eva-chan

bonjour , j'ai re essayer mais ça marche pas du tout ! >.< vous pouvez m'aider ?

ça n'a pas voulu marcher , il me dit accés refusé , je vais re essayer

voiçi le rapport =) ! ComboFix 10-03-26.02 - Administrateur 27/03/2010 23:06:59.2.1 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.503.212 [GMT 1:00] Lancé depuis: c:\documents and settings\Administrateur\Bureau\ComboFix.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Administrateur\Application Data\logs.dat . ---- Exécution préalable ------- . c:\documents and settings\Administrateur\Application Data\logs.dat C:\InfoSat.txt c:\windows\regedit.com c:\windows\system32\Msglixgrx.dll c:\windows\winhelp.ini . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_ABP470N5 -------\Service_abp470n5 -------\Service_poof -------\Legacy_ABP470N5 -------\Service_abp470n5 ((((((((((((((((((((((((((((( Fichiers créés du 2010-02-27 au 2010-03-27 )))))))))))))))))))))))))))))))))))) . 2010-03-27 21:12 . 2010-03-27 21:14 -------- d-----w- C:\FyK 2010-03-27 21:00 . 2010-03-27 21:01 -------- d-----w- C:\rsit 2010-03-27 13:16 . 2010-03-27 13:16 -------- d-----w- c:\windows\Logs 2010-03-27 11:30 . 2010-03-27 12:47 -------- d-----w- C:\files system 2010-03-26 01:12 . 2010-03-27 14:47 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Vuze_Remote 2010-03-26 01:12 . 2010-03-26 01:12 -------- d-----w- c:\program files\Vuze_Remote 2010-03-25 21:29 . 2008-09-27 00:58 121984 ----a-w- c:\windows\system32\drivers\usbvideo.sys 2010-03-20 16:33 . 2010-03-20 16:33 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2010-03-20 16:30 . 2010-03-20 17:46 -------- d-----w- c:\documents and settings\Administrateur\Application Data\DAEMON Tools Lite 2010-03-20 16:30 . 2010-03-20 16:31 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite 2010-03-19 18:47 . 2010-03-19 18:47 -------- d-----w- c:\program files\Total Uninstall 5 2010-03-19 18:46 . 2010-03-19 18:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Martau 2010-03-19 18:05 . 2010-03-19 18:05 -------- d--h--w- c:\windows\system32\GroupPolicy 2010-03-19 17:59 . 2009-06-30 08:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys 2010-03-19 17:58 . 2010-03-19 17:58 -------- d-----w- c:\program files\Panda Security 2010-03-19 12:01 . 2010-03-19 12:01 -------- d-----w- C:\$AVG 2010-03-19 12:00 . 2010-03-19 12:00 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2010-03-19 12:00 . 2010-03-19 12:00 12464 ----a-w- c:\windows\system32\avgrsstx.dll 2010-03-19 11:59 . 2010-03-20 00:20 -------- d-----w- c:\windows\system32\drivers\Avg 2010-03-19 11:58 . 2010-03-19 11:58 25608 ----a-w- c:\windows\system32\drivers\AVGIDSxx.sys 2010-03-19 11:58 . 2010-03-19 11:58 161800 ----a-w- c:\windows\system32\drivers\avgrkx86.sys 2010-03-19 11:58 . 2010-03-19 11:58 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2010-03-19 11:58 . 2010-03-19 11:58 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2010-03-19 11:57 . 2010-03-19 18:52 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9 2010-03-19 11:20 . 2010-03-19 11:20 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2010-03-19 11:11 . 2010-03-19 16:17 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Temp 2010-03-19 11:11 . 2010-03-19 11:11 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google 2010-03-19 11:11 . 2010-03-19 17:47 -------- d-----w- c:\program files\Google 2010-03-19 11:11 . 2010-03-19 17:47 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Google 2010-03-19 09:16 . 2010-03-19 09:16 -------- d-----w- c:\documents and settings\All Users\Application Data\ZA_PreservedFiles 2010-03-19 09:08 . 2010-03-19 09:08 -------- d-----w- c:\program files\CCleaner 2010-03-19 08:43 . 2010-03-19 09:18 -------- d-----w- c:\program files\CheckPoint 2010-03-19 08:43 . 2010-03-19 08:43 4212 ---ha-w- c:\windows\system32\zllictbl.dat 2010-03-19 08:43 . 2009-10-12 17:15 128016 ----a-w- c:\windows\system32\drivers\kl1.sys 2010-03-18 10:17 . 2010-03-25 02:00 -------- d-----w- c:\documents and settings\Administrateur\Application Data\DMCache 2010-03-16 12:48 . 2010-03-16 12:48 -------- d-----w- c:\program files\iPod 2010-03-16 12:48 . 2010-03-16 12:49 -------- d-----w- c:\program files\iTunes 2010-03-16 12:31 . 2010-03-16 12:31 -------- d-----w- c:\program files\Safari 2010-03-09 18:15 . 2005-01-04 09:43 4682 ----a-w- c:\windows\system32\npptNT2.sys 2010-03-05 10:32 . 2010-03-05 10:32 -------- d-----w- c:\documents and settings\All Users\CyberLink 2010-03-05 08:50 . 2010-03-05 08:50 -------- d-----w- c:\program files\LimeWire 2010-03-04 18:58 . 2010-03-05 08:43 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Online_Sharing 2010-03-04 18:58 . 2010-03-04 18:58 -------- d-----w- c:\program files\Online_Sharing 2010-03-04 18:58 . 2010-03-04 19:21 -------- d-----w- c:\program files\LimeWire Acceleration Patch 2010-03-04 18:46 . 2010-03-27 21:59 -------- d-----w- c:\documents and settings\Administrateur\Application Data\LimeWire . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-03-27 12:05 . 2010-02-01 19:01 -------- d-----w- c:\documents and settings\Administrateur\Application Data\vlc 2010-03-26 18:39 . 2010-02-06 10:29 -------- d-----w- c:\documents and settings\Administrateur\Application Data\dvdcss 2010-03-24 22:20 . 2010-01-25 13:11 -------- d-----w- c:\program files\Flyff 2010-03-19 12:18 . 2008-04-14 12:00 73166 ----a-w- c:\windows\system32\perfc00C.dat 2010-03-19 12:18 . 2008-04-14 12:00 464690 ----a-w- c:\windows\system32\perfh00C.dat 2010-03-19 12:16 . 2010-01-18 20:43 62560 ----a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-03-17 13:37 . 2010-02-07 17:27 -------- d-----w- c:\program files\KaraFun 2010-03-16 12:48 . 2010-01-20 19:18 -------- d-----w- c:\program files\Fichiers communs\Apple 2010-03-16 12:44 . 2010-01-20 19:19 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Apple Computer 2010-03-16 12:36 . 2010-03-16 12:36 72488 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe 2010-03-16 12:24 . 2010-03-16 12:24 152872 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.22.7\SetupAdmin.exe 2010-03-09 18:14 . 2010-01-31 19:33 -------- d-----w- c:\program files\Common Files 2010-03-09 11:33 . 2010-01-21 21:31 40592 ---ha-w- c:\windows\system32\mlfcache.dat 2010-03-05 10:36 . 2010-02-07 17:08 -------- d-----w- c:\program files\CyberLink 2010-03-05 10:32 . 2010-02-07 17:11 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink 2010-03-05 10:31 . 2010-01-22 20:15 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-03-05 10:29 . 2010-02-07 17:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Temp 2010-03-05 10:29 . 2010-03-05 10:29 114688 ----a-w- c:\documents and settings\All Users\Application Data\Temp\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\PostBuild.exe 2010-02-22 18:40 . 2010-02-22 18:40 2131336 ----a-w- c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\mteietq8.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe 2010-02-19 21:18 . 2010-02-19 21:18 664 ----a-w- c:\windows\system32\d3d9caps.dat 2010-02-09 10:00 . 2010-02-09 10:00 132274 ----a-w- c:\documents and settings\Administrateur\Application Data\Facebook\uninstall.exe 2010-02-09 10:00 . 2010-02-09 10:00 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Facebook 2010-02-07 19:43 . 2010-02-07 19:43 -------- d-----w- c:\documents and settings\Administrateur\Application Data\PhotoFiltre 2010-02-07 19:43 . 2010-02-07 19:43 -------- d-----w- c:\program files\PhotoFiltre 2010-02-07 19:25 . 2010-02-07 17:07 110592 ----a-w- c:\documents and settings\All Users\Application Data\Temp\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\PostBuild.exe 2010-02-07 17:11 . 2010-02-07 17:11 -------- d-----w- c:\documents and settings\Administrateur\Application Data\CyberLink 2010-02-07 15:38 . 