\WINWORD.EXE PRC - [2002/01/29 14:33:14 | 000,077,824 | ---- | M] () -- C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSvc.exe PRC - [2000/11/09 17:09:42 | 000,071,952 | ---- | M] () -- C:\pointsoft\lanceur.exe ========== Modules (SafeList) ========== MOD - [2010/10/10 07:00:05 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\martinez\Bureau\OTL.scr MOD - [2008/04/13 19:33:32 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll MOD - [2008/04/13 19:33:20 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\acgenral.dll MOD - [2008/04/13 19:32:04 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx MOD - [2006/06/26 11:33:42 | 000,091,696 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- C:\Program Files\Controle Parental\bin\optproxy.exe -- (OPTENET_FILTER) SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc) SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt) SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2010/05/11 11:34:36 | 000,271,728 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice) SRV - [2009/08/19 04:35:41 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2009/07/14 17:26:32 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2009/05/19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2007/09/25 20:27:50 | 000,065,536 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe -- (FTRTSVC) SRV - [2006/06/26 11:33:56 | 000,091,696 | ---- | M] (Logitech Inc.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe -- (LVSrvLauncher) SRV - [2006/06/26 11:33:42 | 000,099,888 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) SRV - [2006/01/16 14:17:25 | 000,065,536 | ---- | M] (Systems Internals) [On_Demand | Stopped] -- C:\WINDOWS\system32\PSSDNSVC.EXE -- (PsShutdownSvc) SRV - [2005/06/02 16:54:34 | 000,086,606 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8) SRV - [2005/05/13 17:11:14 | 000,869,888 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrvR) InCD Helper (read only) SRV - [2005/05/13 17:11:14 | 000,869,888 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrv) SRV - [2002/07/17 03:03:00 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe -- (EPSONStatusAgent2) SRV - [2002/01/29 14:33:14 | 000,077,824 | ---- | M] () [Auto | Running] -- C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\usbaapl.sys -- (USBAAPL) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\LV302AV.SYS -- (PID_08A0) Labtec WebCam Pro(PID_08A0) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\lvusbsta.sys -- (LVUSBSta) DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\FBAPI.sys -- (FBAPI) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\martinez\LOCALS~1\Temp\cel90xbe.sys -- (cel90xbe) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\martinez\LOCALS~1\Temp\catchme.sys -- (catchme) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Softwin\BitDefender9\bdfdll.sys -- (bdfdll) DRV - [2010/05/01 14:05:04 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2) DRV - [2009/12/10 18:37:43 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009/07/14 17:26:32 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009/03/30 10:32:47 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2009/02/13 12:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2008/04/13 11:45:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Pilote USB audio (WDM) DRV - [2007/09/04 21:39:16 | 000,101,120 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hmvmdm.sys -- (MobileAdapter) DRV - [2007/01/16 12:56:52 | 000,450,560 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WlanBZXP.sys -- (SG762_XP) DRV - [2006/07/01 22:42:58 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2006/06/26 11:33:40 | 000,023,472 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2006/06/26 11:33:36 | 001,952,816 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv) DRV - [2006/06/26 11:33:28 | 001,587,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap) DRV - [2006/03/01 20:53:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5) DRV - [2005/05/13 17:03:52 | 000,099,584 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs) DRV - [2005/05/13 17:03:30 | 000,029,696 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass) DRV - [2005/05/13 17:03:25 | 000,028,160 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\InCDrm.sys -- (incdrm) DRV - [2005/04/08 12:48:00 | 000,179,968 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vinyl97.sys -- (VIAudio) Vinyl AC'97 Audio Controller (WDM) DRV - [2004/09/21 17:39:50 | 000,179,482 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\VVBackd5.sys -- (VVBackd5) DRV - [2004/09/21 17:39:50 | 000,043,512 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\RITCPT.SYS -- (RITCPT) DRV - [2004/05/21 21:15:50 | 000,163,328 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV532AV.SYS -- (PID_0920) Logitech QuickCam Express(PID_0920) DRV - [2003/09/23 12:38:34 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5) DRV - [2003/01/10 17:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW) DRV - [2001/08/17 22:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC) ========== Standard Registry (All) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKU\.DEFAULT\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - Reg Error: Key error. File not found IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - Reg Error: Key error. File not found IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 0 IE - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search IE - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = {searchTerms} - Yahoo! Search Results IE - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/11/28 04:01:59 | 000,000,000 | ---D | M] [2009/05/24 14:21:30 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2007/04/04 09:30:29 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} O1 HOSTS File: ([2004/08/05 14:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll (BitComet) O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (ST) - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll () O2 - BHO: (MSNToolBandBHO) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll (Microsoft Corporation) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found. O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (MSN) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found. O3 - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\..\Toolbar\ShellBrowser: (&Adresse) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O3 - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\..\Toolbar\WebBrowser: (&Adresse) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O3 - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\..\Toolbar\WebBrowser: (&Liens) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O3 - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll () O3 - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\..\Toolbar\WebBrowser: (MSN) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll (Microsoft Corporation) O3 - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\..\Toolbar\WebBrowser: (&Links) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe (VIA Technologies, Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [farstone] File not found O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe (Logitech Inc.) O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam10\QuickCam10.exe () O4 - HKLM..\Run: [synchronization Manager] C:\WINDOWS\System32\mobsync.exe (Microsoft Corporation) O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.) O4 - HKLM..\Run: [VTTrayp] C:\WINDOWS\System32\VTTrayp.exe (S3 Graphics Co., Ltd.) O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O4 - HKU\S-1-5-18..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.) O4 - Startup: C:\Documents and Settings\martinez\Menu Démarrer\Programmes\Démarrage\Lanceur Pointsoft.lnk = C:\pointsoft\lanceur.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll (BitComet) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O15 - HKU\S-1-5-21-2494012823-2727186442-3415538474-1006\..Trusted Domains: orange.fr ([webmail22] http in Sites de confiance) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1242959149750 (WUWebControl Class) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://config.zebulon.fr/plugins/MaConfig_4_1_0_2.cab ("Ma-Config.com control) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab (MsnMessengerSetupDownloadControl Class) O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab (AdSignerLCContrl Class) O16 - DPF: {C1BAC744-8F0B-11D0-89E7-00C0A8295197} http://www.crtvg.es/camweb/camera.cab (Cameractl Class) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation) O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation) O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation) O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation) O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation) O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation) O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation) O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Pré-chargeur Browseui - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Démon de cache des catégories de composant - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\martinez\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\martinez\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/01/04 14:27:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{65b0ce85-1f90-11de-bb10-0013d3a2577b}\Shell - "" = AutoRun O33 - MountPoints2\{65b0ce85-1f90-11de-bb10-0013d3a2577b}\Shell\AutoRun\command - "" = E:\VFPcAssistant.exe -- File not found O33 - MountPoints2\{65b0ce8a-1f90-11de-bb10-0013d3a2577b}\Shell - "" = AutoRun O33 - MountPoints2\{65b0ce8a-1f90-11de-bb10-0013d3a2577b}\Shell\AutoRun\command - "" = E:\VFPcAssistant.