Aller au contenu

Colonel Klinck

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    39

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par Colonel Klinck

  1. Colonel Klinck
    Et voici le rapport MBAM au passage je signale qu'au redémarrage de l'ordi il s'affiche désormais qu'un certains nombre de programmes (29 en tout) de démarrage sont bloqués. Malwarebytes' Anti-Malware 1.43 Version de la base de données: 3486 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18865 03/01/2010 14:03:41 mbam-log-2010-01-03 (14-03-41).txt Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|) Eléments examinés: 284102 Temps écoulé: 1 hour(s), 2 minute(s), 17 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 3 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Users\Stéphane\Local Settings\Application Data\ogkug_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Users\Stéphane\Local Settings\Application Data\ogkug_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Users\Stéphane\Local Settings\Application Data\ogkug.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
  2. Colonel Klinck
    Voici le contenu log.txt : Logfile of random's system information tool 1.06 (written by random/random) Run by Pascale at 2010-01-03 12:15:45 Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 System drive C: has 384 GB (82%) free of 469 GB Total RAM: 3071 MB (56% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:16:22, on 03/01/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18865) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe C:\hp\support\hpsysdrv.exe C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\Windows\RtHDVCpl.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Windows\System32\rundll32.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\Windows\System32\ServoApp.exe C:\Program Files\MFP Server\App\Common\MFPAgent.exe C:\Windows\System32\rundll32.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\DartyBox_v3\Sagem\AssistantDB\AssistantDB_Sagem.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\schtasks.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Windows\system32\conime.exe C:\hp\kbd\kbd.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Windows\system32\Macromed\Flash\FlashUtil10d.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Pascale\Downloads\RSIT.exe C:\Users\Pascale\Downloads\Pascale.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dartybox.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateReg] "C:\Windows\system32\jureg.exe" O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKLM\..\Run: [MFP Manager] C:\Program Files\MFP Server\MFPAgent.exe -CheckAutoRun O4 - HKLM\..\Run: [server Application] C:\Windows\system32\ServoApp.exe O4 - HKLM\..\Run: [GDI Manager] "C:\Program Files\MFP Server\App\Common\MFPAgent.exe" O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [EPSON Stylus SX400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE /FU "C:\Windows\TEMP\E_S5F8.tmp" /EF "HKCU" O4 - HKCU\..\Run: [Assistant DartyBox] C:\Program Files\DartyBox_v3\Sagem\AssistantDB\AssistantDB_Sagem.exe -m O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype add-on - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Intel® Alert Service (AlertService) - Intel® Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe O23 - Service: BitDefender Serveur Arrakis (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Intel® Software Services Manager (ISSM) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: Intel® Viiv Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe O23 - Service: Intel® Application Tracker (MCLServiceATL) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Intel® Remoting Service (Remote UI Service) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe -- End of file - 12900 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Norton Security Scan for Stéphane.job C:\Windows\tasks\User_Feed_Synchronization-{8CE74A13-F8C7-4AEE-8B9B-3D07B1273DF9}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] Skype add-on (mastermind) - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL [2006-08-18 624168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-08 263280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-05 764912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll [2009-11-18 128832] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-08 263280] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184] "hpsysdrv"=c:\hp\support\hpsysdrv.exe [2007-04-18 65536] "KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536] "OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [2007-02-15 118784] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-07-06 4669440] "CCUTRAYICON"=FactoryMode [] "HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-05-24 71176] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048] "SunJavaUpdateReg"=C:\Windows\system32\jureg.exe [2007-04-07 54936] "HP Software Update"=c:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-02-16 49152] "Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048] "NvSvc"=C:\Windows\system32\nvsvc.dll [2007-08-28 86016] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-08-28 8473120] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-08-28 81920] "LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam\Quickcam.exe [2008-12-20 2656528] "MFP Manager"=C:\Program Files\MFP Server\MFPAgent.exe -CheckAutoRun [] "Server Application"=C:\Windows\system32\ServoApp.exe [2007-05-20 417792] "GDI Manager"=C:\Program Files\MFP Server\App\Common\MFPAgent.exe [2008-05-06 741376] "BitDefender Antiphishing Helper"=C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe [2009-11-18 71152] "BDAgent"=C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe [2009-12-16 1118144] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Launcher"=C:\Windows\SMINST\launcher.exe [2007-04-03 44168] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920] "HPADVISOR"=C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2007-06-01 1783400] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-16 39408] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2007-03-16 25268264] "EPSON Stylus SX400 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE [2007-12-17 188928] "Assistant DartyBox"=C:\Program Files\DartyBox_v3\Sagem\AssistantDB\AssistantDB_Sagem.exe [2009-04-09 4665856] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0af5db2a-7e06-11dc-97d2-806e6f6e6963}] shell\AutoRun\command - E:\autorun.exe ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2010-01-03 12:15:45 ----D---- C:\rsit 2009-12-25 15:03:38 ----D---- C:\Program Files\Windows Portable Devices 2009-12-25 13:25:12 ----A---- C:\Windows\system32\UIAnimation.dll 2009-12-25 13:25:11 ----A---- C:\Windows\system32\UIRibbonRes.dll 2009-12-25 13:25:11 ----A---- C:\Windows\system32\UIRibbon.dll 2009-12-25 13:24:32 ----A---- C:\Windows\system32\WMPhoto.dll 2009-12-25 13:24:31 ----A---- C:\Windows\system32\cdd.dll 2009-12-25 13:24:29 ----A---- C:\Windows\system32\XpsRasterService.dll 2009-12-25 13:24:29 ----A---- C:\Windows\system32\XpsGdiConverter.dll 2009-12-25 13:24:29 ----A---- C:\Windows\system32\WindowsCodecsExt.dll 2009-12-25 13:24:29 ----A---- C:\Windows\system32\WindowsCodecs.dll 2009-12-25 13:24:29 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll 2009-12-25 13:24:29 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll 2009-12-25 13:24:29 ----A---- C:\Windows\system32\dxdiagn.dll 2009-12-25 13:24:29 ----A---- C:\Windows\system32\d3d10warp.dll 2009-12-25 13:24:29 ----A---- C:\Windows\system32\d2d1.dll 2009-12-25 13:24:28 ----A---- C:\Windows\system32\xpsservices.dll 2009-12-25 13:24:28 ----A---- C:\Windows\system32\XpsPrint.dll 2009-12-25 13:24:28 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe 2009-12-25 13:24:28 ----A---- C:\Windows\system32\OpcServices.dll 2009-12-25 13:24:28 ----A---- C:\Windows\system32\FntCache.dll 2009-12-25 13:24:28 ----A---- C:\Windows\system32\dxdiag.exe 2009-12-25 13:24:27 ----A---- C:\Windows\system32\dxgi.dll 2009-12-25 13:24:27 ----A---- C:\Windows\system32\DWrite.dll 2009-12-25 13:24:27 ----A---- C:\Windows\system32\d3d11.dll 2009-12-25 13:24:27 ----A---- C:\Windows\system32\d3d10level9.dll 2009-12-25 13:24:27 ----A---- C:\Windows\system32\d3d10core.dll 2009-12-25 13:24:27 ----A---- C:\Windows\system32\d3d10_1core.dll 2009-12-25 13:24:27 ----A---- C:\Windows\system32\d3d10_1.dll 2009-12-25 13:24:27 ----A---- C:\Windows\system32\d3d10.dll 2009-12-25 13:23:43 ----A---- C:\Windows\system32\WPDShextAutoplay.exe 2009-12-25 13:23:43 ----A---- C:\Windows\system32\wpdbusenum.dll 2009-12-25 13:23:43 ----A---- C:\Windows\system32\BthMtpContextHandler.dll 2009-12-25 13:23:31 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll 2009-12-25 13:23:29 ----A---- C:\Windows\system32\wpdshext.dll 2009-12-25 13:23:28 ----A---- C:\Windows\system32\WPDSp.dll 2009-12-25 13:23:28 ----A---- C:\Windows\system32\WPDShServiceObj.dll 2009-12-25 13:23:28 ----A---- C:\Windows\system32\wpd_ci.dll 2009-12-25 13:23:28 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll 2009-12-25 13:23:28 ----A---- C:\Windows\system32\PortableDeviceTypes.dll 2009-12-25 13:23:28 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll 2009-12-25 13:23:28 ----A---- C:\Windows\system32\PortableDeviceApi.dll 2009-12-25 13:22:27 ----A---- C:\Windows\system32\oleaccrc.dll 2009-12-25 13:22:26 ----A---- C:\Windows\system32\UIAutomationCore.dll 2009-12-25 13:22:26 ----A---- C:\Windows\system32\oleacc.dll 2009-12-25 13:19:53 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll 2009-12-25 13:19:53 ----A---- C:\Windows\system32\Apphlpdm.dll 2009-12-25 13:19:35 ----A---- C:\Windows\system32\wmp.dll 2009-12-25 13:19:32 ----A---- C:\Windows\system32\unregmp2.exe 2009-12-25 13:19:28 ----A---- C:\Windows\system32\wmploc.DLL 2009-12-22 13:02:58 ----D---- C:\Program Files\Microsoft Sync Framework 2009-12-22 13:00:44 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition 2009-12-22 12:59:37 ----D---- C:\Program Files\Microsoft 2009-12-22 12:59:24 ----D---- C:\Program Files\Windows Live SkyDrive 2009-12-12 20:53:33 ----A---- C:\Windows\system32\nshhttp.dll 2009-12-12 20:53:30 ----A---- C:\Windows\system32\httpapi.dll 2009-12-10 21:42:50 ----A---- C:\Windows\system32\winhttp.dll 2009-12-10 21:42:48 ----A---- C:\Windows\system32\mshtml.dll 2009-12-10 21:42:47 ----A---- C:\Windows\system32\wininet.dll 2009-12-10 21:42:47 ----A---- C:\Windows\system32\urlmon.dll 2009-12-10 21:42:47 ----A---- C:\Windows\system32\occache.dll 2009-12-10 21:42:47 ----A---- C:\Windows\system32\msfeeds.dll 2009-12-10 21:42:47 ----A---- C:\Windows\system32\iertutil.dll 2009-12-10 21:42:47 ----A---- C:\Windows\system32\ieframe.dll 2009-12-10 21:42:46 ----A---- C:\Windows\system32\msfeedssync.exe 2009-12-10 21:42:46 ----A---- C:\Windows\system32\msfeedsbs.dll 2009-12-10 21:42:46 ----A---- C:\Windows\system32\jsproxy.dll 2009-12-10 21:42:46 ----A---- C:\Windows\system32\ieUnatt.exe 2009-12-10 21:42:46 ----A---- C:\Windows\system32\ieui.dll 2009-12-10 21:42:46 ----A---- C:\Windows\system32\iesysprep.dll 2009-12-10 21:42:46 ----A---- C:\Windows\system32\iesetup.dll 2009-12-10 21:42:46 ----A---- C:\Windows\system32\iernonce.dll 2009-12-10 21:42:46 ----A---- C:\Windows\system32\iepeers.dll 2009-12-10 21:42:46 ----A---- C:\Windows\system32\iedkcs32.dll 2009-12-10 21:42:46 ----A---- C:\Windows\system32\ie4uinit.exe 2009-12-10 21:42:26 ----A---- C:\Windows\system32\rastls.dll 2009-12-07 18:24:16 ----A---- C:\bdlog.txt ======List of files/folders modified in the last 1 months====== 2010-01-03 12:16:08 ----D---- C:\Windows\Prefetch 2010-01-03 12:15:28 ----D---- C:\Windows\Temp 2010-01-03 12:01:30 ----D---- C:\Users\Pascale\AppData\Roaming\Skype 2010-01-03 11:59:54 ----D---- C:\Windows\SMINST 2009-12-31 22:04:55 ----D---- C:\ProgramData\Spybot - Search & Destroy 2009-12-31 21:03:24 ----D---- C:\Windows\system32\Tasks 2009-12-31 20:18:49 ----D---- C:\Windows\System32 2009-12-31 14:10:13 ----D---- C:\Windows\Debug 2009-12-31 14:10:13 ----D---- C:\Windows 2009-12-31 12:07:18 ----SHD---- C:\System Volume Information 2009-12-26 15:29:24 ----RD---- C:\Program Files 2009-12-26 15:29:24 ----D---- C:\ProgramData\NOS 2009-12-26 15:29:10 ----SD---- C:\Windows\Downloaded Program Files 2009-12-25 15:21:40 ----D---- C:\Windows\rescache 2009-12-25 15:16:55 ----D---- C:\Windows\winsxs 2009-12-25 15:13:14 ----D---- C:\Windows\inf 