2010-02-07 15:38 -------- d-----w- c:\program files\Conduit 2010-02-07 15:38 . 2010-02-07 15:38 -------- d-----w- c:\program files\PHPNukeFR 2010-02-07 15:38 . 2010-02-07 15:38 -------- d-----w- c:\program files\Ilusion Software 2010-02-07 15:15 . 2009-08-24 01:19 -------- d-----w- c:\program files\Notepad++ 2010-02-07 15:02 . 2010-02-07 15:02 -------- d-----w- c:\program files\Mega Bloc Notes 2010-02-07 15:01 . 2010-02-07 15:01 73728 ----a-w- c:\windows\unacev2.dll 2010-02-06 18:44 . 2010-02-06 18:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Alawar Stargaze 2010-02-06 18:42 . 2010-02-06 18:42 -------- d-----w- c:\program files\Alabama Smith - Escape from Pompeii 2010-02-04 09:01 . 2010-03-27 13:18 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll 2010-02-04 09:01 . 2010-03-27 13:18 528216 ----a-w- c:\windows\system32\XAudio2_6.dll 2010-02-04 09:01 . 2010-03-27 13:18 238936 ----a-w- c:\windows\system32\xactengine3_6.dll 2010-02-04 09:01 . 2010-03-27 13:18 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll 2010-02-03 20:56 . 2010-02-03 20:56 -------- d-----w- c:\documents and settings\Administrateur\Application Data\ArcSoft 2010-02-01 22:04 . 2010-02-01 22:04 847040 ----a-w- c:\documents and settings\Administrateur\Application Data\Facebook\axfbootloader.dll 2010-02-01 22:04 . 2010-02-01 22:04 5578752 ----a-w- c:\documents and settings\Administrateur\Application Data\Facebook\npfbplugin_1_0_1.dll 2010-02-01 21:01 . 2009-08-24 00:57 86331 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2010-02-01 20:54 . 2010-02-01 20:54 -------- d-----w- c:\documents and settings\Administrateur\Application Data\InstallShield 2010-02-01 20:38 . 2010-02-01 20:32 -------- d-----w- c:\program files\DivX 2010-02-01 20:37 . 2010-02-01 20:06 -------- d-----w- c:\documents and settings\Administrateur\Application Data\LG Electronics 2010-02-01 20:34 . 2010-02-01 20:06 -------- d-----w- c:\program files\LG Electronics 2010-02-01 20:05 . 2010-01-31 18:14 -------- d-----w- c:\program files\Fichiers communs\InstallShield 2010-02-01 19:59 . 2010-02-01 19:59 -------- d-----w- c:\documents and settings\Administrateur\Application Data\LGAAS 2010-02-01 19:17 . 2010-02-01 19:16 -------- d-----w- c:\program files\Fichiers communs\ArcSoft 2010-02-01 19:16 . 2010-02-01 19:16 -------- d-----w- c:\program files\Hama 2010-02-01 19:00 . 2010-02-01 19:00 -------- d-----w- c:\program files\VideoLAN 2010-02-01 18:57 . 2010-02-01 18:57 -------- d-----w- c:\documents and settings\Administrateur\Application Data\ImgBurn 2010-02-01 18:53 . 2010-02-01 18:53 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Nero 2010-01-31 19:38 . 2010-01-31 19:12 -------- d-----w- c:\documents and settings\All Users\Application Data\WebcamMax 2010-01-31 19:33 . 2010-01-31 19:33 -------- d-----w- c:\program files\Fichiers communs\PAC207 2010-01-31 19:15 . 2010-01-31 19:07 -------- d-----w- c:\program files\WebcamMax 2010-01-31 19:12 . 2010-01-31 19:12 -------- d-----w- c:\program files\Ask.com 2010-01-31 19:12 . 2010-01-31 19:12 -------- d-----w- c:\documents and settings\Administrateur\Application Data\WebcamMax 2010-01-31 18:37 . 2010-01-31 18:37 -------- d-----w- c:\program files\PhotoInstrument 2010-01-31 18:20 . 2010-01-31 18:20 -------- d-----w- c:\program files\Singular Inversions 2010-01-31 11:44 . 2010-01-31 11:44 -------- d-----w- c:\documents and settings\Administrateur\Application Data\MakeUpPilot . ------- Sigcheck ------- [-] 2008-09-27 . 4BB6301D634C857A5089E8B24C5555E4 . 593408 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe [-] 2008-09-27 . AAC42FD16A1976DE9A0773E740597644 . 693248 . . [5.82] . . c:\windows\system32\comctl32.dll [-] 2008-09-27 . B6BC3773B01BF85B880F56C198EEA90B . 3774464 . . [7.00.6000.20861] . . c:\windows\system32\mshtml.dll [-] 2008-09-27 . 65A2D2BD594EB3E670CECFFEED75FB69 . 2331008 . . [5.1.2600.5586] . . c:\windows\system32\ntoskrnl.exe [-] 2008-09-27 . EF31A8266AF7996746392E4F45502536 . 517632 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll [-] 2008-09-27 . 90B16FF3ACEC94B95BA95AA686442A47 . 879616 . . [7.00.6000.20861] . . c:\windows\system32\wininet.dll [-] 2010-03-19 08:00 . 825BD837D372CB91D665969A7F5A88BB . 287232 . . [------] . . c:\windows\FFDS\explorer.exe [-] 2008-09-27 . BFBBBFE0913E6C9706F97598A6588B8F . 1573888 . . [6.00.2900.5634] . . c:\windows\explorer.exe [-] 2008-09-27 . B2DAB0165523BFDE558AFD51ED0E2544 . 209408 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe [-] 2008-09-27 . A3CA2B158B645447964ADC84FA7E6EE6 . 2207872 . . [5.1.2600.5586] . . c:\windows\system32\ntkrnlpa.exe . ((((((((((((((((((((((((((((( SnapShot@2010-03-27_21.50.08 ))))))))))))))))))))))))))))))))))))))))) . + 2010-03-27 22:12 . 2010-03-27 22:12 16384 c:\windows\temp\Perflib_Perfdata_3c4.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-10-27 1196936] "{1c491116-c175-45e1-a570-6fb14fea8b7b}"= "c:\program files\PHPNukeFR\tbPHPN.dll" [2009-12-31 2349080] "{8567a644-e36c-470c-86cf-9c5b4f37db81}"= "c:\program files\Online_Sharing\tbOnli.dll" [2009-12-31 2349080] "{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\tbVuze.dll" [2010-03-17 2355224] [HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}] [HKEY_CLASSES_ROOT\clsid\{1c491116-c175-45e1-a570-6fb14fea8b7b}] [HKEY_CLASSES_ROOT\clsid\{8567a644-e36c-470c-86cf-9c5b4f37db81}] [HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1c491116-c175-45e1-a570-6fb14fea8b7b}] 2009-12-31 10:53 2349080 ----a-w- c:\program files\PHPNukeFR\tbPHPN.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8567a644-e36c-470c-86cf-9c5b4f37db81}] 2009-12-31 10:53 2349080 ----a-w- c:\program files\Online_Sharing\tbOnli.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}] 2010-03-17 14:45 2355224 ----a-w- c:\program files\Vuze_Remote\tbVuze.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2009-10-27 12:48 1196936 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-10-27 1196936] "{1c491116-c175-45e1-a570-6fb14fea8b7b}"= "c:\program files\PHPNukeFR\tbPHPN.dll" [2009-12-31 2349080] "{8567a644-e36c-470c-86cf-9c5b4f37db81}"= "c:\program files\Online_Sharing\tbOnli.dll" [2009-12-31 2349080] "{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\tbVuze.dll" [2010-03-17 2355224] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CLASSES_ROOT\clsid\{1c491116-c175-45e1-a570-6fb14fea8b7b}] [HKEY_CLASSES_ROOT\clsid\{8567a644-e36c-470c-86cf-9c5b4f37db81}] [HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-10-27 1196936] "{1C491116-C175-45E1-A570-6FB14FEA8B7B}"= "c:\program files\PHPNukeFR\tbPHPN.dll" [2009-12-31 2349080] "{8567A644-E36C-470C-86CF-9C5B4F37DB81}"= "c:\program files\Online_Sharing\tbOnli.dll" [2009-12-31 2349080] "{BA14329E-9550-4989-B3F2-9732E92D17CC}"= "c:\program files\Vuze_Remote\tbVuze.dll" [2010-03-17 2355224] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CLASSES_ROOT\clsid\{1c491116-c175-45e1-a570-6fb14fea8b7b}] [HKEY_CLASSES_ROOT\clsid\{8567a644-e36c-470c-86cf-9c5b4f37db81}] [HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WinMover"="c:\program files\WinMover\WinMover.exe" [2005-12-02 10240] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "WebcamMaxAutoRun"="c:\program files\WebcamMax\WebcamMax.exe" [2009-12-30 5946000] "HKCU"="c:\windows\FFDS\explorer.exe" [2010-03-19 287232] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-09-27 209408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "igfxtray"="c:\windows\system32\igfxtray.exe" [2006-02-07 163840] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-02-07 151552] "igfxpers"="c:\windows\system32\igfxpers.exe" [2006-02-07 118784] "VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2008-06-29 52168] "HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 