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* CREATERESTOREPOINT Restore point Set: OTL Restore Point (59967780790730752) ========== Files/Folders - Created Within 30 Days ========== [2010/10/10 06:59:58 | 000,576,512 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\martinez\Bureau\OTL.scr [2010/10/09 10:58:01 | 000,000,000 | ---D | C] -- C:\Program Files\backups [2010/10/09 06:33:55 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Program Files\HiJackThis.exe [2010/10/08 06:42:41 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\martinez\Recent [2010/10/02 07:31:55 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\Mes vidéos [2010/09/26 12:58:44 | 000,018,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2010/09/26 12:37:18 | 000,000,000 | ---D | C] -- C:\Program Files\WMV9_VCM [2010/09/25 21:23:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\martinez\Application Data\PriceGong [2010/09/25 21:10:20 | 003,094,759 | ---- | C] (Ankama Games) -- C:\Documents and Settings\martinez\Bureau\setupDofus2.exe [2010/09/16 08:31:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\martinez\Mes documents\DivX Movies [2010/09/16 01:27:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\martinez\Application Data\DivX [2010/09/16 01:22:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee.com [2010/09/16 01:22:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DVD Shrink [2010/09/16 01:22:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Comodo [2010/09/16 01:22:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU [2010/09/16 01:22:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DivX [2010/09/16 01:21:21 | 000,000,000 | ---D | C] -- C:\Program Files\vso [2010/09/16 00:17:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\martinez\Mes documents\PcSetup [2010/09/15 23:17:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DivX(2) [2010/09/11 12:56:34 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\GdiPlus.dll [2010/09/11 12:56:28 | 000,000,000 | ---D | C] -- C:\Program Files\AVS4YOU [2010/07/28 23:46:21 | 004,145,076 | ---- | C] (Ankama Games) -- C:\Program Files\setup.exe [2009/08/25 19:00:24 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\martinez\Application Data\pcouffin.sys [2006/02/22 21:23:42 | 000,469,882 | ---- | C] (FC Prod.) -- C:\Program Files\colornick2.exe [2006/02/22 00:10:04 | 009,393,352 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Install_MSN_Messenger.EXE [9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010/10/10 07:00:05 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\martinez\Bureau\OTL.scr [2010/10/10 05:38:40 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\martinez\Bureau\c9h7jogz.exe [2010/10/10 05:37:54 | 000,125,952 | ---- | M] () -- C:\Documents and Settings\martinez\Bureau\zebulon.doc [2010/10/10 05:27:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/10/09 23:34:47 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\martinez\Application Data\DofusAppId0_1 [2010/10/09 23:10:02 | 000,000,197 | ---- | M] () -- C:\Documents and Settings\martinez\Application Data\D2Info0 [2010/10/09 23:04:51 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\martinez\Application Data\DofusAppId0_2 [2010/10/09 13:04:49 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010/10/09 13:04:44 | 000,210,944 | ---- | M] () -- C:\Documents and Settings\martinez\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/10/09 07:17:23 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/10/09 06:41:39 | 000,000,583 | ---- | M] () -- C:\Documents and Settings\martinez\Bureau\Raccourci vers HiJackThis.exe.lnk [2010/10/09 06:34:18 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\HiJackThis.exe [2010/10/08 09:26:01 | 720,810,898 | ---- | M] () -- C:\Documents and Settings\martinez\Bureau\Les.Secrets.(dawe7a).Vostfr.DvDrip.Xvid.