2009-12-25 15:13:14 ----A---- C:\Windows\system32\PerfStringBackup.INI 2009-12-25 15:06:31 ----D---- C:\Windows\system32\catroot 2009-12-25 15:05:27 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-12-25 15:03:39 ----D---- C:\Windows\system32\fr-FR 2009-12-25 15:03:38 ----D---- C:\Windows\system32\wbem 2009-12-25 15:03:38 ----D---- C:\Windows\system32\drivers 2009-12-25 15:03:37 ----D---- C:\Windows\system32\zh-TW 2009-12-25 15:03:37 ----D---- C:\Windows\system32\zh-HK 2009-12-25 15:03:37 ----D---- C:\Windows\system32\zh-CN 2009-12-25 15:03:37 ----D---- C:\Windows\system32\uk-UA 2009-12-25 15:03:37 ----D---- C:\Windows\system32\tr-TR 2009-12-25 15:03:37 ----D---- C:\Windows\system32\th-TH 2009-12-25 15:03:37 ----D---- C:\Windows\system32\sv-SE 2009-12-25 15:03:37 ----D---- C:\Windows\system32\sr-Latn-CS 2009-12-25 15:03:37 ----D---- C:\Windows\system32\sl-SI 2009-12-25 15:03:37 ----D---- C:\Windows\system32\sk-SK 2009-12-25 15:03:37 ----D---- C:\Windows\system32\ru-RU 2009-12-25 15:03:37 ----D---- C:\Windows\system32\ro-RO 2009-12-25 15:03:37 ----D---- C:\Windows\system32\pt-PT 2009-12-25 15:03:37 ----D---- C:\Windows\system32\pt-BR 2009-12-25 15:03:37 ----D---- C:\Windows\system32\pl-PL 2009-12-25 15:03:37 ----D---- C:\Windows\system32\nl-NL 2009-12-25 15:03:37 ----D---- C:\Windows\system32\nb-NO 2009-12-25 15:03:37 ----D---- C:\Windows\system32\lv-LV 2009-12-25 15:03:37 ----D---- C:\Windows\system32\lt-LT 2009-12-25 15:03:37 ----D---- C:\Windows\system32\ko-KR 2009-12-25 15:03:37 ----D---- C:\Windows\system32\ja-JP 2009-12-25 15:03:37 ----D---- C:\Windows\system32\it-IT 2009-12-25 15:03:37 ----D---- C:\Windows\system32\hu-HU 2009-12-25 15:03:37 ----D---- C:\Windows\system32\hr-HR 2009-12-25 15:03:37 ----D---- C:\Windows\system32\he-IL 2009-12-25 15:03:37 ----D---- C:\Windows\system32\fi-FI 2009-12-25 15:03:37 ----D---- C:\Windows\system32\et-EE 2009-12-25 15:03:37 ----D---- C:\Windows\system32\es-ES 2009-12-25 15:03:37 ----D---- C:\Windows\system32\en-US 2009-12-25 15:03:37 ----D---- C:\Windows\system32\el-GR 2009-12-25 15:03:37 ----D---- C:\Windows\system32\de-DE 2009-12-25 15:03:37 ----D---- C:\Windows\system32\da-DK 2009-12-25 15:03:37 ----D---- C:\Windows\system32\cs-CZ 2009-12-25 15:03:37 ----D---- C:\Windows\system32\bg-BG 2009-12-25 15:03:37 ----D---- C:\Windows\system32\ar-SA 2009-12-25 15:03:36 ----D---- C:\Windows\AppPatch 2009-12-25 15:03:36 ----D---- C:\Program Files\Windows Media Player 2009-12-25 15:03:36 ----D---- C:\Program Files\Windows Mail 2009-12-25 15:03:36 ----D---- C:\Program Files\Internet Explorer 2009-12-25 13:24:58 ----D---- C:\Windows\system32\catroot2 2009-12-25 12:57:48 ----SD---- C:\Users\Pascale\AppData\Roaming\Microsoft 2009-12-23 18:01:49 ----D---- C:\Program Files\Common Files\Symantec Shared 2009-12-22 19:00:45 ----SHD---- C:\Windows\Installer 2009-12-22 13:42:46 ----D---- C:\Windows\Microsoft.NET 2009-12-22 13:42:26 ----RSD---- C:\Windows\assembly 2009-12-22 13:03:53 ----D---- C:\Program Files\Windows Live 2009-12-22 13:03:33 ----D---- C:\Windows\Tasks 2009-12-22 13:02:41 ----SD---- C:\ProgramData\Microsoft 2009-12-12 20:07:54 ----D---- C:\Windows\system32\migration ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver; C:\Windows\system32\DRIVERS\BdfNdisf6.sys [2009-11-18 72200] R1 bdftdif;bdftdif; \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys [2009-12-07 118536] R2 ALIWEHCD;MFP Server Enhanced Controller; C:\Windows\System32\Drivers\mfpec.sys [2007-05-06 34944] R2 BDVEDISK;BDVEDISK; \??\C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys [2009-11-18 83208] R3 BDFM;BDFM; C:\Windows\system32\DRIVERS\bdfm.sys [2009-12-16 152456] R3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-14 218752] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-07-11 1793880] R3 LVPr2Mon;LVPr2Mon Driver; C:\Windows\system32\Drivers\LVPr2Mon.sys [2008-12-16 25624] R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2008-12-17 768024] R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2008-12-17 41752] R3 LVUVC;Logitech QuickCam E3500(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2008-12-17 6364440] R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista; C:\Windows\system32\DRIVERS\netr73.sys [2008-02-26 493568] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-08-28 7574976] R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328] R3 WUSBVBus;MFP Server Detector; C:\Windows\system32\DRIVERS\mfpvbus.sys [2006-10-20 10240] S3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys [2009-11-18 54912] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 Profos;Profos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys [2009-08-27 14720] S3 Trufos;Trufos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys [2009-05-07 39808] S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2005-05-26 21344] S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2005-05-26 38144] S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2005-06-24 39036] S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328] S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AlertService;Intel® Alert Service; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [2006-09-11 188416] R2 DQLWinService;DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2006-09-03 208896] R2 HPBtnSrv;HP Chasis Button Service; c:\hp\HPEZBTN\HPBtnSrv.exe [2007-05-29 198240] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-06-28 79136] R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe [2009-12-16 309088] R2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048] R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-12-16 150040] R2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-09-26 554352] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe [2009-11-18 1622320] S2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-05-24 61440] S2 ISSM;Intel® Software Services Manager; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [2006-09-11 75264] S2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon [] S2 M1 Server;Intel® Viiv Media Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [2006-08-31 26624] S2 MCLServiceATL;Intel® Application Tracker; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [2006-09-11 167936] S2 Remote UI Service;Intel® Remoting Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [2006-09-11 544256] S3 Arrakis3;BitDefender Serveur Arrakis; C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [2009-11-18 183880] S3 Boonty Games;Boonty Games; C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe [2008-03-03 69120] S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-02 182768] S3 IDriverT;InstallDriver Table Manager; c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-26 2999664] S3 RoxMediaDB9;RoxMediaDB9; c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-05-11 887544] S3 scan;BitDefender Threat Scanner; C:\Windows\System32\svchost.exe [2008-01-19 21504] S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-05-03 74656] -----------------EOF----------------- Et voici le contenu info.txt : info.txt logfile of random's system information tool 1.06 2010-01-03 12:16:25 ======Uninstall list====== Heroes of Might and Magic III Armageddon's Blade-->C:\Windows\IsUninst.exe -f"C:\Program Files\3DO\Heroes3\UnBlade.isu" -c"C:\Program Files\3DO\Heroes3\unblade.dll ABBYY FineReader 6.0 Sprint-->MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07} ActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E} Adobe Acrobat Reader 3.01-->C:\Windows\unin040c.exe -fC:\Acrobat3\Reader\DeIsL1.isu Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 8.1.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003} Adobe Shockwave Player 11-->C:\Windows\system32\adobe\SHOCKW~1\UNWISE.EXE C:\Windows\system32\Adobe\SHOCKW~1\Install.log Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2} BitDefender Total Security 2010-->MsiExec.exe /X{6F405629-20D8-45FD-A95F-D198BAF9881A} Camera RAW Plug-In for EPSON Creativity Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{42EDF895-158C-484E-A7F2-42B90759F281}\SETUP.EXE" -l0x40c UNINST CCleaner-->"C:\Program Files\CCleaner\uninst.exe" Coffret de pilotes Logitech QuickCam-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\11.90.1262\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=200 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -arpregkey"lvdrivers_11.90" /clone_wait /hide_progress Command & Conquer Alerte Rouge 2-->C:\Westwood\AR2\Uninstll.EXE Command && Conquer Alerte Rouge 2 : la revanche de Youri-->C:\Westwood\AR2\Uninstll.EXE Composants Internet Partagés de Westwood-->C:\Westwood\Internet\UnstllAP.EXE DartyBox-->C:\Program Files\InstallShield Installation Information\{4A975AC1-1E5B-43B7-B42B-6E617B39C936}\setup.exe -runfromtemp -l0x040c -removeonly Dofus 1.22.0-->C:\Program Files\Dofus\uninstall.exe eMule-->"C:\Program Files\eMule\Uninstall.exe" EPSON Attach To Email-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8A8F8391-4C2C-4BE1-A984-CD4A5A546467}\SETUP.EXE" -l0x40c UNINST EPSON File Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{46CBBDF8-55B5-40DB-B459-7B848394309C}\Setup.exe" -l0x40c UNINST EPSON Scan Assistant-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x40c -u EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r EPSON Stylus SX200_SX400_TX200_TX400 Manuel-->C:\Program Files\EPSON\TPMANUAL\ES_SX_TX\FRA\USE_G\DOCUNINS.EXE EPSON Stylus SX400 Series Printer Uninstall-->C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FINSEGE.EXE /R /APD /P:"EPSON Stylus SX400 Series" Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1} Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} Heroes of Might and Magic® III The Shadow of Death-->C:\Windows\IsUn040c.exe -f"C:\Program Files\3DO\Heroes3\Uninst.isu" -c"C:\Program Files\3DO\Heroes3\uninst.dll HijackThis 2.0.2-->"C:\Users\Pascale\Downloads\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" HP Active Support Library 32 bit components-->MsiExec.exe /I{6D3DB611-D5E8-4E4B-8952-0D3F549F9CC6} HP Active Support Library-->C:\Program Files\InstallShield Installation Information\{0A47BAFF-D4FF-4BD3-96CA-02A22EA62722}\setup.exe -runfromtemp -l0x0409 HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}\setup.exe" -l0x9 -removeonly HP Customer Feedback-->MsiExec.exe /I{9DBA770F-BF73-4D39-B1DF-6035D95268FC} HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40F7AED3-0C7D-4582-99F6-484A515C73F2}\setup.exe" -l0x9 -removeonly HP On-Screen Cap/Num/Scroll Lock Indicator-->C:\Windows\system32\OsdRemove.exe HP Photosmart Essential 2.01-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat HP Picasso Media Center Add-In-->MsiExec.exe /I{55979C41-7D6A-49CC-B591-64AC1BBE2C8B} HP Total Care Advisor-->MsiExec.exe /X{0DDA7620-4F8B-43B3-8828-CA5EE292FA3B} HP Update-->MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134} HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367} Icewind Dale II-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{588C135F-0B15-4A02-8F2D-04697BE2904E}\setup.exe" -l0x40c Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31} Intel® Network Connections Drivers-->Prounstl.exe Java 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216015FF} Java SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010} Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} Les Sims™ 3-->"C:\Program Files\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\Sims3Setup.exe" -runfromtemp -l0x040c -removeonly LiveUpdate 3.2 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U LiveUpdate Notice (Symantec Corporation)-->MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8} Logiciel Intel® Viiv™-->MsiExec.exe /X{6E7BF6EC-C3E7-43A7-8A03-0D204E3EC01B} /qb! Logitech QuickCam-->MsiExec.exe /I{937B232D-9776-471E-92BD-D424E514EF14} Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe" Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE} Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7} Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C} Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13} MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} muvee autoProducer 6.0-->C:\Program Files\InstallShield Installation Information\{775B9052-3517-47FA-817D-1BB28363D43A}\setup.exe -runfromtemp -l0x040c -removeonly Norton Security Scan-->C:\Program Files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.3.0.44\InstStub.exe /X NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Outils