323584] "HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-03-04 245760] "HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2004-02-18 122880] "QuickTime Task"="c:\program files\QT Lite\QTTask.exe" [2009-11-10 417792] "PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 397312] "PAC207_Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 393216] "Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 393216] "UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 296232] "YouCam Mirror Tray icon"="c:\program files\CyberLink\YouCam\YouCamTray.exe" [2009-06-11 232544] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-02-15 141608] "AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2010-02-17 255296] "HKLM"="c:\windows\FFDS\explorer.exe" [2010-03-19 287232] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "JkDefrag"="advpack.dll" [2008-08-28 124928] "SweetRegistry"="advpack.dll" [2008-08-28 124928] [HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run] "Policies"="c:\windows\FFDS\explorer.exe" [2010-03-19 287232] [HKEY_CURRENT_USER\software\microsoft\windows\Currentversion\policies\explorer\Run] "Policies"="c:\windows\FFDS\explorer.exe" [2010-03-19 287232] c:\documents and settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\ LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-2-19 577536] Lotus QuickStart.lnk - c:\lotus\wordpro\ltsstart.exe [1997-1-10 16384] Lotus SuiteStart 97.lnk - c:\lotus\smartctr\suitest.exe [1997-2-18 109056] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Monitor.lnk - c:\program files\Hama\Hama Digital Software Suite\Media Card Companion\MCC Monitor.exe [2010-2-1 192512] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableTaskMgr"= 1 (0x1) "DisableRegistryTools"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "HideRunAsVerb"= 1 (0x1) "NoNetConnectDisconnect"= 1 (0x1) "NoResolveTrack"= 1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) "NoSMBalloonTip"= 1 (0x1) "NoSMConfigurePrograms"= 1 (0x1) "NoSMHelp"= 1 (0x1) "NoStrCmpLogical"= 0 (0x0) "NoWelcomeScreen"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) "NoResolveTrack"= 1 (0x1) "NoSMBalloonTip"= 1 (0x1) "NoSMConfigurePrograms"= 1 (0x1) "NoSMHelp"= 1 (0x1) "NoStrCmpLogical"= 0 (0x0) "NoWelcomeScreen"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2010-03-19 12:00 12464 ----a-w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiVirusOverride"=dword:00000001 "AntiVirusDisableNotify"=dword:00000001 "FirewallDisableNotify"=dword:00000001 "FirewallOverride"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "UacDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Flyff\\Flyff.exe"= "c:\\Program Files\\iTunes\\iTunesHelper.exe"= "c:\\Program Files\\HP\\hpcoretech\\soln\\HPOSM.exe"= "c:\\WINDOWS\\PixArt\\PAC7302\\Monitor.exe"= "c:\\WINDOWS\\PixArt\\PAC207\\Monitor.exe"= "c:\\Program Files\\HP\\hpcoretech\\comp\\hptskmgr.exe"= "c:\\WINDOWS\\system32\\netsh.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Hama\\Hama Digital Software Suite\\Media Card Companion\\MCC Monitor.exe"= "c:\\WINDOWS\\system32\\igfxtray.exe"= "c:\\lotus\\smartctr\\suitest.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\CyberLink\\YouCam\\YouCamTray.exe"= "c:\\lotus\\wordpro\\ltsstart.exe"= "c:\\Program Files\\HP\\hpcoretech\\hpcmpmgr.exe"= "c:\\Program Files\\Fichiers communs\\Apple\\Mobile Device Support\\bin\\SyncServer.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\WINDOWS\\system32\\scrnsave.scr"= "c:\\Program Files\\Elaborate Bytes\\VirtualCloneDrive\\VCDDaemon.exe"= "c:\\Program Files\\CyberLink\\YouCam\\MUITransfer\\MUIStartMenu.exe"= "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\hpztsb10.exe"= "c:\\WINDOWS\\system32\\hkcmd.exe"= "c:\\Program Files\\Movie Maker\\moviemk.exe"= "c:\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\winhuyil.exe"= R0 AVGIDSErHrxpx;AVG9IDSErHr;c:\windows\system32\drivers\AVGIDSxx.sys [19/03/2010 12:58 25608] R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [19/03/2010 12:58 161800] R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [19/03/2010 18:59 28552] R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20/03/2010 17:33 691696] R0 tffsport;M-Systems DiskOnChip 2000;c:\windows\system32\drivers\tffsport.sys [06/02/2010 18:21 149376] R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [19/03/2010 12:58 333192] R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [19/03/2010 12:58 360584] S2 AVGIDSAgent;AVG9IDSAgent;"c:\program files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe" AVGIDSAgent --> c:\program files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [?] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?] S3 PAC207;PC Camera;c:\windows\system32\drivers\PFC027.SYS [25/10/2007 18:31 616064] --- Autres Services/Pilotes en mémoire --- *NewlyCreated* - ABP470N5 [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] 2008-08-28 14:35 124928 ----a-w- c:\windows\system32\advpack.dll [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5R031VK4-131F-5R31-O2K6-437T170R7688}] 2010-03-19 08:00 287232 --sh--r- c:\windows\FFDS\explorer.exe . Contenu du dossier 'Tâches planifiées' 2010-01-31 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job - c:\program files\Ask.com\UpdateTask.exe [2009-10-27 12:48] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2102473 mStart Page = hxxp://www.google.com/ uInternet Settings,ProxyOverride = *.local ucustomizesearch = hxxp://www.google.com/ie usearchassistant = hxxp://www.google.com/ie IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\mteietq8.default\ FF - prefs.js: browser.search.selectedEngine - Ask.com FF - prefs.js: browser.startup.homepage - hxxp://google.com FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=CLM&o=15427&locale=fr_US&q= FF - plugin: c:\documents and settings\Administrateur\Application Data\Facebook\npfbplugin_1_0_1.dll . . ------- Associations de fichier ------- . . - - - - ORPHELINS SUPPRIMES - - - - AddRemove-HijackThis - c:\documents and settings\Administrateur\Mes documents\Téléchargements\HijackThis.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-03-27 23:13 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... c:\program files\Internet Explorer\iexplore.exe [1644] 0x81F7EDA0 Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spyf.sys >>UNKNOWN [0x82DCB938]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\Disk -> CLASSPNP.SYS @ 0xf865ff28 \Driver\ACPI -> ACPI.sys @ 0xf83e6cb8 \Driver\atapi -> atapi.sys @ 0xf835db40 IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x80579022 ParseProcedure -> ntkrnlpa.exe @ 0x80577c84 \Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x80579022 ParseProcedure -> ntkrnlpa.exe @ 0x80577c84 NDIS: Intel® PRO/100 VE Network Connection -> SendCompleteHandler -> NDIS.sys @ 0xf8240bb0 PacketIndicateHandler -> NDIS.sys @ 0xf822fa0d SendHandler -> NDIS.sys @ 0xf8243b40 user & kernel MBR OK ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) "scansk"=hex(0):42,bd,fb,3a,63,f6,e9,4b,71,f0,c9,3e,67,c5,99,7d,6d,ad,d8,8d,7b, 77,f6,3b,60,39,99,de,16,94,91,1e,6d,fe,e1,c7,7b,59,10,73,00,00,00,00,00,00,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{c57df69a-8b20-48ae-bab5-5aad5cdc8f03}] @Denied: (Full) (Everyone) "Model"=dword:00000052 "Therad"=dword:00000007 . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(1476) c:\windows\system32\SETUPAPI.dll c:\windows\system32\COMRes.dll c:\windows\system32\cscui.dll - - - - - - - > 'lsass.exe'(1756) c:\windows\system32\scecli.dll c:\windows\system32\SETUPAPI.dll - - - - - - - > 'explorer.exe'(8212) c:\windows\system32\SHDOCVW.dll c:\windows\system32\COMRes.dll c:\windows\System32\cscui.dll c:\windows\system32\msi.dll c:\windows\system32\SETUPAPI.dll c:\windows\system32\NETSHELL.dll c:\windows\system32\credui.dll c:\windows\system32\MSVCP60.dll c:\windows\system32\eappprxy.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\windows\system32\wscntfy.exe c:\docume~1\ADMINI~1\LOCALS~1\Temp\winhuyil.exe c:\windows\system32\scrnsave.scr . ************************************************************************** . Heure de fin: 2010-03-27 23:21:40 - La machine a redémarré ComboFix-quarantined-files.txt 2010-03-27 22:21 Avant-CF: 71 893 352 448 octets libres Après-CF: 71 873 892 352 octets libres - - End Of File - - 645F0886BEDC6BB507AC0DF7D10C9059