[2emule.com].avi [2010/10/06 14:35:19 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\martinez\Application Data\DofusAppId0_3 [2010/10/05 23:12:55 | 009,437,184 | ---- | M] () -- C:\Documents and Settings\martinez\ntuser.dat [2010/10/05 03:14:32 | 001,101,364 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/10/05 03:14:32 | 000,497,278 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2010/10/05 03:14:32 | 000,462,908 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/10/05 03:14:32 | 000,093,306 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2010/10/05 03:14:32 | 000,077,626 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/10/04 05:45:32 | 000,000,284 | -HS- | M] () -- C:\Documents and Settings\martinez\ntuser.ini [2010/10/03 03:25:15 | 655,927,296 | ---- | M] () -- C:\Documents and Settings\martinez\Bureau\Génération 90.FR.Ethan Hawke.Winona Rider.avi [2010/10/02 02:27:25 | 746,741,760 | ---- | M] () -- C:\Documents and Settings\martinez\Bureau\Au Nom D'anna - Ben Stiller - Edward Norton (Divx-Fr) By Ekomos - Ng.avi [2010/10/02 01:05:19 | 733,792,256 | ---- | M] () -- C:\Documents and Settings\martinez\Bureau\Polly.Et.Moi.FRENCH.DVDrip.XviD..mey40.Vraie.VF.Shared.by.Selauqs.[emule-island.com].avi [2010/09/26 13:36:21 | 000,000,769 | ---- | M] () -- C:\WINDOWS\win.ini [2010/09/26 13:10:28 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2010/09/26 13:09:54 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2010/09/26 12:52:06 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2010/09/25 21:10:57 | 000,000,753 | ---- | M] () -- C:\Documents and Settings\martinez\Bureau\Dofus 2.lnk [2010/09/25 21:10:45 | 003,094,759 | ---- | M] (Ankama Games) -- C:\Documents and Settings\martinez\Bureau\setupDofus2.exe [2010/09/24 21:47:17 | 004,152,635 | ---- | M] (Ankama Games) -- C:\Documents and Settings\martinez\Bureau\setup.exe [2010/09/23 22:01:46 | 1618,256,690 | ---- | M] () -- C:\Documents and Settings\martinez\Bureau\06-E J-Yong - Untold Scandal (Vostfr).avi [2010/09/22 10:24:44 | 000,016,574 | ---- | M] () -- C:\WINDOWS\EPISMF00.SWB [2010/09/17 16:25:10 | 000,094,720 | ---- | M] () -- C:\Documents and Settings\martinez\Mes documents\LISTE BEBE KATIA.doc [2010/09/16 08:51:26 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\DivX Player.lnk [2010/09/16 08:48:00 | 000,001,357 | ---- | M] () -- C:\Documents and Settings\martinez\Bureau\DivX Movies.lnk [2010/09/16 00:16:41 | 000,001,057 | ---- | M] () -- C:\Documents and Settings\martinez\Application Data\vso_ts_preview.xml [2010/09/11 12:28:23 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\martinez\Bureau\stages mathieu.doc [9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/10/10 05:38:38 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\martinez\Bureau\c9h7jogz.exe [2010/10/10 05:37:53 | 000,125,952 | ---- | C] () -- C:\Documents and Settings\martinez\Bureau\zebulon.doc [2010/10/09 06:41:38 | 000,000,583 | ---- | C] () -- C:\Documents and Settings\martinez\Bureau\Raccourci vers HiJackThis.exe.lnk [2010/10/09 06:34:58 | 000,009,986 | ---- | C] () -- C:\Program Files\hijackthis.log [2010/09/29 10:31:11 | 733,792,256 | ---- | C] () -- C:\Documents and Settings\martinez\Bureau\Polly.Et.Moi.FRENCH.DVDrip.XviD..mey40.Vraie.VF.Shared.by.Selauqs.[emule-island.com].avi [2010/09/29 10:12:08 | 746,741,760 | ---- | C] () -- C:\Documents and Settings\martinez\Bureau\Au Nom D'anna - Ben Stiller - Edward Norton (Divx-Fr) By Ekomos - Ng.avi [2010/09/29 10:10:13 | 655,927,296 | ---- | C] () -- C:\Documents and Settings\martinez\Bureau\Génération 90.FR.Ethan Hawke.Winona Rider.avi [2010/09/27 04:55:30 | 720,810,898 | ---- | C] () -- C:\Documents and Settings\martinez\Bureau\Les.Secrets.(dawe7a).Vostfr.DvDrip.Xvid.[2emule.com].avi [2010/09/26 13:10:27 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb [2010/09/24 08:32:40 | 1618,256,690 | ---- | C] () -- C:\Documents and Settings\martinez\Bureau\06-E J-Yong - Untold Scandal (Vostfr).avi [2010/09/17 16:25:09 | 000,094,720 | ---- | C] () -- C:\Documents and Settings\martinez\Mes documents\LISTE BEBE KATIA.doc [2010/09/16 08:51:26 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\DivX Player.lnk [2010/09/16 08:48:00 | 000,001,357 | ---- | C] () -- C:\Documents and Settings\martinez\Bureau\DivX Movies.lnk [2010/09/12 14:11:51 | 009,437,184 | ---- | C] () -- C:\Documents and Settings\martinez\ntuser.dat [2010/09/11 12:28:22 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\martinez\Bureau\stages mathieu.doc [2010/07/31 20:34:04 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\martinez\Application Data\DofusAppId0_3 [2010/06/18 18:07:21 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\martinez\Application Data\DofusAppId0_1 [2010/06/18 17:49:59 | 000,000,197 | ---- | C] () -- C:\Documents and Settings\martinez\Application Data\D2Info0 [2010/06/18 17:49:58 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\martinez\Application Data\DofusAppId0_2 [2009/08/25 19:02:15 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\martinez\Application Data\vso_ts_preview.xml [2009/08/25 19:01:02 | 000,000,055 | ---- | C] () -- C:\Documents