de diagnostic du matériel-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe" Photorécit 3 pour Windows-->MsiExec.exe /I{4F41AD68-89F2-4262-A32C-2F70B01FCE9E} Python 2.5-->MsiExec.exe /I{0A2C5854-557E-48C8-835A-3B9F074BDCAA} Realtek High Definition Audio Driver-->RtlUpd.exe -r -m Roxio Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0} Roxio Creator Audio-->MsiExec.exe /X{83FFCFC7-88C6-41c6-8752-958A45325C82} Roxio Creator Basic v9-->MsiExec.exe /X{C8B0680B-CDAE-4809-9F91-387B6DE00F7C} Roxio Creator Copy-->MsiExec.exe /X{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048} Roxio Creator Data-->MsiExec.exe /X{0D397393-9B50-4c52-84D5-77E344289F87} Roxio Creator EasyArchive-->MsiExec.exe /X{11F93B4B-48F0-4A4E-AE77-DFA96A99664B} Roxio Creator Tools-->MsiExec.exe /X{0394CDC8-FABD-4ed8-B104-03393876DFDF} Roxio Express Labeler 3-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} Roxio MyDVD Basic v9-->MsiExec.exe /X{938B1CD7-7C60-491E-AA90-1F1888168240} Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Skype 3.1-->"C:\Program Files\Skype\Phone\unins000.exe" Skype add-on for IE-->rundll32 "C:\Program Files\Skype\Phone\IEPlugin\SkypeIEPlugin.dll",FriendlyUnregisterServer 0 Skype Plugin Manager-->MsiExec.exe /I{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03} Solution de clavier multimédia amélioré-->C:\HP\KBD\Install.exe /u Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Version de démonstration de Microsoft Office Home and Student 2007-->c:\hp\bin\MSOffice\uninst2.cmd Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956} Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA} Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818} Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1} Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353} Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA} ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======Security center information====== AS: Windows Defender (disabled) ======System event log====== Computer Name: PC-de-Stéphane Event Code: 4376 Message: Servicing a requis un redémarrage pour terminer la définition du package KB948610(Update) à l’état Installation demandée(Install Requested) Record Number: 180085 Source Name: Microsoft-Windows-Servicing Time Written: 20090815121925.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-Stéphane Event Code: 4376 Message: Servicing a requis un redémarrage pour terminer la définition du package KB948610(Update) à l’état Installation demandée(Install Requested) Record Number: 180053 Source Name: Microsoft-Windows-Servicing Time Written: 20090815121925.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-Stéphane Event Code: 4376 Message: Servicing a requis un redémarrage pour terminer la définition du package KB948610(Update) à l’état Installation demandée(Install Requested) Record Number: 180048 Source Name: Microsoft-Windows-Servicing Time Written: 20090815121925.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-Stéphane Event Code: 4376 Message: Servicing a requis un redémarrage pour terminer la définition du package KB948610(Update) à l’état Installation demandée(Install Requested) Record Number: 180045 Source Name: Microsoft-Windows-Servicing Time Written: 20090815121925.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-Stéphane Event Code: 4376 Message: Servicing a requis un redémarrage pour terminer la définition du package KB948610(Update) à l’état Installation demandée(Install Requested) Record Number: 180041 Source Name: Microsoft-Windows-Servicing Time Written: 20090815121925.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM =====Application event log===== Computer Name: PC-de-Stéphane Event Code: 1530 Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela. DÉTAIL - 1 user registry handles leaked from \Registry\User\S-1-5-21-747255837-2858757613-66186195-1001_Classes: Process 896 (\Device\HarddiskVolume1\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-747255837-2858757613-66186195-1001_CLASSES Record Number: 15153 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20080513074853.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-Stéphane Event Code: 1530 Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela. DÉTAIL - 1 user registry handles leaked from \Registry\User\S-1-5-21-747255837-2858757613-66186195-1001: Process 896 (\Device\HarddiskVolume1\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-747255837-2858757613-66186195-1001 Record Number: 15152 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20080513074853.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-Stéphane Event Code: 5007 Message: Impossible d’analyser le fichier cible de la plateforme de signalement de problèmes Windows (fichier DLL contenant la liste des problèmes de l’ordinateur et nécessitant la collecte de données supplémentaires à des fins de diagnostic). Le code d’erreur était : 8014FFF9. Record Number: 15140 Source Name: WerSvc Time Written: 20080513073559.000000-000 Event Type: Erreur User: Computer Name: PC-de-Stéphane Event Code: 1530 Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela. DÉTAIL - 1 user registry handles leaked from \Registry\User\S-1-5-21-747255837-2858757613-66186195-1001_Classes: Process 888 (\Device\HarddiskVolume1\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-747255837-2858757613-66186195-1001_CLASSES Record Number: 15105 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20080512183257.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-Stéphane Event Code: 1530 Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela. DÉTAIL - 9 user registry handles leaked from \Registry\User\S-1-5-21-747255837-2858757613-66186195-1001: Process 584 (\Device\HarddiskVolume1\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-747255837-2858757613-66186195-1001 Process 584 (\Device\HarddiskVolume1\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-747255837-2858757613-66186195-1001 Process 888 (\Device\HarddiskVolume1\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-747255837-2858757613-66186195-1001 Process 584 (\Device\HarddiskVolume1\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-747255837-2858757613-66186195-1001\Software\Policies\Microsoft\SystemCertificates Process 584 (\Device\HarddiskVolume1\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-747255837-2858757613-66186195-1001\Software\Policies\Microsoft\SystemCertificates Process 584 (\Device\HarddiskVolume1\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-747255837-2858757613-66186195-1001\Software\Microsoft\SystemCertificates\SmartCardRoot Process 584 (\Device\HarddiskVolume1\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-747255837-2858757613-66186195-1001\Software\Microsoft\SystemCertificates\trust Process 584 (\Device\HarddiskVolume1\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-747255837-2858757613-66186195-1001\Software\Microsoft\SystemCertificates\CA Process 584 (\Device\HarddiskVolume1\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-747255837-2858757613-66186195-1001\Software\Microsoft\SystemCertificates\Root Record Number: 15104 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20080512183257.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM =====Security event log===== Computer Name: PC-de-Stéphane Event Code: 4648 Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites. Sujet : ID de sécurité : S-1-5-18 Nom du compte : PC-DE-STÉPHANE$ Domaine du compte : WORKGROUP ID d’ouverture de session : 0x3e7 GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Compte dont les informations d’identification ont été utilisées : Nom du compte : SYSTEM Domaine du compte : AUTORITE NT GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Serveur cible : Nom du serveur cible : localhost Informations supplémentaires : localhost Informations sur le processus : ID du processus : 0x26c Nom du processus : C:\Windows\System32\services.exe Informations sur le réseau : Adresse du réseau : - Port : - Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS. Record Number: 49930 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090515092723.578353-000 Event Type: Succès de l'audit User: Computer Name: PC-de-Stéphane Event Code: 4672 Message: Privilèges spéciaux attribués à la nouvelle ouverture de session. Sujet : ID de sécurité : S-1-5-18 Nom du compte : SYSTEM Domaine du compte : AUTORITE NT ID d’ouverture de session : 0x3e7 Privilèges : SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 49929 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090515092309.652353-000 Event Type: Succès de l'audit User: Computer Name: PC-de-Stéphane Event Code: 4624 Message: L’ouverture de session d’un compte s’est correctement déroulée. Sujet : ID de sécurité : S-1-5-18 Nom du compte : PC-DE-STÉPHANE$ Domaine du compte : WORKGROUP ID d’ouverture de session : 0x3e7 Type d’ouverture de session : 5 Nouvelle ouverture de session : ID de sécurité : S-1-5-18 Nom du compte : SYSTEM Domaine du compte : AUTORITE NT ID d’ouverture de session : 0x3e7 GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Informations sur le processus : ID du processus : 0x26c Nom du processus : C:\Windows\System32\services.exe Informations sur le réseau : Nom de la station de travail : Adresse du réseau source : - Port source : - Informations détaillées sur l’authentification : Processus d’ouverture de session : Advapi Package d’authentification : Negotiate Services en transit : - Nom du package (NTLM uniquement) : - Longueur de la clé : 0 Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée. Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe. Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau). Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté. Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas. Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique. - Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC . - Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session. - Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM. - La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée. Record Number: 49928 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090515092309.652353-000 Event Type: Succès de l'audit User: Computer Name: PC-de-Stéphane Event Code: 4648 Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites. Sujet : ID de sécurité : S-1-5-18 Nom du compte : PC-DE-STÉPHANE$ Domaine du compte : WORKGROUP ID d’ouverture de session : 0x3e7 GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Compte dont les informations d’identification ont été utilisées : Nom du compte : SYSTEM Domaine du compte : AUTORITE NT GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Serveur cible : Nom du serveur cible : localhost Informations supplémentaires : localhost Informations sur le processus : ID du processus : 0x26c Nom du processus : C:\Windows\System32\services.exe Informations sur le réseau : Adresse du réseau : - Port : - Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS. Record Number: 49927 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090515092309.652353-000 Event Type: Succès de l'audit User: Computer Name: PC-de-Stéphane Event Code: 4905 Message: Une tentative d’annulation d’inscription de la source d’un événement de sécurité a été effectuée. Sujet : ID de sécurité : S-1-5-18 Nom du compte : PC-DE-STÉPHANE$ Domaine du compte : WORKGROUP ID d’ouverture de session : 0x3e7 Processus : ID du processus : 0x1420 Nom du processus : C:\Windows\System32\VSSVC.exe Source de l’événement : Nom de la source : VSSAudit ID de la source de l’événement : 0x131971 Record Number: 49926 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090515091759.056353-000 Event Type: Succès de l'audit User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\hp\bin\Python;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel "PROCESSOR_REVISION"=0f0b "NUMBER_OF_PROCESSORS"=4 "RoxioCentral"=c:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\ "PLATFORM"=HPD "PCBRAND"=Pavilion "OnlineServices"=Services en ligne -----------------EOF-----------------
  3. Colonel Klinck
    Ok bien reçu mr Gof. Pour info je viens de lire le dernier rapport d'analyse Bit defender du PC de mon beauF. En fait il est pourri par Messenger skinner entre autres. Un belle cochonnerie venu par MSN ! Le temps que je lui passe un savon et je m'occupe du protocole de nettoyage que tu as eu la gentillesse de m'envoyer.