D'accord =)

Au fait , j'ai deux ordi qui ont le même problème , je commence par réparer celui ci puis j'ouvrirai un autre sujet pour l'autre =) Rapport 1 =) : Logfile of random's system information tool 1.06 (written by random/random) Run by Administrateur at 2010-03-27 22:01:57 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 68 GB (59%) free of 114 GB Total RAM: 503 MB (17% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:01:58, on 27/03/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.20861) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\FFDS\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe C:\WINDOWS\PixArt\PAC7302\Monitor.exe C:\WINDOWS\PixArt\PAC207\Monitor.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Hama\Hama Digital Software Suite\Media Card Companion\MCC Monitor.exe C:\Program Files\LimeWire\LimeWire.exe C:\lotus\wordpro\ltsstart.exe C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\iPod\bin\iPodService.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\kylte.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Notepad++\notepad++.exe C:\Program Files\Notepad++\notepad++.exe C:\Program Files\Notepad++\notepad++.exe C:\Program Files\Notepad++\notepad++.exe C:\Documents and Settings\Administrateur\Bureau\RSIT.exe C:\Program Files\HijackThis\HiJackThis\Administrateur.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2102473 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll R3 - URLSearchHook: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll R3 - URLSearchHook: Online Sharing Toolbar - {8567a644-e36c-470c-86cf-9c5b4f37db81} - C:\Program Files\Online_Sharing\tbOnli.dll R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Online Sharing Toolbar - {8567a644-e36c-470c-86cf-9c5b4f37db81} - C:\Program Files\Online_Sharing\tbOnli.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O3 - Toolbar: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll O3 - Toolbar: Online Sharing Toolbar - {8567a644-e36c-470c-86cf-9c5b4f37db81} - C:\Program Files\Online_Sharing\tbOnli.dll O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QT Lite\QTTask.exe" -atboottime O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe O4 - HKLM\..\Run: [PAC207_Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0" O4 - HKLM\..\Run: [YouCam Mirror Tray icon] "C:\Program Files\CyberLink\YouCam\YouCamTray.exe" /s O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [HKLM] C:\WINDOWS\FFDS\explorer.exe O4 - HKCU\..\Run: [WinMover] "C:\Program Files\WinMover\WinMover.exe" /q O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WebcamMaxAutoRun] "C:\Program Files\WebcamMax\WebcamMax.exe" -a O4 - HKCU\..\Run: [HKCU] C:\WINDOWS\FFDS\explorer.exe O4 - HKLM\..\Policies\Explorer\Run: [Policies] C:\WINDOWS\FFDS\explorer.exe O4 - HKCU\..\Policies\Explorer\Run: [Policies] C:\WINDOWS\FFDS\explorer.exe O4 - HKUS\S-1-5-20\..\RunOnce: [JkDefrag] rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [sweetRegistry] rundll32 advpack.dll,LaunchINFSection SweetReg.inf,PerUserStub (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\RunOnce: [JkDefrag] rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [JkDefrag] rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N (User 'Default user') O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe O4 - Startup: Lotus QuickStart.lnk = C:\lotus\wordpro\ltsstart.exe O4 - Startup: Lotus SuiteStart 97.lnk = C:\lotus\smartctr\suitest.exe O4 - Global Startup: Monitor.lnk = C:\Program Files\Hama\Hama Digital Software Suite\Media Card Companion\MCC Monitor.exe O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG9IDSAgent (AVGIDSAgent) - Unknown owner - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe (file missing) O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) -- End of file - 9331 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-12 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1c491116-c175-45e1-a570-6fb14fea8b7b}] PHPNukeFR Toolbar - C:\Program Files\PHPNukeFR\tbPHPN.dll [2009-12-31 2349080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8567a644-e36c-470c-86cf-9c5b4f37db81}] Online Sharing Toolbar - C:\Program Files\Online_Sharing\tbOnli.dll [2009-12-31 2349080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}] Vuze Remote Toolbar - C:\Program Files\Vuze_Remote\tbVuze.dll [2010-03-17 2355224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-10-27 1196936] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}] FlashFXP Helper for Internet Explorer - C:\PROGRA~1\FlashFXP\IEFlash.dll [2007-05-16 191096] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-10-27 1196936] {1c491116-c175-45e1-a570-6fb14fea8b7b} - PHPNukeFR Toolbar - C:\Program Files\PHPNukeFR\tbPHPN.dll [2009-12-31 2349080] {8567a644-e36c-470c-86cf-9c5b4f37db81} - Online Sharing Toolbar - C:\Program Files\Online_Sharing\tbOnli.dll [2009-12-31 2349080] {ba14329e-9550-4989-b3f2-9732e92d17cc} - Vuze Remote Toolbar - C:\Program Files\Vuze_Remote\tbVuze.dll [2010-03-17 2355224] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2006-02-07 163840] "igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2006-02-07 151552] "igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2006-02-07 118784] "VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2008-06-29 52168] "HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664] "HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [2004-03-04 172032] "HP Software Update"=C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe [2004-02-18 49152] "QuickTime Task"=C:\Program Files\QT Lite\QTTask.exe [2009-11-10 417792] "PAC7302_Monitor"=C:\WINDOWS\PixArt\PAC7302\Monitor.exe [2006-11-03 397312] "PAC207_Monitor"=C:\WINDOWS\PixArt\PAC207\Monitor.exe [2006-11-03 319488] "Monitor"=C:\WINDOWS\PixArt\PAC207\Monitor.exe [2006-11-03 319488] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] "UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-19 296232] "YouCam Mirror Tray icon"=C:\Program Files\CyberLink\YouCam\YouCamTray.exe [2009-06-11 232544] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-02-15 141608] "AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2010-02-17 255296] "HKLM"=C:\WINDOWS\FFDS\explorer.exe [2010-03-19 287232] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "Policies"=C:\WINDOWS\FFDS\explorer.exe [2010-03-19 287232] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "WinMover"=C:\Program Files\WinMover\WinMover.exe [2005-12-02 10240] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-09-27 209408] "WebcamMaxAutoRun"=C:\Program Files\WebcamMax\WebcamMax.exe [2009-12-30 5946000] "HKCU"=C:\WINDOWS\FFDS\explorer.exe [2010-03-19 287232] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "Policies"=C:\WINDOWS\FFDS\explorer.exe [2010-03-19 287232] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Monitor.lnk - C:\Program Files\Hama\Hama Digital Software Suite\Media Card Companion\MCC Monitor.exe C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe Lotus QuickStart.lnk - C:\lotus\wordpro\ltsstart.exe Lotus SuiteStart 97.lnk - C:\lotus\smartctr\suitest.