and Settings\martinez\Application Data\pcouffin.log [2009/08/25 19:00:24 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\martinez\Application Data\inst.exe [2009/08/25 19:00:24 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\martinez\Application Data\pcouffin.cat [2009/08/25 19:00:24 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\martinez\Application Data\pcouffin.inf [2009/06/06 19:45:16 | 002,953,069 | ---- | C] () -- C:\Program Files\DofusInstaller_v1_27_0.exe [2009/05/31 18:28:56 | 005,801,592 | ---- | C] () -- C:\Program Files\bitcomet_setup.exe [2008/12/08 05:22:42 | 000,000,021 | ---- | C] () -- C:\WINDOWS\kit.ini [2008/09/15 16:52:02 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\Wh2Robo.dll [2008/07/23 18:50:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2008/07/23 18:47:34 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest [2008/07/23 18:47:34 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest [2008/07/23 18:46:38 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll [2008/06/01 15:49:00 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\martinez\Application Data\QuickZip45.ini [2007/09/18 19:12:33 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2007/04/23 20:51:19 | 000,000,040 | ---- | C] () -- C:\WINDOWS\NAVIGMA.INI [2007/02/04 15:30:53 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\fusioncache.dat [2006/11/17 23:07:06 | 000,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini [2006/06/26 11:33:40 | 000,023,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys [2006/04/08 14:02:44 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI [2006/03/19 13:36:40 | 000,290,919 | ---- | C] () -- C:\WINDOWS\System32\pythoncom21.dll [2006/03/19 13:36:40 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes21.dll [2006/03/19 13:35:00 | 000,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll [2006/03/19 13:35:00 | 000,000,072 | R--- | C] () -- C:\WINDOWS\System32\epDPE.ini [2006/03/03 19:52:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI [2006/02/27 22:25:08 | 000,163,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\LV532AV.SYS [2006/02/17 00:19:06 | 000,210,944 | ---- | C] () -- C:\Documents and Settings\martinez\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006/02/15 13:44:23 | 000,179,482 | ---- | C] () -- C:\WINDOWS\System32\drivers\VVBackd5.sys [2006/02/14 23:22:02 | 000,000,015 | ---- | C] () -- C:\WINDOWS\wgedit.ini [2006/02/14 23:03:04 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI [2006/02/14 22:51:51 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\EEBAPI.dll [2006/02/14 22:51:51 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\EEBDSCVR.dll [2006/02/14 22:51:51 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\EBAPI.dll [2006/02/14 22:32:53 | 000,000,482 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006/02/14 22:22:40 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI [2006/02/14 20:59:24 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\martinez\Local Settings\Application Data\fusioncache.dat [2006/01/06 12:05:01 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2006/01/06 10:56:46 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006/01/05 11:12:14 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\UnAudioNT.dll [2006/01/04 18:48:54 | 000,000,978 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2006/01/04 14:36:26 | 000,043,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\RITCPT.SYS [2006/01/04 14:31:53 | 000,000,931 | ---- | C] () -- C:\WINDOWS\orun32.ini [2000/04/12 16:28:12 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.dll [2000/04/12 16:24:10 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll [1999/01/27 14:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll [1999/01/22 20:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [1997/06/13 08:56:08 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll ========== LOP Check ========== [2010/06/16 06:34:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com [2010/02/09 23:43:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus! [2006/02/14 22:35:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBT [2006/02/15 13:07:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint [2010/05/31 17:37:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\AdSigner [2010/06/18 17:51:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\app [2010/02/26 12:02:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\CoSoSys [2010/10/09 22:07:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\Dofus 2 [2010/06/18 17:50:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2010/07/31 20:34:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2010/06/18 