  4. Colonel Klinck
    Salut à tous et surtout à toi Apollo. Je me suis intéressé au Pc de mon Beauf (windows vista). Punaise ! Il est encore plus vérolé et zombi que ne l'était le mien. Vu qu'il n' a pratiquement rien d'installé dessus mais que ses surfs répétés et imprudents sur le net l'on amené à avoir une Uc occupée à 50% et une mémoire physique guère mieux lottie, son antivirus Bitedefender security 2010 est inuitlisable, impossible à activer. La dernière analyse remontant à six jours affichait 161 fichiers non analysés car protégés par mot de passe. Une analyse Spybot ne donne rien. Voici le rapport Hijack this. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:06:58, on 31/12/2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18865) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe C:\hp\support\hpsysdrv.exe C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\Windows\RtHDVCpl.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Windows\system32\schtasks.exe C:\Windows\System32\rundll32.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\Windows\System32\ServoApp.exe C:\Program Files\MFP Server\App\Common\MFPAgent.exe C:\Windows\System32\rundll32.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\DartyBox_v3\Sagem\AssistantDB\AssistantDB_Sagem.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\hp\kbd\kbd.exe C:\Windows\system32\taskeng.exe C:\Users\Pascale\Downloads\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dartybox.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateReg] "C:\Windows\system32\jureg.exe" O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKLM\..\Run: [MFP Manager] C:\Program Files\MFP Server\MFPAgent.exe -CheckAutoRun O4 - HKLM\..\Run: [server Application] C:\Windows\system32\ServoApp.exe O4 - HKLM\..\Run: [GDI Manager] "C:\Program Files\MFP Server\App\Common\MFPAgent.exe" O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [EPSON Stylus SX400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE /FU "C:\Windows\TEMP\E_S5F8.tmp" /EF "HKCU" O4 - HKCU\..\Run: [Assistant DartyBox] C:\Program Files\DartyBox_v3\Sagem\AssistantDB\AssistantDB_Sagem.exe -m O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype add-on - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Intel® Alert Service (AlertService) - Intel® Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe O23 - Service: BitDefender Serveur Arrakis (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Intel® Software Services Manager (ISSM) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: Intel® Viiv Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe O23 - Service: Intel® Application Tracker (MCLServiceATL) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Intel® Remoting Service (Remote UI Service) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe -- End of file - 12609 bytes Sinon bonnes fêtes Saint Sylvestre avec un peu de modération et à l'année prochaine.
  5. Colonel Klinck
    Heu !!! re Apollo J'ai un ch'ti blème avec USB fix. Il refuse de se désinstaller en lançant l'option 5 et pourtant je l'exécute en tant qu'adminsitrateur.... Lorsque je tape "5" l'écran noir d'application disparait mais le logiciel et son raccourci reste en place sur mon ordi !
  6. Colonel Klinck
    Bon, pas de nouvelles instructions à ce que je vois. J'en déduis que tout doit être ok désormais. En tout cas les applications ne sont plus bloquées. Mon Pc ne rame plus du tout. Un grand MERCI à toi Apollo, ce furent des conseils de pro. Bravo encore et bonnes fêtes de fin d'année.
  7. Colonel Klinck
    Pour l'exécution d el'outil 1 (recherche) , j'ai du recommencer car l'éxécution et la sauvegarde auto du rapport de l'outil 2 a du m'écraser le premier rapport .txt.... Le voici Outil 1 (recherche) de USB Fix : ############################## | UsbFix V6.067 | User : sylvain (Administrateurs) # PC-DE-SYLVAIN Update on 24/12/2009 by Chiquitine29, C_XX & Chimay8 Start at: 17:45:15 | 26/12/2009 Website : http://pagesperso-orange.fr/NosTools/index.html Contact : FindyKill.Contact@gmail.com Intel® Core2 Quad CPU @ 2.40GHz Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2 Internet Explorer 8.0.6001.18865 Windows Firewall Status : Disabled AV : Bitdefender Antivirus 8.0 [ Enabled | Updated ] FW : Bitdefender Firewall[ Enabled ]8.0 C:\ -> Disque fixe local # 457,67 Go (268,87 Go free) [HP] # NTFS D:\ -> Disque fixe local # 8,09 Go (1,01 Go free) [Recovery] # NTFS E:\ -> Disque CD-ROM # 7,84 Go (0 Mo free) [DragonAge] # CDFS F:\ -> Disque amovible G:\ -> Disque amovible H:\ -> Disque amovible I:\ -> Disque amovible J:\ -> Disque amovible # 1,86 Go (1,76 Go free) # FAT K:\ -> Disque CD-ROM # 6,31 Mo (0 Mo free) [u3 System] # CDFS ############################## | Processus actifs | C:\Windows\System32\smss.exe 448 C:\Windows\system32\csrss.exe 516 C:\Windows\system32\wininit.exe 584 C:\Windows\system32\csrss.exe 596 C:\Windows\system32\services.exe 632 C:\Windows\system32\lsass.exe 644 C:\Windows\system32\lsm.exe 656 C:\Windows\system32\svchost.exe 800 C:\Windows\system32\nvvsvc.exe 844 C:\Windows\system32\svchost.exe 872 C:\Windows\System32\svchost.exe 964 C:\Windows\System32\svchost.exe 996 C:\Windows\system32\svchost.exe 1008 C:\Windows\system32\winlogon.exe 1088 C:\Windows\system32\svchost.exe 1168 C:\Windows\system32\SLsvc.exe 1196 C:\Windows\system32\svchost.exe 1248 C:\Windows\system32\svchost.exe 1372 C:\Windows\system32\nvvsvc.exe 1532 C:\Windows\System32\spoolsv.exe 1744 C:\Windows\system32\svchost.exe 1768 C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe 1972 C:\Users\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe 2020 C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe 300 C:\Windows\system32\ezNTSvc.exe 316 c:\Program Files\Common Files\LightScribe\LSSrvc.exe 936 C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe 1404 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe 1988 C:\Windows\system32\svchost.exe 252 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2084 C:\Windows\system32\svchost.exe 2128 C:\Windows\System32\svchost.exe 2168 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 2204 C:\Windows\system32\SearchIndexer.exe 2252 C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe 2308 C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe 2372 C:\Windows\system32\WUDFHost.exe 2444 C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe 2564 C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe 2628 C:\Windows\System32\svchost.exe 2892 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe 2928 C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe 3164 C:\Windows\system32\Dwm.exe 3276 C:\Windows\system32\taskeng.exe 3324 C:\Windows\system32\taskeng.exe 3472 C:\Windows\system32\conime.exe 2112 C:\Windows\explorer.exe 15648 C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe 4872 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe 5172 C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE 5232 C:\Program Files\Windows Media Player\wmpnscfg.exe 13300 C:\Program Files\Windows Media Player\wmpnetwk.exe 14752 C:\Windows\system32\wbem\unsecapp.exe 3832 C:\Windows\system32\wbem\wmiprvse.exe 13588 C:\Program Files\Internet Explorer\iexplore.exe 1600 C:\Program Files\Internet Explorer\iexplore.exe 13620 C:\Windows\system32\wbem\wmiprvse.exe 17068 ################## | Elements infectieux | E:\autorun.inf K:\autorun.inf ################## | Registre | ################## | Mountpoints2 | ################## | Cracks / Keygens / Serials | "C:\Program Files\Java\jdk1.6.0_07\bin\serialver.exe" 10/06/2008 01:10 |Size 25600 |Crc32 b25382b8 |Md5 e20ba2247633f6b8523e32c66c497112 ################## | ! Fin du rapport # UsbFix V6.067 ! | Voici le rapport d'exécution de l'outil 2 de USB Fix (suppression) : ############################## | UsbFix V6.067 | User : sylvain (Administrateurs) # PC-DE-SYLVAIN Update on 24/12/2009 by Chiquitine29, C_XX & Chimay8 Start at: 17:13:20 | 26/12/2009 Website : http://pagesperso-orange.fr/NosTools/index.html Contact : FindyKill.Contact@gmail.com Intel® Core2 Quad CPU @ 2.40GHz Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2 Internet Explorer 8.0.6001.18865 Windows Firewall Status : Disabled AV : Bitdefender Antivirus 8.0 [ Enabled | Updated ] FW : Bitdefender Firewall[ Enabled ]8.0 C:\ -> Disque fixe local # 457,67 Go (268,89 Go free) [HP] # NTFS D:\ -> Disque fixe local # 8,09 Go (1,01 Go free) [Recovery] # NTFS E:\ -> Disque CD-ROM # 7,84 Go (0 Mo free) [DragonAge] # CDFS F:\ -> Disque amovible G:\ -> Disque amovible H:\ -> Disque amovible I:\ -> Disque amovible J:\ -> Disque amovible # 1,86 Go (1,76 Go free) # FAT K:\ -> Disque CD-ROM # 6,31 Mo (0 Mo free) [u3 System] # CDFS ############################## | Processus actifs | C:\Windows\System32\smss.exe 448 C:\Windows\system32\csrss.exe 516 C:\Windows\system32\wininit.exe 584 C:\Windows\system32\csrss.exe 596 C:\Windows\system32\services.exe 632 C:\Windows\system32\lsass.exe 644 C:\Windows\system32\lsm.exe 656 C:\Windows\system32\svchost.exe 800 C:\Windows\system32\nvvsvc.exe 844 C:\Windows\system32\svchost.exe 872 C:\Windows\System32\svchost.exe 964 C:\Windows\System32\svchost.exe 996 C:\Windows\system32\svchost.exe 1008 C:\Windows\system32\winlogon.exe 1088 C:\Windows\system32\LogonUI.exe 1160 C:\Windows\system32\svchost.exe 1168 C:\Windows\system32\SLsvc.exe 1196 C:\Windows\system32\svchost.exe 1248 C:\Windows\system32\svchost.exe 1372 C:\Windows\system32\nvvsvc.exe 1532 C:\Windows\System32\spoolsv.exe 1744 C:\Windows\system32\svchost.exe 1768 C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe 1972 C:\Users\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe 2020 C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe 300 C:\Windows\system32\ezNTSvc.exe 316 C:\Program Files\Google\Update\GoogleUpdate.exe 496 C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe 432 c:\Program Files\Common Files\LightScribe\LSSrvc.exe 936 C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHReconfSvc.exe 940 C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe 1404 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe 1988 C:\Windows\system32\svchost.exe 252 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2084 C:\Windows\system32\svchost.exe 2128 C:\Windows\System32\svchost.exe 2168 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 2204 C:\Windows\system32\SearchIndexer.exe 2252 C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe 2308 C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe 2372 C:\Windows\system32\WUDFHost.exe 2444 C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe 2564 C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe 2628 C:\Windows\System32\svchost.exe 2892 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe 2928 C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe 3164 C:\Windows\system32\userinit.exe 3252 C:\Windows\system32\Dwm.exe 3276 C:\Windows\system32\taskeng.exe 3324 C:\Windows\Explorer.EXE 3396 C:\Windows\system32\taskeng.exe 3472 C:\Program Files\Google\Update\GoogleUpdate.exe 3516 C:\Windows\system32\runonce.exe 3684 C:\Windows\system32\conime.exe 2112 C:\Windows\system32\wbem\wmiprvse.exe 3828 ################## | Elements infectieux | Supprimé ! C:\$Recycle.Bin\S-1-5-18 Supprimé ! C:\$Recycle.Bin\S-1-5-21-1512463831-2528666980-3922220044-500 Supprimé ! C:\$Recycle.Bin\S-1-5-21-1900764711-605777403-854599631-1001 Supprimé ! C:\$Recycle.Bin\S-1-5-21-1900764711-605777403-854599631-1002 Supprimé ! C:\$Recycle.Bin\S-1-5-21-1900764711-605777403-854599631-500 Supprimé ! C:\$Recycle.Bin\S-1-5-21-1900764711-605777403-854599631-501 Supprimé ! C:\$Recycle.Bin\S-1-5-21-2152478756-3922319563-605102323-500 Supprimé ! D:\$Recycle.Bin\S-1-5-18 Supprimé ! D:\$Recycle.Bin\S-1-5-21-1900764711-605777403-854599631-1001 Supprimé ! D:\$Recycle.Bin\S-1-5-21-1900764711-605777403-854599631-1002 Supprimé ! D:\$Recycle.Bin\S-1-5-21-1900764711-605777403-854599631-500 Supprimé ! D:\$Recycle.Bin\S-1-5-21-1900764711-605777403-854599631-501 Non supprimé ! E:\autorun.inf Non supprimé ! K:\autorun.inf ################## | Registre | ################## | Mountpoints2 | Supprimé ! HKCU\...