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter] C:\WINDOWS\system32\avgrsstx.dll [2010-03-19 12464] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2006-02-07 139264] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 200064] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{FBF23B40-E3F0-101B-8488-00AA003E56F8}"=C:\WINDOWS\system32\ieframe.dll [2008-09-27 7634944] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableRegistryTools"=1 "DisableTaskMgr"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=1 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableLUA"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "ForceClassicControlPanel"=1 "NoDesktopCleanupWizard"=1 "NoInstrumentation"=1 "NoResolveSearch"=1 "NoResolveTrack"=1 "NoSMBalloonTip"=1 "NoSMConfigurePrograms"=1 "NoSMHelp"=1 "NoStartMenuMFUprogramsList"=1 "NoStrCmpLogical"=0 "NoWelcomeScreen"=1 "NoDrives"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "HideRunAsVerb"= "NoActiveDesktop"= "NoDriveTypeAutoRun"= "NoInstrumentation"= "NoResolveTrack"= "NoSetActiveDesktop"= "NoStartMenuMFUprogramsList"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:ipsec" "C:\Program Files\Flyff\Flyff.exe"="C:\Program Files\Flyff\Flyff.exe:*:Enabled:ipsec" "C:\Program Files\iTunes\iTunesHelper.exe"="C:\Program Files\iTunes\iTunesHelper.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winqatl.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winqatl.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\windwrgo.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\windwrgo.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\conk.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\conk.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ydyab.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ydyab.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ratfeu.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ratfeu.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\vspjx.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\vspjx.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winmeuk.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winmeuk.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winmepxbb.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winmepxbb.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winvqldnq.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winvqldnq.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\lpsp.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\lpsp.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winadqt.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winadqt.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ipyo.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ipyo.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\windsedc.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\windsedc.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\slfd.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\slfd.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\btrqek.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\btrqek.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winplca.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winplca.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winvxqv.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winvxqv.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winuclbm.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winuclbm.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winsdmbow.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winsdmbow.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\qlly.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\qlly.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winxhfyl.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winxhfyl.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mqux.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mqux.exe:*:Enabled:ipsec" "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:ipsec" "C:\Program Files\HP\hpcoretech\soln\HPOSM.exe"="C:\Program Files\HP\hpcoretech\soln\HPOSM.exe:*:Enabled:ipsec" "C:\WINDOWS\Explorer.EXE"="C:\WINDOWS\Explorer.EXE:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wingxgy.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wingxgy.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winbqmvm.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winbqmvm.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winkrlc.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winkrlc.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\kwwvck.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\kwwvck.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlflwn.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winlflwn.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winxfvwh.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winxfvwh.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\fpoq.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\fpoq.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winmgqj.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winmgqj.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winwdhav.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winwdhav.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\krdbb.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\krdbb.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winaabryt.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winaabryt.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\utcu.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\utcu.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winqggmh.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winqggmh.exe:*:Enabled:ipsec" "C:\Program Files\McAfee Security Scan\1.0.150\McUICnt.exe"="C:\Program Files\McAfee Security Scan\1.0.150\McUICnt.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winjxdsdh.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winjxdsdh.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ryhd.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ryhd.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wineckshb.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wineckshb.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wincvtb.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wincvtb.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\dgvfyv.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\dgvfyv.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mkyn.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mkyn.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wingacd.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wingacd.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pidwiu.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pidwiu.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\windeiklo.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\windeiklo.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\padn.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\padn.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winuywyco.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winuywyco.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winukyvtv.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winukyvtv.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gyptoh.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gyptoh.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winvubpe.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winvubpe.exe:*:Enabled:ipsec" "C:\WINDOWS\PixArt\PAC7302\Monitor.exe"="C:\WINDOWS\PixArt\PAC7302\Monitor.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winmcknar.