18:07:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2007/04/10 21:35:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\EPSON [2006/02/27 22:26:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\FotoWire [2009/08/26 17:23:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\InfraRecorder [2007/04/23 20:52:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\Micro Application [2006/02/21 20:14:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\MSNInstaller [2010/09/26 11:37:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\PriceGong [2010/06/18 17:51:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 [2008/06/22 21:22:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\TaoUSign [2007/05/22 23:45:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\Uniblue [2009/06/05 09:16:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\uTorrent [2008/08/12 05:31:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\Viewpoint [2010/09/16 00:17:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\Vso [2010/07/03 20:25:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martinez\Application Data\Windows Live Writer ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > [2010/07/09 23:32:40 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\HiJackThis.exe [2010/07/08 23:29:54 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\malwarebytes-anti-malware_malwarebytes_anti-malware_1.46_francais_215092.exe [2009/03/05 01:40:47 | 000,974,336 | ---- | M] (Pierre TORRIS) -- C:\WinfoKeys.exe < MD5 for: AGP440.SYS > [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\I386\sp2.cab:AGP440.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2008/04/13 19:47:24 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys [2008/04/13 19:47:24 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2008/04/13 11:36:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008/04/13 11:36:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys < MD5 for: ATAPI.SYS > [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008/04/13 19:47:24 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys [2008/04/13 19:47:24 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008/04/13 11:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008/04/13 11:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004/08/05 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys < MD5 for: CDROM.SYS > [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\I386\sp2.cab:cdrom.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2008/04/13 19:47:24 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:cdrom.sys [2008/04/13 19:47:24 | 020,102,028 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2008/04/13 11:40:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008/04/13 11:40:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2004/08/05 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys < MD5 for: EVENTLOG.DLL > [2004/08/05 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2008/04/13 19:33:26 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008/04/13 19:33:26 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll < MD5 for: EXPLORER.EXE > [2004/08/05 14:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe [2004/08/05 14:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe [2007/06/13 15:10:53 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=B795475444D6D57A572C14B9E1A29839 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe [2008/04/13 19:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe [2008/04/13 19:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe < MD5 for: NETLOGON.DLL > [2008/04/13 19:33:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008/04/13 19:33:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll [2004/08/05 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll < MD5 for: SCECLI.DLL > [2008/04/13 19:33:42 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008/04/13 19:33:42 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll [2004/08/05 14:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll < MD5 for: USERINIT.EXE > [2004/08/05 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D6D65EA32B190401B57EDB6706F29669 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe [2008/04/13 19:34:28 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe [2008/04/13 19:34:28 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe < %systemroot%\*. /mp /s > < End of report > Merci à toi !!

Merci Pear, J'ai fait comme tu m'as dit, mais j'ai tout de même encore des fenêtres qui s'ouvrent malgrè moi ; donc, d'après toi, mon rapport hijacthis est ok ? Si c'est le cas, j'ai peut-être un autre problème ..