\Explorer\MountPoints2\{0b58940e-3c21-11dd-af52-001bfcd0e3aa}\Shell\AutoRun\Command Supprimé ! HKCU\...\Explorer\MountPoints2\{66cc924f-f8e6-11dd-a69e-001bfcd0e3aa}\Shell\AutoRun\Command Supprimé ! HKCU\...\Explorer\MountPoints2\{c1f75d60-455d-11dc-bf04-806e6f6e6963}\Shell\AutoRun\Command ################## | Listing des fichiers présent | [27/06/2007 17:50|--a------|74] C:\autoexec.bat [11/04/2009 07:36|-rahs----|333257] C:\bootmgr [28/06/2007 03:13|-ra-s----|8192] C:\BOOTSECT.BAK [25/12/2009 21:29|--a------|1360] C:\cleannavi.txt [18/09/2006 22:43|--a------|10] C:\config.sys [18/10/2009 21:15|--a------|64] C:\FINIS_IT.TXT [?|?|?] C:\hiberfil.sys [14/07/2008 17:44|--a------|179] C:\INSTALL.LOG [24/10/2007 04:43|-rahs----|0] C:\IO.SYS [24/10/2007 04:43|-rahs----|0] C:\MSDOS.SYS [?|?|?] C:\pagefile.sys [26/03/2008 22:36|--a------|477] C:\RHDSetup.log [26/12/2009 17:19|--a------|5641] C:\UsbFix.txt [04/10/2006 00:02|---hs----|438328] D:\boo.mgr [02/11/2006 00:53|---hs----|438840] D:\bootmgr [13/10/2006 15:00|---hs----|1322] D:\Desktop.ini [09/06/2008 11:08|--ahs----|22] D:\HPCD.sys [09/06/2008 10:38|---hs----|189] D:\MASTER.LOG [03/09/2007 16:00|---hs----|429] D:\pcdr.ini [10/09/2002 13:58|---hs----|181616] D:\Protect.ed [09/06/2008 09:54|-r-hs----|26] D:\RCBoot.sys [28/06/2007 04:48|---hs----|44] D:\RESTORE.INI [07/02/2007 14:56|---hs----|34] D:\SystemRecovery.txt [22/09/2009 22:30|-r-------|2126120] E:\Setup.exe [16/07/2009 23:13|-r-------|1246440] E:\autorun.exe [14/04/2009 04:17|-r-------|58] E:\autorun.inf [25/07/2009 02:23|-r-------|26695] E:\cluf.rtf [25/07/2009 02:23|-r-------|26877] E:\eula_cz.rtf [25/07/2009 02:23|-r-------|22966] E:\eula_de.rtf [25/07/2009 02:23|-r-------|18998] E:\eula_en.rtf [25/07/2009 02:23|-r-------|21752] E:\eula_es.rtf [25/07/2009 02:23|-r-------|26695] E:\eula_fr.rtf [25/07/2009 02:23|-r-------|27549] E:\eula_hu.rtf [25/07/2009 02:23|-r-------|21911] E:\eula_it.rtf [25/07/2009 02:23|-r-------|23314] E:\eula_pl.rtf [23/09/2009 20:22|-r-------|25335] E:\lisezmoi.txt [23/09/2009 20:22|-r-------|23199] E:\readme_cz.txt [23/09/2009 20:22|-r-------|24120] E:\readme_de.txt [23/09/2009 20:22|-r-------|21369] E:\readme_en.txt [23/09/2009 20:22|-r-------|22815] E:\readme_es.txt [23/09/2009 20:22|-r-------|25335] E:\readme_fr.txt [23/09/2009 20:22|-r-------|23761] E:\readme_hu.txt [23/09/2009 20:22|-r-------|22695] E:\readme_it.txt [23/09/2009 20:22|-r-------|23396] E:\readme_pl.txt [23/10/2007 09:45|-ra------|1336632] J:\LaunchU3.exe [23/10/2007 08:22|-r-------|283] K:\autorun.inf [23/10/2007 09:36|-r-------|5229377] K:\LaunchPad.zip [23/10/2007 08:45|-r-------|1336632] K:\LaunchU3.exe ################## | Vaccination | # C:\autorun.inf -> Dossier créé par UsbFix. # D:\autorun.inf -> Dossier créé par UsbFix. # J:\autorun.inf -> Dossier créé par UsbFix. ################## | Cracks / Keygens / Serials | "C:\Program Files\Java\jdk1.6.0_07\bin\serialver.exe" 10/06/2008 01:10 |Size 25600 |Crc32 b25382b8 |Md5 e20ba2247633f6b8523e32c66c497112 ################## | Upload | Veuillez envoyer le fichier : C:\Users\sylvain\Desktop\UsbFix_Upload_Me_PC-de-sylvain.zip : http://chiquitine.changelog.fr/Sample/Upload.php Merci pour votre contribution . ################## | ! Fin du rapport # UsbFix V6.067 ! |
  8. Colonel Klinck
    En fait si maintentant que tu m'y fait penser j'ai bien une clé USB et un appareil photo numérique. Je ne les ai pas branché depuis de longs mois sur mon Pc mais si c'est nécessaire je peux les connecter et utiliser l'outil. Sinon si c'est pas la peine je fais exécuter seulement l'option 2 de USB Fix ?
  9. Colonel Klinck
    En fait si maintentant que tu m'y fait penser j'ai bien une clé USB et un appareil photo numérique. Je ne les ai pas branché depuis de longs mois sur mon Pc mais si c'est nécessaire je peux les connecter et utiliser l'outil. Sinon si c'est pas la peine je fais exécuter seulement l'option 2 de USB Fix ?
  10. Colonel Klinck
    Compris, je m'attèle à ce nouveau protocole. Juste une précision comme support amovible j'ai que ma webcam Logitech. Par connection, tu veux dire simplement la laisser branchée.... ou bien l'activer ?
  11. Colonel Klinck
    Ok, merci pour ton aide et ta patience. Voici le contenu log.txt Logfile of random's system information tool 1.06 (written by random/random) Run by sylvain at 2009-12-26 09:28:40 Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 System drive C: has 275 GB (59%) free of 469 GB Total RAM: 3071 MB (63% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:29:25, on 26/12/2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18865) Boot mode: Normal Running processes: C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Windows\Explorer.EXE C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\hp\support\hpsysdrv.exe C:\Windows\RtHDVCpl.exe C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Windows\system32\Macromed\Flash\FlashUtil10d.exe C:\Users\sylvain\Downloads\RSIT.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\sylvain\Downloads\sylvain.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Intel® Alert Service (AlertService) - Intel® Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe O23 - Service: Dragon Age: Origins - Application de mise à jour (DAUpdaterSvc) - BioWare - C:\Users\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe O23 - Service: EasyBits Magic Desktop Services for Windows NT (ezntsvc) - EasyBits Software Corp. - C:\Windows\system32\ezNTSvc.exe O23 - Service: Service Google Update (gupdate1c9b36b4fe3920) (gupdate1c9b36b4fe3920) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe O23 - Service: Intel® Software Services Manager (ISSM) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: Intel® Viiv Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe O23 - Service: Intel® Application Tracker (MCLServiceATL) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Intel® Remoting Service (Remote UI Service) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe -- End of file - 12207 bytes ======Scheduled tasks folder====== C:\Windows\tasks\EasyShare Registration Task.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\User_Feed_Synchronization-{EE7D7B85-DC38-48FD-966C-4771847F880D}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-02-27 61816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-24 263280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-24 764912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-15 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288] {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll [2008-03-05 86016] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-24 263280] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184] "hpsysdrv"=c:\hp\support\hpsysdrv.exe [2006-09-28 65536] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-15 4874240] ""= [] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696] "BitDefender Antiphishing Helper"=C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe [2007-12-15 61440] "BDAgent"=C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe [2008-09-16 368640] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2007-06-29 286720] "ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2009-10-10 203264] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2008-12-08 54576] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280] "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-12-03 1394000] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Launcher"=C:\Windows\SMINST\launcher.exe [2007-03-07 44168] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952] "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856] "WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter [] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240] "HPADVISOR"=C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-08-05 1644088] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-11 39408] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCUTRAYICON] FactoryMode [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD] C:\HP\KBD\KbdStub.EXE [2006-12-08 65536] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2008-08-14 565008] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe [2008-08-14 2407184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [2007-02-15 118784] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Logiciel Kodak EasyShare.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Users\sylvain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup OneNote 2007 - Capture d'écran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\system32\EZUPBH~1.DLL [2008-01-24 49152] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0b58940e-3c21-11dd-af52-001bfcd0e3aa}] shell\AutoRun\command - J:\Imageviewer.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{66cc924f-f8e6-11dd-a69e-001bfcd0e3aa}] shell\AutoRun\command - K:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1f75d60-455d-11dc-bf04-806e6f6e6963}] shell\AutoRun\command - E:\autorun.exe -auto ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2009-12-26 09:28:40 ----D---- C:\rsit 2009-12-25 21:21:57 ----A---- C:\cleannavi.txt 2009-12-25 21:09:13 ----D---- C:\Program Files\Navilog1 2009-12-25 15:49:50 ----D---- C:\Users\sylvain\AppData\Roaming\Malwarebytes 2009-12-25 15:48:56 ----D---- C:\ProgramData\Malwarebytes 2009-12-25 15:48:51 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-12-23 16:09:11 ----A---- C:\Windows\system32\javaws.exe 2009-12-23 16:09:11 ----A---- C:\Windows\system32\javaw.exe 2009-12-23 16:09:11 ----A---- C:\Windows\system32\java.exe 2009-12-20 10:23:57 ----D---- C:\Program Files\QuickTime(16) 2009-12-20 10:22:08 ----D---- C:\Program Files\Common Files\Apple 2009-12-20 10:21:56 ----D---- C:\Program Files\Apple Software Update 2009-12-19 10:29:40 ----D---- C:\ProgramData\Logitech 2009-12-19 09:16:38 ----DC---- C:\Windows\system32\DRVSTORE 2009-12-19 09:15:41 ----D---- C:\Program Files\Microsoft Sync Framework 2009-12-19 09:13:02 ----D---- C:\Program Files\Windows Live SkyDrive 2009-12-09 12:29:58 ----A---- C:\Windows\system32\nshhttp.dll 2009-12-09 12:29:56 ----A---- C:\Windows\system32\httpapi.dll 2009-12-09 08:36:30 ----A---- C:\Windows\system32\winhttp.dll 2009-12-09 08:36:25 ----A---- C:\Windows\system32\mshtml.dll 2009-12-09 08:36:24 ----A---- C:\Windows\system32\ieframe.dll 2009-12-09 08:36:23 ----A---- C:\Windows\system32\iertutil.dll 2009-12-09 08:36:22 ----A---- C:\Windows\system32\urlmon.dll 2009-12-09 08:36:21 ----A---- C:\Windows\system32\wininet.dll 2009-12-09 08:36:21 ----A---- C:\Windows\system32\occache.dll 2009-12-09 08:36:21 ----A---- C:\Windows\system32\msfeeds.dll 2009-12-09 08:36:21 ----A---- C:\Windows\system32\ieUnatt.exe 2009-12-09 08:36:21 ----A---- C:\Windows\system32\ieui.dll 2009-12-09 08:36:21 ----A---- C:\Windows\system32\iepeers.dll 2009-12-09 08:36:21 ----A---- C:\Windows\system32\iedkcs32.dll 2009-12-09 08:36:20 ----A---- C:\Windows\system32\msfeedssync.exe 2009-12-09 08:36:20 ----A---- C:\Windows\system32\msfeedsbs.dll 2009-12-09 08:36:20 ----A---- C:\Windows\system32\jsproxy.dll 2009-12-09 08:36:20 ----A---- C:\Windows\system32\iesysprep.dll 2009-12-09 08:36:20 ----A---- C:\Windows\system32\iesetup.dll 2009-12-09 08:36:20 ----A---- C:\Windows\system32\iernonce.dll 2009-12-09 08:36:20 ----A---- C:\Windows\system32\ie4uinit.exe 2009-12-09 08:35:51 ----A---- C:\Windows\system32\rastls.dll 2009-11-28 14:56:07 ----D---- C:\Program Files\Common Files\Windows Live ======List of files/folders modified in the last 1 months====== 2009-12-26 09:29:13 ----D---- C:\Windows\Temp 2009-12-26 09:29:03 ----D---- C:\Windows\Prefetch 2009-12-26 09:21:50 ----D---- C:\Windows\System32 2009-12-26 09:21:04 ----D---- C:\Windows\SMINST 2009-12-25 21:09:13 ----RD---- C:\Program Files 2009-12-25 20:10:10 ----D---- C:\Windows\tracing 2009-12-25 20:10:10 ----D---- C:\Windows\system32\drivers 2009-12-25 15:48:56 ----HD---- C:\ProgramData 2009-12-24 14:55:32 ----D---- C:\ProgramData\Spybot - Search & Destroy 2009-12-24 14:36:42 ----D---- C:\Windows 2009-12-24 14:34:10 ----D---- C:\Program