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winmcknar.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winjryfoe.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winjryfoe.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wingjxyrr.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wingjxyrr.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winrojn.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winrojn.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\lssmf.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\lssmf.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winkpxu.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winkpxu.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pnvs.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pnvs.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\windsle.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\windsle.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wkkdy.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wkkdy.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\doysj.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\doysj.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ibric.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ibric.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ttpuo.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ttpuo.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winfjaf.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winfjaf.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nyhshk.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nyhshk.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winbctr.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winbctr.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\dnolt.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\dnolt.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winbthbat.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winbthbat.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\uctvx.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\uctvx.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nxicx.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nxicx.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winullwl.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winullwl.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wccx.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wccx.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\avqglv.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\avqglv.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winkbgpjg.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winkbgpjg.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winsrdsih.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winsrdsih.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winhgufbm.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winhgufbm.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winmxhsj.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winmxhsj.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winfevup.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winfevup.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cdcxs.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cdcxs.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winjxqp.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winjxqp.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\kxmwky.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\kxmwky.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winhijaw.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winhijaw.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nhugsh.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nhugsh.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gayumx.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gayumx.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\glcsb.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\glcsb.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wintpqvqx.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wintpqvqx.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\omubkd.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\omubkd.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winiypvh.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winiypvh.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winmycvk.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winmycvk.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winfyphx.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winfyphx.exe:*:Enabled:ipsec" "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wingonqol.exe"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wingonqol.exe:*:Enabled:ipsec" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2c714161-1106-11df-a888-0016d4bf6d27}] shell\AutopLaY\command - E:\qbwiix.pif shell\AutoRun\command - E:\qbwiix.pif shell\explore\command - E:\qbwiix.pif shell\Open\command - E:\qbwiix.pif [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{511b0e66-23de-11df-a8aa-0016d4bf6d27}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL antihost.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7362bfee-0a6d-11df-a879-0016d4bf6d27}] shell\Autoplay\command - D:\vtcwd.pif shell\AutoRun\command - D:\vtcwd.pif shell\ExplORE\command - D:\vtcwd.pif shell\Open\command - D:\vtcwd.pif [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8603fe32-93b3-11de-a860-0016d4bf6d27}] shell\??\command - taipingtianguov1.1.exe shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL taipingtianguov1.1.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8ca07290-9b5e-11de-a865-0016d4bf6d27}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL bouha_diable.vbs [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9b387b82-1240-11df-a88b-0016d4bf6d27}] shell\AutopLaY\command - D:\qbwiix.pif shell\AutoRun\command - D:\qbwiix.pif shell\explore\command - D:\qbwiix.pif shell\Open\command - D:\qbwiix.pif [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a9d68339-92f1-11de-a85d-0016d4bf6d27}] shell\AutoRun\command - F:\photos.exe shell\explore\command - F:\photos.exe shell\open\command - F:\photos.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bbed0a2c-9055-11de-bfa1-806d6172696f}] shell\AutoRun\command - D:\LGInstaller.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dcca1924-14da-11df-a892-0016d4bf6d27}] shell\auToPlaY\command - D:\nctwv.exe shell\AutoRun\command - D:\nctwv.exe shell\ExploRE\command - D:\nctwv.exe shell\OpeN\command - D:\nctwv.