Merci de bien vouloir analyser mon rapport hitjackthis ci-dessous, j'ai à n'importe quel moment des fenêtres intempestives qui s'ouvrent, mon antivirus ne détecte aucun virus, pas plus que mal que malwerebytes.. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 06:41:46, on 09/10/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\WINDOWS\system32\VTtrayp.exe C:\WINDOWS\system32\VTTimer.exe C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Logitech\QuickCam10\QuickCam10.exe C:\Program Files\VIAudioi\SBADeck\ADeck.exe C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\pointsoft\lanceur.exe C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe C:\Program Files\Logitech\QuickCam10\COCIManager.exe C:\WINDOWS\system32\cidaemon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Voila - Recherche R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Tropal.net R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O2 - BHO: (no name) - {BE8A4424-DC23-4493-A04D-AC20AD8EEBC2} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1 O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: Lanceur Pointsoft.lnk = C:\pointsoft\lanceur.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Lanceur Pointsoft.lnk = C:\pointsoft\lanceur.exe (User 'Default user') O4 - Startup: Lanceur Pointsoft.lnk = C:\pointsoft\lanceur.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing) O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll/206 (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - Orange : téléphones, forfaits, Internet, actualité, sport, video (file missing) (HKCU) O15 - Trusted Zone: mail Orange O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - Page introuvable | Facebook O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1242959149750 O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - Page introuvable | Facebook O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://config.zebulon.fr/plugins/MaConfig_4_1_0_2.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab O16 - DPF: {C1BAC744-8F0B-11D0-89E7-00C0A8295197} (Cameractl Class) - http://www.crtvg.es/camweb/camera.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{54D1FA34-5770-4F7D-A220-56E44C25F9B3}: NameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{FB9F523C-D5F3-45CE-904D-4B248B3B9079}: NameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{FE00D3BE-16CD-4030-AAA3-DBF822E52A31}: NameServer = 192.168.1.1 O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe (file missing) O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing) O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: PsShutdown (PsShutdownSvc) - Systems Internals - C:\WINDOWS\System32\PSSDNSVC.EXE -- End of file - 12685 bytes

Merci Serge83, j'ai fait toutes les manips que tu m'as indiquées, je n'ai pas pu redemarrer le pc ; rien ne se charge .. j'ai vérifié tous les branchements internes, tout à l'air ok (on ne sait jamais j'aurai pu débrancher ou bouger une prise) ?? d'où ça peut provenir , en as-tu une idée ?? je pige pas je précise que le pc reste sous tension ... mais rien ne se passe si ce n'est qu'il démarre, mais rien ne charge ; il n'émet aucun bip bip anormal, si ce n'est deux bip quand je le rallume aprés avoir éteint complètement, je pense que ce sont les bips d'allumage, je ne sais pas si c'est la carte mère ou le dd ou autre chose ou la carte vidéo Merci d'avance pour tes conseils... car je nage dans l'incertitude..

Hello Serge, j'ai fait ce que tu m'as indiqué, c'est la même chose, toujours aucun chargement de windows, ni d'écran ; je ne comprends pas du tout, hier j'avais les périphériques qui fonctionnaient, mais là, je n'en ai plus aucune, sauf le clavier ... je suis dans la panade je n'aurais peut-être pas dû enlever la pile de la cm.. je vais tester à nouveau dans un moment.. Merci beaucoup pour ton aide

re, merci Thorgal, mais le démarrage sans échec impossible, de plus je ne vois rien à l'écran ; j'ai laissé toute la nuit le pc débranché, enlevé la pile de la cm, et là ce matin, je n'ai plus windows qui se charge, je crains le pire .... je vais de nouveau essayer de redémarrer dans un petit moment ...

Coucou, Merci pour ta réponse, Thorgal ! j'ai oublié de mentionner, que malheureusement, le lecteur dvd ne s'ouvre plus .. donc je ne peux pas insérer des cd d'installation... windows se charge, le son aussi, et tu penses que cela peut venir du disque dur ? et comment le mettre en esclave ?? Le clavier aussi répond ... clé usb aussi, tous les périphériques sauf la souris, écran et lecteur dvd .. qu'en penses-tu ?? Mille mercis ..