Files\TalonSoft 2009-12-24 13:21:34 ----SHD---- C:\Windows\Installer 2009-12-24 13:18:53 ----RSD---- C:\Windows\assembly 2009-12-24 13:18:50 ----D---- C:\Program Files\Common Files\Kodak 2009-12-24 13:16:55 ----D---- C:\Windows\Tasks 2009-12-24 13:16:55 ----D---- C:\Windows\system32\Tasks 2009-12-24 13:06:21 ----SD---- C:\Windows\Downloaded Program Files 2009-12-24 11:25:16 ----D---- C:\Windows\system32\LogFiles 2009-12-23 18:53:25 ----D---- C:\Users\sylvain\AppData\Roaming\Skype 2009-12-23 18:13:23 ----D---- C:\Users\sylvain\AppData\Roaming\skypePM 2009-12-23 16:12:23 ----SHD---- C:\System Volume Information 2009-12-23 16:08:11 ----D---- C:\Program Files\Java 2009-12-23 15:55:08 ----HD---- C:\Program Files\InstallShield Installation Information 2009-12-23 15:48:58 ----D---- C:\Windows\winsxs 2009-12-23 15:48:58 ----D---- C:\Windows\system32\Msdtc 2009-12-23 15:48:52 ----D---- C:\Windows\system32\wbem 2009-12-23 15:47:28 ----D---- C:\Windows\system32\config 2009-12-23 15:46:58 ----D---- C:\Windows\system32\spool 2009-12-23 15:46:58 ----D---- C:\Windows\system32\catroot2 2009-12-23 15:46:58 ----D---- C:\Windows\inf 2009-12-23 15:46:54 ----D---- C:\ProgramData\Apple Computer 2009-12-23 15:46:48 ----D---- C:\Program Files\QuickTime 2009-12-23 15:46:46 ----D---- C:\Program Files\Hewlett-Packard 2009-12-23 15:46:45 ----D---- C:\Windows\registration 2009-12-23 15:46:40 ----D---- C:\Program Files\Windows Live 2009-12-23 15:46:40 ----D---- C:\Program Files\Microsoft Silverlight 2009-12-23 15:46:40 ----D---- C:\Program Files\EasyBits For Kids 2009-12-23 15:46:39 ----D---- C:\Windows\ehome 2009-12-23 15:46:39 ----D---- C:\Program Files\Microsoft 2009-12-23 13:49:11 ----D---- C:\Windows\Debug 2009-12-20 10:22:08 ----D---- C:\Program Files\Common Files 2009-12-19 10:36:39 ----SD---- C:\Users\sylvain\AppData\Roaming\Microsoft 2009-12-19 10:29:55 ----D---- C:\Windows\system32\catroot 2009-12-19 10:29:51 ----D---- C:\Program Files\Common Files\LogiShrd 2009-12-19 10:29:40 ----D---- C:\Program Files\Logitech 2009-12-19 09:37:55 ----D---- C:\Windows\Microsoft.NET 2009-12-19 09:16:07 ----D---- C:\Program Files\Windows Live Toolbar 2009-12-19 09:15:29 ----SD---- C:\ProgramData\Microsoft 2009-12-10 08:43:15 ----D---- C:\ProgramData\NVIDIA 2009-12-09 21:26:56 ----D---- C:\Windows\rescache 2009-12-09 21:10:05 ----D---- C:\Windows\system32\migration 2009-12-09 21:10:04 ----D---- C:\Windows\system32\fr-FR 2009-12-09 21:10:04 ----D---- C:\Program Files\Internet Explorer 2009-12-09 21:10:03 ----D---- C:\Program Files\Windows Mail 2009-12-09 12:29:38 ----D---- C:\ProgramData\Microsoft Help 2009-12-01 21:06:19 ----A---- C:\Windows\system32\mrt.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 bdftdif;bdftdif; \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys [2008-02-12 156688] R3 Bdfndisf;BitDefender Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\bdfndisf.sys [2008-06-24 86792] R3 bdfsfltr;bdfsfltr; C:\Windows\system32\DRIVERS\bdfsfltr.sys [2008-01-07 196368] R3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys [2008-01-21 8320] R3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-14 218752] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-08-04 2744800] R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2008-07-26 25624] R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2009-10-07 266008] R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2008-12-17 41752] R3 LVUVC;Logitech QuickCam S5500(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2009-10-07 6756632] R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista; C:\Windows\system32\DRIVERS\netr73.sys [2008-02-26 493568] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-06-26 9777376] R3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072] R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632] S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S4 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2007-03-21 304920] S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-09-28 109056] R2 DAUpdaterSvc;Dragon Age: Origins - Application de mise à jour; C:\Users\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832] R2 DQLWinService;DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2006-09-03 208896] R2 ezntsvc;EasyBits Magic Desktop Services for Windows NT; C:\Windows\system32\ezNTSvc.exe [2008-01-24 33792] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440] R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe [2008-11-27 1179648] R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2008-07-26 186904] R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-07-26 150040] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-06-26 211488] R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe [2008-09-15 1261568] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808] R2 XCOMM;BitDefender Communicator; C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe [2007-12-15 86016] R3 scan;BitDefender Threat Scanner; C:\Windows\System32\svchost.exe [2008-01-19 21504] S2 gupdate1c9b36b4fe3920;Service Google Update (gupdate1c9b36b4fe3920); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-02 133104] S2 IntelDHSvcConf;Intel DH Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [2006-05-10 29696] S3 AlertService;Intel® Alert Service; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [2006-09-11 188416] S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504] S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-22 182768] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632] S3 ISSM;Intel® Software Services Manager; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [2006-09-11 75264] S3 M1 Server;Intel® Viiv Media Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [2006-08-31 26624] S3 MCLServiceATL;Intel® Application Tracker; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [2006-09-11 167936] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 Remote UI Service;Intel® Remoting Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [2006-09-11 544256] S3 RoxMediaDB9;RoxMediaDB9; c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-03-26 887544] S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-03-08 74656] -----------------EOF----------------- Et voici le contenu info.txt info.txt logfile of random's system information tool 1.06 2009-12-26 09:29:26 ======Uninstall list====== -->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 -->MsiExec /X{1C4551A6-4743-4093-91E4-1477CD655043} 7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe" Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001} Age of Empires III - The Asian Dynasties-->C:\Program Files\InstallShield Installation Information\{C43C1415-3DFC-4089-9A32-0BECF28A6046}\install.exe -runfromtemp -l0x040c Age of Empires III - The WarChiefs-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{1C08A24C-B168-407E-A826-68FAF5F20710} Age of Empires III-->C:\Program Files\InstallShield Installation Information\{70F8B183-99EB-4304-BA35-080E2DFFD2A3}\install.exe -runfromtemp -l0x040c Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe ArcSoft Print Creations - Album Page-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c -1AlbumPage ArcSoft Print Creations - Funhouse-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c -1Funhouse ArcSoft Print Creations - Greeting Card-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c -1GreetingCard ArcSoft Print Creations - Photo Book-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c -1PhotoBook ArcSoft Print Creations - Photo Calendar-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c -1Calendar ArcSoft Print Creations - Scrapbook-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c -1ScrapBook ArcSoft Print Creations - Slimline Card-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c -1Slimline ArcSoft Print Creations-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c Assistant de connexion Windows Live ID-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845} Baldur's Gate & Tales of the Sword Coast-->C:\Windows\IsUn040c.exe -f"c:\users\sylvain\bg games\baldur's gate\Uninst.isu" Baldur's Gate II - Throne of Bhaal -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{43D4C77E-4339-11D5-96E7-0050BA84F5F7}\Setup.exe" BitDefender Total Security 2008-->MsiExec.exe /I{DB368901-C41E-4D86-9809-E0EE635A6939} BoontyBox 2.3-->"C:\Program Files\Boonty\BoontyBox\unins000.exe" CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" CCScore-->MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992} Coffret de pilotes Logitech QuickCam-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\11.80.1048\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -arpregkey"lvdrivers_11.80" /clone_wait /hide_progress Dragon Age: Origins-->C:\Program Files\Common Files\BioWare\Uninstall Dragon Age.exe Eastern Front Campaign CD 1-->C:\Windows\IsUninst.exe -f"C:\Program Files\TalonSoft\Eastern Front\Uninst1.isu" Eastern Front-->C:\Windows\IsUninst.exe -f"C:\Program Files\TalonSoft\Eastern Front\Uninst.isu" EasyBits Magic Desktop-->C:\Windows\system32\ezMDUninstall.exe EB Documentation 1.1-->"C:\Users\sylvain\RTW EB\EB Documentation\unins000.exe" EB Trivial Script 0.125-->"C:\Users\sylvain\RTW EB\EBTrivialScript\unins000.exe" eMule-->"C:\Program Files\eMule\Uninstall.exe" ESSBrwr-->MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6} ESSCDBK-->MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD} ESScore-->MsiExec.exe /I{42938595-0D83-404D-9F73-F8177FDD531A} ESSgui-->MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A} ESSini-->MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765} ESSPCD-->MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5} ESSPDock-->MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091} ESSTOOLS-->MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589} essvatgt-->MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F} Europa Barbarorum 1.1-->"C:\Users\sylvain\RTW EB\unins000.exe" Europa Barbarorum 1.2-->"C:\Users\sylvain\RTW EB\unins001.exe" Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D} fflink-->MsiExec.exe /I{608D2A3C-6889-4C11-9B54-A42F45ACBFDB} Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1} GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Google Earth-->MsiExec.exe /X{CC016F21-3970-11DE-B878-005056806466} Heroes of Might and Magic V-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{20071984-5EB1-4881-8EDB-082532ACEC6D}\setup.exe" -l0x40c HijackThis 2.0.2-->"C:\Users\sylvain\Downloads\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" HP Advisor-->MsiExec.exe /X{73A43E42-3658-4DD9-8551-FACDA3632538} HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}\setup.exe" -l0x9 -removeonly HP Customer Feedback-->MsiExec.exe /I{9DBA770F-BF73-4D39-B1DF-6035D95268FC} HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40F7AED3-0C7D-4582-99F6-484A515C73F2}\setup.exe" -l0x9 -removeonly HP On-Screen Cap/Num/Scroll Lock Indicator-->C:\Windows\system32\OsdRemove.exe HP Photosmart Essential 2.0-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat HP Picasso Media Center Add-In-->MsiExec.exe /I{55979C41-7D6A-49CC-B591-64AC1BBE2C8B} HP Update-->MsiExec.exe /X{818ABC3C-635C-4651-8183-D0E9640B7DD1} Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31} Insurrection-->C:\Windows\IsUn040c.exe -f"C:\Program Files\UbiSoft\Insurrection\Uninst.isu" Intel® Network Connections Drivers-->Prounstl.exe Java DB 10.3.1.4-->MsiExec.exe /X{CD49361E-3FE6-457E-90A1-9C59E29B5D02} Java 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216015FF} Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Java SE Development Kit 6 Update 7-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160070} Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} kgcbaby-->MsiExec.exe /I{E18B549C-5D15-45DA-8D8F-8FD2BD946344} kgchday-->MsiExec.exe /I{11F3F858-4131-4FFA-A560-3FE282933B6E} kgchlwn-->MsiExec.exe /I{03EDED24-8375-407D-A721-4643D9768BE1} kgcinvt-->MsiExec.exe /I{9BD54685-1496-46A5-AB62-357CD140ED8B} kgckids-->MsiExec.exe /I{693C08A7-9E76-43FF-B11E-9A58175474C4} kgcmove-->MsiExec.exe /I{A1588373-1D86-4D44-86C9-78ABD190F9CC} kgcvday-->MsiExec.exe /I{8A8664E1-84C8-4936-891C-BC1F07797549} Logiciel Intel® Viiv™-->MsiExec.exe /X{6E7BF6EC-C3E7-43A7-8A03-0D204E3EC01B} /qb! Logiciel Kodak EasyShare-->C:\ProgramData\Kodak\EasyShareSetup\$SETUP_1e0001_663006\Setup.exe /APR-REMOVE Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL Logitech QuickCam-->MsiExec.exe /X{3AF8FCCD-F51A-4014-9002-F195E1CBC876} Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Medieval II Total War : Kingdoms : Americas-->C:\Program Files\InstallShield Installation Information\{75983B66-804C-40D1-BA13-64DAF652A6F1}\setup.exe -runfromtemp -l0x040c -removeonly Medieval II Total War : Kingdoms : Britannia-->C:\Program Files\InstallShield Installation Information\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}\setup.exe -runfromtemp -l0x040c -removeonly Medieval II Total War : Kingdoms : Crusades-->C:\Program Files\InstallShield Installation Information\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}\setup.exe -runfromtemp -l0x040c -removeonly Medieval II Total War : Kingdoms : Teutonic-->C:\Program Files\InstallShield Installation Information\{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}\setup.exe -runfromtemp -l0x040c -removeonly Medieval II Total War-->C:\Program Files\InstallShield Installation Information\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}\setup.exe -runfromtemp -l0x040c -removeonly Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929} Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe" Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31} Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE} Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8} Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7} Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C} Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C} Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3} Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223} Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} muvee autoProducer 6.0-->C:\Program Files\InstallShield Installation Information\{6AF49698-949A-4C89-9B31-041D2CCB5FBD}\setup.exe -runfromtemp -l0x040c -removeonly netbrdg-->MsiExec.exe /I{4537EA4B-F603-4181-89FB-2953FC695AB1} NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI NVIDIA PhysX-->MsiExec.exe /X{1C4551A6-4743-4093-91E4-1477CD655043} Oblivion-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35CB6715-41F8-4F99-8881-6FC75BF054B0}\setup.exe" -l0x40c -removeonly OfotoXMI-->MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Outils de diagnostic du matériel-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe Python 2.4.3-->MsiExec.exe /I{75E71ADD-042C-4F30-BFAC-A9EC42351313} QuickTime-->MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC} RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd.exe -r -m -nrg2709 Recruitment Viewer 0.9-->"C:\Users\sylvain\RTW EB\Recruitment Viewer\unins000.exe" Rome - Total War - Alexander-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C1804BC-094F-431A-BEA5-37A837958029}\setup.exe" -l0x40c -removeonly Rome - Total War-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{A642BB6B-CA1D-4142-8DD4-318C3F3DC834} Rome Total War - patch 1.3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A5D65411-8E73-4C85-AD80-9FE8B7391CF9}\Setup.exe" -l0x40c Roxio Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0} Roxio Creator Audio-->MsiExec.exe /X{83FFCFC7-88C6-41c6-8752-958A45325C82} Roxio Creator Basic v9-->MsiExec.exe /X{C8B0680B-CDAE-4809-9F91-387B6DE00F7C} Roxio Creator Copy-->MsiExec.exe /X{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048} Roxio Creator Data-->MsiExec.exe /X{0D397393-9B50-4c52-84D5-77E344289F87} Roxio Creator EasyArchive-->MsiExec.exe /X{11F93B4B-48F0-4A4E-AE77-DFA96A99664B} Roxio Creator Tools-->MsiExec.exe /X{0394CDC8-FABD-4ed8-B104-03393876DFDF} Roxio Express Labeler 3-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} Roxio MyDVD Basic v9-->MsiExec.exe /X{938B1CD7-7C60-491E-AA90-1F1888168240} Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08} Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F} Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE} Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D} Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF} Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C} Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC} Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D} SFR-->MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B} SHASTA-->MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237} skin0001-->MsiExec.exe /I{5316DFC9-CE99-4458-9AB3-E8726EDE0210} SKINXSDK-->MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F} Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D} Solution de clavier multimédia amélioré-->C:\HP\KBD\Install.exe /u Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004} Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Starcraft-->C:\Windows\SCunin.exe C:\Windows\SCunin.dat staticcr-->MsiExec.exe /I{8943CE61-53BD-475E-90E1-A580869E98A2} Stellar Forces-->C:\Windows\IsUninst.exe -fC:\Users\Starcraft\Maps\Uninst.isu Surligneur (Windows Live Toolbar)-->MsiExec.exe /X{81B5F83F-2291-48B0-8375-36B63A9BF5B0} Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7} Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331} VideoLAN VLC media player 0.8.6e-->C:\Program Files\VideoLAN\VLC\uninstall.exe VPRINTOL-->MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370} Warhammer® Mark of Chaos™ - Battle March™ GOLD-->MsiExec.exe /I{ABC91C39-266D-4042-828E-4386E0F25218} Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956} Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC} Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66} Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA} Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818} Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1} Windows Live Movie Maker-->MsiExec.exe /X{53B20C18-D8D4-4588-8737-9BBFE303C354} Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353} Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA} WIRELESS-->MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F} Yahoo! Install Manager-->C:\Windows\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL Yahoo! Toolbar avec bloqueur de fenêtres pop-up-->C:\PROGRA~1\Yahoo!\Common\unyt.exe ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======Security center information====== AV: Bitdefender Antivirus FW: Bitdefender Firewall AS: BitDefender AntiSpam AS: Spybot - Search and Destroy (disabled) (outdated) ======System event log====== Computer Name: PC-de-sylvain Event Code: 15016 Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur. Record Number: 216710 Source Name: Microsoft-Windows-HttpEvent Time Written: 20090826041439.953349-000 Event Type: Erreur User: Computer Name: PC-de-sylvain Event Code: 4001 Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement. Record Number: 216695 Source Name: Microsoft-Windows-WLAN-AutoConfig Time Written: 20090826001438.501400-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-sylvain Event Code: 15016 Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur. Record Number: 216568 Source Name: Microsoft-Windows-HttpEvent Time Written: 20090825150316.899540-000 Event Type: Erreur User: Computer Name: PC-de-sylvain Event Code: 4001 Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement. Record Number: 216553 Source Name: Microsoft-Windows-WLAN-AutoConfig Time Written: 20090825133323.190400-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-sylvain Event Code: 17 Message: Le périphérique a renvoyé une ou plusieurs réponses incorrectes après une réinitialisation du clavier. Record Number: 216533 Source Name: i8042prt Time Written: 20090825120337.565000-000 Event Type: Avertissement User: =====Application event log===== Computer Name: PC-de-sylvain Event Code: 1530 Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela. DÉTAIL - 0 user registry handles leaked from \Registry\User\S-1-5-21-1900764711-605777403-854599631-1001: Record Number: 44686 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20081202184321.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-sylvain Event Code: 1000 Message: Application défaillante Oblivion.exe, version 1.2.0.416, horodatage 0x462392c7, module défaillant unknown, version 0.0.0.0, horodatage 0x00000000, code d’exception 0xc0000096, décalage d’erreur 0x2703d981, ID du processus 0x148c, heure de début de l’application 0x01c954ad82cc408f. Record Number: 44681 Source Name: Application Error Time Written: 20081202184258.000000-000 Event Type: Erreur User: Computer Name: PC-de-sylvain Event Code: 1000 Message: Application défaillante EasyShare.exe, version 6.40.53.95, horodatage 0x46f0dee8, module défaillant ole32.dll, version 6.0.6001.18000, horodatage 0x4791a74c, code d’exception 0xc0000005, décalage d’erreur 0x0004c235, ID du processus 0xfb8, heure de début de l’application 0x01c9545d0ca7214f. Record Number: 44663 Source Name: Application Error Time Written: 20081202090637.000000-000 Event Type: Erreur User: Computer Name: PC-de-sylvain Event Code: 1530 Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela. DÉTAIL - 4 user registry handles leaked from \Registry\User\S-1-5-21-1900764711-605777403-854599631-1001: Process 1068 (\Device\HarddiskVolume1\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1900764711-605777403-854599631-1001 Process 1068 (\Device\HarddiskVolume1\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1900764711-605777403-854599631-1001\Software\Microsoft\SystemCertificates\Root Process 1068 (\Device\HarddiskVolume1\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1900764711-605777403-854599631-1001\Software\Microsoft\SystemCertificates\trust Process 1068 (\Device\HarddiskVolume1\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1900764711-605777403-854599631-1001\Software\Microsoft\SystemCertificates\SmartCardRoot Record Number: 44612 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20081201193217.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-sylvain Event Code: 1000 Message: Application défaillante Oblivion.exe, version 1.2.0.416, horodatage 0x462392c7, module défaillant unknown, version 0.0.0.0, horodatage 0x00000000, code d’exception 0xc0000005, décalage d’erreur 0x1f5cb6c8, ID du processus 0x109c, heure de début de l’application 0x01c953eb4bf57fd0. Record Number: 44608 Source Name: Application Error Time Written: 20081201193124.000000-000 Event Type: Erreur User: =====Security event log===== Computer Name: PC-de-sylvain Event Code: 4624 Message: L’ouverture de session d’un compte s’est correctement déroulée. Sujet : ID de sécurité : S-1-0-0 Nom du compte : - Domaine du compte : - ID d’ouverture de session : 0x0 Type d’ouverture de session : 0 Nouvelle ouverture de session : ID de sécurité : S-1-5-18 Nom du compte : SYSTEM Domaine du compte : AUTORITE NT ID d’ouverture de session : 0x3e7 GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Informations sur le processus : ID du processus : 0x4 Nom du processus : Informations sur le réseau : Nom de la station de travail : - Adresse du réseau source : - Port source : - Informations détaillées sur l’authentification : Processus d’ouverture de session : - Package d’authentification : - Services en transit : - Nom du package (NTLM uniquement) : - Longueur de la clé : 0 Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée. Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe. Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau). Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté. Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas. Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique. - Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC . - Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session. - Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM. - La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée. Record Number: 67716 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090525165643.542941-000 Event Type: Succès de l'audit User: Computer Name: PC-de-sylvain Event Code: 4608 Message: Windows démarre. Cet événement est journalisé lorsque LSASS.EXE démarre et que le sous-système d’audit est initialisé. Record Number: 67715 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090525165643.542941-000 Event Type: Succès de l'audit User: Computer Name: PC-de-sylvain Event Code: 4634 Message: Fermeture de session d’un compte. Sujet : ID de sécurité : S-1-5-7 Nom du compte : ANONYMOUS LOGON Domaine du compte : AUTORITE NT ID du compte : 0x22f9f Type d’ouverture de session : 3 Cet événement est généré lorsqu’une session ouverte est supprimée. Il peut être associé à un événement d’ouverture de session en utilisant la valeur ID d’ouverture de session. Les ID d’ouverture de session ne sont uniques qu’entre les redémarrages sur un même ordinateur. Record Number: 67714 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090525155913.074600-000 Event Type: Succès de l'audit User: Computer Name: PC-de-sylvain Event Code: 4616 Message: L’heure du système a été modifiée. Sujet : ID de sécurité : S-1-5-19 Nom du compte : SERVICE LOCAL Domaine du compte : AUTORITE NT ID d’ouverture de session : 0x3e5 Informations sur le processus : ID du processus : 0x4c4 Nom : C:\Windows\System32\svchost.exe Heure précédente : 17:59:12 25/05/2009 Nouvelle heure : 17:59:12 25/05/2009 Cet événement est généré lorsque l’heure du système est modifiée. Le changement régulier de l’heure du système est une opération normale de la part du service de temps Windows qui s’exécute avec des privilèges système. Mais, d’autres modifications de l’heure du système peuvent indiquer des tentatives de falsification de l’ordinateur. Record Number: 67713 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090525155912.918600-000 Event Type: Succès de l'audit User: Computer Name: PC-de-sylvain Event Code: 1100 Message: Le service d’enregistrement des événements a été arrêté. Record Number: 67712 Source Name: Microsoft-Windows-Eventlog Time Written: 20090525155913.589400-000 Event Type: Succès de l'audit User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\hp\bin\Python;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\QuickTime\QTSystem\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 7, GenuineIntel "PROCESSOR_REVISION"=0f07 "NUMBER_OF_PROCESSORS"=4 "RoxioCentral"=c:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\ "PLATFORM"=HPD "PCBRAND"=Pavilion "OnlineServices"=Services en ligne "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip -----------------EOF-----------------
  12. Colonel Klinck
    Ok, j'ai suivi ton protoocle Navilog1 à la lettre. voici le rapport : Fix Navipromo version 4.0.5 commencé le 25/12/2009 21:21:57,85 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 10.11.2009 à 18h00 par IL-MAFIOSO Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2 X86-based PC ( Multiprocessor Free : Intel® Core2 Quad CPU @ 2.40GHz ) BIOS : BIOS Date: 07/11/07 19:52:07 Ver: 08.00.14 USER : sylvain ( Not Administrator ! ) BOOT : Normal boot Antivirus : Bitdefender Antivirus 8.0 (Activated) Firewall : Bitdefender Firewall 8.0 (Activated) C:\ (Local Disk) - NTFS - Total:457 Go (Free:263 Go) D:\ (Local Disk) - NTFS - Total:8 Go (Free:1 Go) E:\ (CD or DVD) - CDFS - Total:7 Go (Free:0 Go) F:\ (USB) G:\ (USB) H:\ (USB) I:\ (USB) Recherche executée en mode normal Nettoyage exécuté au redémarrage de l'ordinateur Nettoyage contenu C:\Windows\Temp effectué ! Nettoyage contenu C:\Users\sylvain\AppData\Local\Temp effectué ! *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok Certificat OOO-Favorit supprimé ! *** Scan terminé 25/12/2009 21:29:34,74 *** Pour info au redémarrage d el'ordi après le scan MBAM Windows m'affiche que certains programmes d ed émarrage ont été bloqués. J'en ai exactement 27 dont quelques uns où le nom du fabricant est inconnu. Je ne sais pas si je dois réautoriser ces progammes ou les laisser désactivés
  13. Colonel Klinck
    Voilà j'ai suivi tes instructions à la lettre : Voici les résultats du scan MBAM : 25/12/2009 20:06:56 mbam-log-2009-12-25 (20-06-56).txt Type de recherche: Examen complet (C:\|D:\|F:\|G:\|H:\|I:\|) Eléments examinés: 548107 Temps écoulé: 4 hour(s), 2 minute(s), 42 second(s) Processus mémoire infecté(s): 1 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 3 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 1 Fichier(s) infecté(s): 7 Processus mémoire infecté(s): C:\Program Files\Winsudate\gibsvc.exe (Adware.édité) -> Unloaded process successfully. Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winsvc (Adware.édité) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{49c381e8-56b0-96d3-e42b-f37430f92713} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\winusr (Adware.édité) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): C:\Program Files\Winsudate (Adware.édité) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Users\sylvain\Local Settings\Application Data\gmmaw_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Users\sylvain\Local Settings\Application Data\gmmaw_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Users\sylvain\Local Settings\Application Data\gmmaw.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Program Files\Winsudate\gibsvc.exe (Adware.édité) -> Quarantined and deleted successfully. C:\Program Files\Winsudate\gibcom.dll (Adware.édité) -> Quarantined and deleted successfully. C:\Program Files\Winsudate\gibidl.dll (Adware.édité) -> Quarantined and deleted successfully. C:\Windows\System32\thxphxdhukxjj.dll-uninst.exe (Trojan.BHO) -> Quarantined and deleted successfully. Et voici le résultat du nouveau Hikjack this : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:23:53, on 25/12/2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18865) Boot mode: Normal Running processes: C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\hp\support\hpsysdrv.exe C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\Windows\RtHDVCpl.exe C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\hp\kbd\kbd.exe c:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exeLogfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:23:53, on 25/12/2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18865) Boot mode: Normal Running processes: C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\hp\support\hpsysdrv.exe C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\Windows\RtHDVCpl.exe C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\hp\kbd\kbd.exe c:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\Windows\system32\Macromed\Flash\FlashUtil10d.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\Users\sylvain\Downloads\HiJackThis.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe C:\program files\logitech\quickcam\lu\lulnchr.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Intel® Alert Service (AlertService) - Intel® Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe O23 - Service: Dragon Age: Origins - Application de mise à jour (DAUpdaterSvc) - BioWare - C:\Users\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe O23 - Service: EasyBits Magic Desktop Services for Windows NT (ezntsvc) - EasyBits Software Corp. - C:\Windows\system32\ezNTSvc.exe O23 - Service: Service Google Update (gupdate1c9b36b4fe3920) (gupdate1c9b36b4fe3920) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe O23 - Service: Intel® Software Services Manager (ISSM) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: Intel® Viiv Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe O23 - Service: Intel® Application Tracker (MCLServiceATL) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Intel® Remoting Service (Remote UI Service) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe -- End of file - 49428 bytes J'ai comme l'impression qu'il y a encore des problèmes ...
  14. Colonel Klinck
    Bonjour, Voici mon problème. Depuis trois jours mon PC rame pendant une bonne demi heure après être arrivé sur la page de présentation windows vista. Cela se caractérise par le fait que le curseur en flêche s'accompagne d'une petite roue en surbrillance qui ne cesse d'apparaitre par intermittence signifiant qu'il "travaille" toujours. A partir de la c'est la croix et la bannière pour utiliser la moindre application. C'est très lent, aussi bien pour un jeu que pour surfer sur le net ou utiliser la moindre application. Ce phénomène dure une bonne demi heure jusqu'à ce que j'ai un message d'alerte Microsoft Windows m'annonçant "La mémoire de votre ordinateur est insuffisante. Pour restaurer suffisamment de mémoire afin que vos programmes fonctionnent correctement enregistrez vos fichiers puis fermez ou redémarrez tous les programmes ouverts." Une fois passée cette annonce les choses redeviennent "normales" mon PC ne rame plus .... J'ai vérifié sa mémoire et ses performances. Je n'ai que 40% du disque dur d'occupé. L'UC utilisée varie entre 12 et 2% et la barre de mémoire physique ne s'èlève qu'à 25%. Soupçonnant une infection de type malware, j'ai lancé un scan via mon antivirus Bitdefender total security premium 2008 qui n'a rien trouvé. Une recherche de spybot 1.62 n'a rien donné non plus. Des recherches sur ce forum m'ont amené à découvrir l'existence d'un malware faisant ramer les PC nommé gibus installant des fichiers.exe associé à ce diminutif via un dossier Winsudate. Or il y a quelques jours, comme une grosse andouille pour rester poli j'ai autorisé l'accès à un programme ressemblant fort à cela en effectuant des mises à jours windows sur le site officiel... et j'ai découvert dans les processus en cours via le dossier Winsudate ce fameux gibus et son cortège (gibusr.exe, gibsvc.exe, gibupt.exe). J'ai pu en virer un après l'avoir désactivé en tant que processus actif mais impossible de supprimer les autres ainsi que le dossier Winsudate. Il m'est signifié que je ne suis pas autorisé à virer ce matériel alors que j'agi en tant qu'administrateur.... Pour l'instant j'en suis là. J'ai pris l'initiative de faire un fichiers Hijack This en vous demandant une analyse ainsi que des conseils au cas où mon ordi serait effectivement vérolé : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:06:16, on 25/12/2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18865) Boot mode: Normal Running processes: C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\hp\support\hpsysdrv.exe C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\Windows\RtHDVCpl.exe C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\hp\kbd\kbd.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Windows\system32\Macromed\Flash\FlashUtil10d.exe C:\Windows\system32\taskeng.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\sylvain\Downloads\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll F2 - REG:system.ini: UserInit=C:\Windows\system32\ezShellStart.exe O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY O4 - HKCU\..\Run: [WinUsr] C:\Program Files\Winsudate\gibusr.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Intel® Alert Service (AlertService) - Intel® Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe O23 - Service: Dragon Age: Origins - Application de mise à jour (DAUpdaterSvc) - BioWare - C:\Users\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe O23 - Service: EasyBits Magic Desktop Services for Windows NT (ezntsvc) - EasyBits Software Corp. - C:\Windows\system32\ezNTSvc.exe O23 - Service: Service Google Update (gupdate1c9b36b4fe3920) (gupdate1c9b36b4fe3920) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe O23 - Service: Intel® Software Services Manager (ISSM) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: Intel® Viiv Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe O23 - Service: Intel® Application Tracker (MCLServiceATL) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Intel® Remoting Service (Remote UI Service) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe O23 - Service: Gestionnaire de mise à jour Winsudate (WinSvc) - Winsudate - C:\Program Files\Winsudate\gibsvc.exe O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe -- End of file - 13021 bytes
×
×
  • Créer...