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e23245e4-38c5-11df-add5-0016d4bf6d27}] shell\autoPlay\command - D:\epskp.pif shell\AutoRun\command - D:\epskp.pif shell\eXpLore\command - D:\epskp.pif shell\oPeN\command - D:\epskp.pif [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ea90d756-09b2-11df-a878-0016d4bf6d27}] shell\AutoRun\command - fbak.exe shell\open\command - fbak.exe ======List of files/folders created in the last 1 months====== 2010-03-27 22:00:55 ----D---- C:\rsit 2010-03-27 16:14:35 ----D---- C:\Program Files\HijackThis 2010-03-27 14:18:40 ----A---- C:\WINDOWS\system32\XAudio2_6.dll 2010-03-27 14:18:40 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll 2010-03-27 14:18:40 ----A---- C:\WINDOWS\system32\xactengine3_6.dll 2010-03-27 14:18:39 ----A---- C:\WINDOWS\system32\XAudio2_5.dll 2010-03-27 14:18:39 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll 2010-03-27 14:18:38 ----A---- C:\WINDOWS\system32\xactengine3_5.dll 2010-03-27 14:18:37 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll 2010-03-27 14:18:36 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll 2010-03-27 14:18:35 ----A---- C:\WINDOWS\system32\d3dx11_42.dll 2010-03-27 14:18:35 ----A---- C:\WINDOWS\system32\d3dx10_42.dll 2010-03-27 14:18:34 ----A---- C:\WINDOWS\system32\D3DX9_42.dll 2010-03-27 14:18:33 ----A---- C:\WINDOWS\system32\D3DX9_41.dll 2010-03-27 14:18:33 ----A---- C:\WINDOWS\system32\d3dx10_41.dll 2010-03-27 14:18:33 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll 2010-03-27 14:18:31 ----A---- C:\WINDOWS\system32\XAudio2_4.dll 2010-03-27 14:18:31 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll 2010-03-27 14:18:30 ----A---- C:\WINDOWS\system32\xactengine3_4.dll 2010-03-27 14:18:30 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll 2010-03-27 14:16:34 ----D---- C:\WINDOWS\Logs 2010-03-27 12:30:38 ----D---- C:\files system 2010-03-26 02:12:45 ----D---- C:\Program Files\Vuze_Remote 2010-03-23 22:00:44 ----A---- C:\WINDOWS\regedit.com 2010-03-20 17:30:58 ----D---- C:\Documents and Settings\Administrateur\Application Data\DAEMON Tools Lite 2010-03-20 17:30:51 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite 2010-03-19 19:47:06 ----D---- C:\Program Files\Total Uninstall 5 2010-03-19 19:46:52 ----D---- C:\Documents and Settings\All Users\Application Data\Martau 2010-03-19 19:05:02 ----HD---- C:\WINDOWS\system32\GroupPolicy 2010-03-19 18:58:20 ----D---- C:\Program Files\Panda Security 2010-03-19 18:47:42 ----D---- C:\Documents and Settings\All Users\Application Data\Google 2010-03-19 13:01:12 ----HD---- C:\$AVG 2010-03-19 13:00:09 ----A---- C:\WINDOWS\system32\avgrsstx.dll 2010-03-19 12:57:44 ----D---- C:\Documents and Settings\All Users\Application Data\avg9 2010-03-19 12:11:01 ----D---- C:\Program Files\Google 2010-03-19 10:16:07 ----D---- C:\Documents and Settings\All Users\Application Data\ZA_PreservedFiles 2010-03-19 10:08:10 ----D---- C:\Program Files\CCleaner 2010-03-19 09:43:35 ----D---- C:\Program Files\CheckPoint 2010-03-18 11:17:50 ----D---- C:\Documents and Settings\Administrateur\Application Data\DMCache 2010-03-16 13:48:46 ----D---- C:\Program Files\iPod 2010-03-16 13:48:28 ----D---- C:\Program Files\iTunes 2010-03-16 13:31:16 ----D---- C:\Program Files\Safari 2010-03-05 09:50:14 ----D---- C:\Program Files\LimeWire 2010-03-04 19:58:39 ----D---- C:\Program Files\Online_Sharing 2010-03-04 19:58:29 ----D---- C:\Program Files\LimeWire Acceleration Patch 2010-03-04 19:46:47 ----D---- C:\Documents and Settings\Administrateur\Application Data\LimeWire ======List of files/folders modified in the last 1 months====== 2010-03-27 19:15:11 ----D---- C:\Program Files\Mozilla Firefox 2010-03-27 19:13:24 ----D---- C:\WINDOWS\system32\drivers 2010-03-27 18:51:55 ----D---- C:\WINDOWS 2010-03-27 16:15:01 ----RD---- C:\Program Files 2010-03-27 15:44:47 ----D---- C:\WINDOWS\Temp 2010-03-27 14:18:58 ----D---- C:\WINDOWS\system32\CatRoot 2010-03-27 14:18:41 ----D---- C:\WINDOWS\system32\DirectX 2010-03-27 14:18:40 ----HD---- C:\WINDOWS\inf 2010-03-27 14:18:40 ----D---- C:\WINDOWS\system32 2010-03-27 14:16:56 ----D---- C:\WINDOWS\system32\CatRoot2 2010-03-27 13:05:04 ----D---- C:\Documents and Settings\Administrateur\Application Data\vlc 2010-03-26 19:39:19 ----D---- C:\Documents and Settings\Administrateur\Application Data\dvdcss 2010-03-26 19:21:41 ----A---- C:\WINDOWS\NeroDigital.ini 2010-03-26 12:06:29 ----D---- C:\WINDOWS\Album 2010-03-24 23:20:38 ----D---- C:\Program Files\Flyff 2010-03-23 21:57:13 ----SHD---- C:\System Volume Information 2010-03-23 21:57:13 ----D---- C:\WINDOWS\system32\Restore 2010-03-22 22:56:33 ----D---- C:\WINDOWS\Minidump 2010-03-19 19:54:48 ----SHD---- C:\WINDOWS\Installer 2010-03-19 19:07:09 ----SD---- C:\Documents and Settings\Administrateur\Application Data\Microsoft 2010-03-19 18:47:42 ----SD---- C:\WINDOWS\Tasks 2010-03-19 13:18:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-03-19 12:57:42 ----D---- C:\WINDOWS\WinSxS 2010-03-19 12:36:24 ----DC---- C:\WINDOWS\system32\DRVSTORE 2010-03-17 14:37:44 ----D---- C:\Program Files\KaraFun 2010-03-16 13:48:45 ----D---- C:\Program Files\Fichiers communs\Apple 2010-03-16 13:44:46 ----D---- C:\Documents and Settings\Administrateur\Application Data\Apple Computer 2010-03-09 19:14:06 ----D---- C:\Program Files\Common Files 2010-03-09 11:00:18 ----D---- C:\WINDOWS\SoftwareDistribution 2010-03-05 11:36:07 ----D---- C:\Program Files\CyberLink 2010-03-05 11:32:48 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink 2010-03-05 11:31:48 ----HD---- C:\Program Files\InstallShield Installation Information 2010-03-05 11:31:21 ----RSD---- C:\WINDOWS\Fonts 2010-03-05 11:29:22 ----D---- C:\Documents and Settings\All Users\Application Data\Temp ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-03-19 333192] R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-03-19 28424] R1 AvgTdiX;AVG Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-03-19 360584] R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2008-07-21 24392] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-09-27 14720] R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-09-27 8832] R2 rspndr;Répondeur de découverte de topologie de la couche de liaison; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2008-05-29 62848] R3 abp470n5;abp470n5; \??\C:\WINDOWS\system32\drivers\qtpqnl.sys [] R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-09-27 13952] R3 E100B;Intel® PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2007-11-16 165496] R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2005-09-19 9344] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-02-07 1399615] R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-20 21248] R3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2008-09-27 6912] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-24 30336] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-09-27 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-09-27 20608] R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2008-07-17 28672] R3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\vinyl97.sys [2007-09-20 207488] R3 w29n51;Pilote de carte de connexion réseau Intel® PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2008-01-07 2216064] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-09-27 17024] S3 eabfiltr;eabfiltr; C:\WINDOWS\system32\DRIVERS\eabfiltr.sys [2005-09-19 7808] S3 eabusb;eabusb; C:\WINDOWS\system32\DRIVERS\eabusb.sys [2005-09-19 5760] S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-09-27 10368] S3 mbr;mbr; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mbr.sys [] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-09-27 12288] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-09-27 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-09-27 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-09-27 10880] S3 PAC207;PC Camera; C:\WINDOWS\system32\DRIVERS\PFC027.SYS [2007-10-25 616064] S3 PAC7302;Eye 312; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2007-06-14 457856] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-09-27 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-09-27 15232] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-09-27 60032] S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-09-27 32128] S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968] S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-09-27 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-09-27 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-09-27 26368] S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-09-27 121984] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-09-13 38528] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-09-27 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-09-13 