Bonjour, Voilà, j'ai encore un problème avec le pc de mon fiston : il jouait à un jeu très connu sur internet, et d'un coup, l'écran est devenu noir..plus rien , bref, il a tout débranché ... Depuis hier, j'essaie de le redemarrer, mais en vain, l'écran reste en veille (bouton orange allumé), il y a une fraction de seconde un vert, mais de suite en veille, donc je ne peux rien faire ; windows se charge, j'entends le son .. je rajoute quand je le redémarre, il y a deux très brefs bip bips (je n'ai jamais prêté attention si cela le faisait avant)... que puis-je faire pour savoir d'où vient la panne ?? Je précise que l'écran fonctionne sur mon autre pc, donc cela ne vient pas de lui... Merci d'avance pour vos réponses, voici la config, RésuméInformations générales Version du plugin 4.1.0.3 Version de la base 15 Date de la détection 29/06/2010 20:24 Nom de la machine martinez-c19820 Modules Système d'exploitation Windows XP Edition familliale (build 2600) Service Pack 3 Navigateur web par défaut: Internet Explorer Client e-mail par défaut: Antivirus: AntiVir Desktop 9.0.1.32 Carte mère SMBios version 2.3 ASUSTeK Computer INC. A7N8X-LA Rev 1.xx Bios: American Megatrends Inc. 3.03 06/27/2003 taille: 512Kb Chipset Northbridge: NVIDIA nForce2 400 Southbridge: NVIDIA nForce2 MCP Processeur AMD Athlon XP Thoroughbred Socket A (462) (@0.13 um) -1 Mhz ( L1I: 64 Ko, L1D: 64 Ko, L2: 256 Ko ) Mémoire Mémoire physique totale: 256 Mo, Type: DDR, @166.4MHz, 2.5-3-3-7--1T DDR Samsung M3 68L3223DTM-CB3 256 Mo PC2700 (166 Mhz) Carte Graphique RADEON 9200 RADEON 9200 - Secondary Périphériques IDE WDC WD1600AAJB-00J3A0 01.03E01 (ATA, 149.05 Go, tampon: 8 Mo) Lecteurs CD/DVD TSSTcorpCDDVDW SH-S202N SB01 (DVD-R/DL sequential recording Recorder) Disque dur WDC WD1600AAJB-00J3A0 Cartes PCI/AGP Stockage nVidia Corporation:nForce2 IDE: Réseau nVidia Corporation:nForce2 Ethernet Controller: A7N8X Mainboard onboard nForce2 Ethernet Affichage ATI Technologies Inc:RV280 [Radeon 9200]: ATI Technologies Inc:RV280 [Radeon 9200] (Secondary): Multimedia nVidia Corporation:nForce2 AC97 Audio Controler (MCP): nForce2 AC97 Audio Controler (MCP) Mémoires nVidia Corporation:nForce2 Memory Controller 0: nVidia Corporation:nForce2 Memory Controller 4: nVidia Corporation:nForce2 Memory Controller 3: nVidia Corporation:nForce2 Memory Controller 2: nVidia Corporation:nForce2 Memory Controller 5: Ponts nVidia Corporation:nForce2 IGP2: nVidia Corporation:nForce2 ISA Bridge: A7N8X Mainboard nVidia Corporation:nForce2 External PCI Bridge nVidia Corporation:nForce2 AGP Bus Series nVidia Corporation:nForce2 SMBus (MCP): nVidia Corporation:nForce2 USB Controller: nVidia Corporation:nForce2 USB Controller: nVidia Corporation:nForce2 USB Controller: nVidia Corporation:nForce2 FireWire (IEEE 1394) Controller: Périphérique USB Logitech, Inc. LX710 Cordless Desktop Laser (Périphérique USB composite) Logitech, Inc. LX710 Cordless Desktop Laser (Périphérique d'interface utilisateur USB) Logitech, Inc. LX710 Cordless Desktop Laser (Périphérique d'interface utilisateur USB) Guillemot Corp. Hercules Wireless G ultra-mini USB (Hercules Wireless G ultra-mini USB) Clavier Périphérique clavier PIH Souris Souris Logitech sur port PS/2 Souris HID Ecran(s) Écran Plug-and-Play