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73600] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-02-15 545576] S2 AVGIDSAgent;AVG9IDSAgent; C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe AVGIDSAgent [] S2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 139264] S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2010-02-24 3411964] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S4 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S4 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2008-09-13 918016] -----------------EOF----------------- 2éme rapport : =) info.txt logfile of random's system information tool 1.06 2010-03-27 22:01:07 ======Uninstall list====== -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001} Adobe Shockwave Player-->MsiExec.exe /X{54E4B63C-D252-454C-BE4F-468F102B331C} Alabama Smith - Escape from Pompeii Cracked by Cryptic-->"C:\Program Files\Alabama Smith - Escape from Pompeii\unins000.exe" Apple Application Support-->MsiExec.exe /I{E1B2DF7C-A176-4A1D-9D32-3CEC5037A524} Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE} Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B} CCleaner-->"C:\Program Files\CCleaner\uninst.exe" ClearType Tuning-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,ClearTypeCPL.Uninstall Combined Community Codec Pack 2008-09-21 16:18-->"C:\Program Files\Combined Community Codec Pack\unins000.exe" Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007-->MsiExec.exe /X{90120000-00B2-040C-0000-0000000FF1CE} CPU-Z-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,CPUZ.Uninstall CurrPorts-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,CurrPorts.Uninstall CyberLink PowerProducer-->"C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" /z-uninstall CyberLink PowerProducer-->"C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" /z-uninstall CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall DAMN NFO Viewer Setup-->MsiExec.exe /I{D5DE2E28-2BA1-4CF8-A4C5-D3D2AE0A9E38} Eye 312-->"C:\Program Files\InstallShield Installation Information\{6EA3A8A6-4B6B-4288-B8FB-3EB11A403ED3}\setup.exe" -runfromtemp -l0x040c -removeonly FaceGen Modeller 3.1-->MsiExec.exe /I{332B1B33-D0EE-4A0A-AB2F-12BF56BCE1C3} FlashFXP v3-->"C:\Program Files\FlashFXP\Uninstall.exe" "C:\Program Files\FlashFXP\install.log" -u GoRC-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,GoRC.Uninstall GPU-Z-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,GPUZ.Uninstall Hama Digital Software Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E3898C20-7186-499F-8CCC-A57C3F13B13C}\Setup.exe" -l0x40c HD Tune-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,HDTune.Uninstall HijackThis 2.0.2-->"C:\Documents and Settings\Administrateur\Mes documents\Téléchargements\HijackThis.exe" /uninstall HP Deskjet 3840-->msiexec /x{B1591C79-1C35-4E09-AA15-F7D6923AFB96} HP Software Update-->MsiExec.exe /X{B81023A5-71ED-46EB-BE3B-9F974D1155F1} HWMonitor-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,HWMonitor.Uninstall ImgBurn-->"C:\Program Files\ImgBurn\uninstall.exe" Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31} Intel® Graphics Media Accelerator Driver for Mobile-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2792 PCI\VEN_8086&DEV_2592 iTunes-->MsiExec.exe /I{81063354-9060-42B2-A000-1EBE96778AA9} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} JkDefrag-->rundll32.exe advpack.dll,LaunchINFSection JKDEFRAG.INF,JkDefrag.Uninstall KaraFun Studio 1.10a-->"C:\Program Files\KaraFun\unins000.exe" L&H TTS3000 Français-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\LHTTSFRF.inf, Uninstall LG MC USB Modem driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6059C682-4C5F-4106-8487-943E98225D3B}\setup.exe" -l0x40c -removeonly LG USB Modem Drivers-->MsiExec.exe /I{FA02ACAC-9E14-4878-A257-92A22A647C2C} LimeWire PRO 5.4.8-->"C:\Program Files\LimeWire\uninstall.exe" Lotus SmartSuite 97-->C:\WINDOWS\lunin10.exe /T SmartSuite /V 97.0 /I "c:\lotus\suit.inf" /C "c:\lotus\cinstall.ini" /O /L FR Mega Bloc Notes 5.2.0-->C:\Program Files\Mega Bloc Notes\desinstall.exe MemTest-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,MemTest.Uninstall Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft DirectX Control Panel 9.0c-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,DirectXCPL.Uninstall Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Enterprise 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office Groove MUI (French) 2007-->MsiExec.exe /X{90120000-00BA-040C-0000-0000000FF1CE} Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE} Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE} Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} MiroViewExpress-->"C:\WINDOWS\IFinst27.exe" -UC:\Program Files\MiroView Express\IFU40.inf MobileMe Control Panel-->MsiExec.exe /I{1E5E2F9A-17D3-45CA-8FF0-B0C2927D4B03} Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe Mozilla Firefox (3.5.-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} Nero 8 Lite 8.3.6.0-->"C:\Program Files\Nero\unins000.exe" Nero Info Tool-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,InfoTool.Uninstall Notepad++-->C:\Program Files\Notepad++\uninstall.exe Online_Sharing Toolbar-->C:\PROGRA~1\ONLINE~1\UNWISE.EXE /U C:\PROGRA~1\ONLINE~1\INSTALL.LOG Open Command Prompt Shell Extension-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,CmdOpen.Uninstall Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe PC Camera-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{C679F9B9-C65D-4C65-BD6C-BF90B859E281} /l1036 PhotoInstrument 2.0-->"C:\Program Files\PhotoInstrument\unins000.exe" PHPNukeFR Toolbar-->C:\PROGRA~1\PHPNUK~1\UNWISE.EXE /U C:\PROGRA~1\PHPNUK~1\INSTALL.LOG Pserv-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,Pserv.Uninstall PuTTY-->rundll32.exe advpack.dll,LaunchINFSection PuTTY.inf,PuTTY.Uninstall QT Lite 2.7.0-->"C:\Program Files\QT Lite\unins000.exe" QuickPar 0.9-->C:\Program Files\QuickPar\uninst.exe Quicksys RegDefrag-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,RegDefrag.Uninstall QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2} Real Alternative 1.8.4 Lite-->"C:\Program Files\Real Alternative\unins000.exe" RegScanner-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,RegScanner.Uninstall SABnzbd (remove only)-->"C:\Program Files\SABnzbd\uninstall.exe" SABnzbOpen v1.0-->"C:\Program Files\SABnzbOpen\unins000.exe" Safari-->MsiExec.exe /I{A67BB21E-D419-45BB-AB86-7D87D14BBCE2} Security Update for 2007 Microsoft Office System (KB951596)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1AFF2298-CC00-4A3B-866A-C62B8373794E} Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7} Security Update for Microsoft Office Excel 2007 (KB951546)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7399DD71-8E24-4E60-B6A8-6CED89C0AC26} Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4} Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77} Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85} Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00} Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F} Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9} Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Sysinternals Suite-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,Sysinternals.Uninstall Total Uninstall 5.5.1-->"C:\Program Files\Total Uninstall 5\unins000.exe" Tweak UI-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,TweakUI.Uninstall Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756} Update for Office 2007 (KB946691)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278} Update for Outlook 2007 Junk Email Filter (kb956080)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {96CC215F-3F22-4E1E-A101-F0041934A456} Utilitaires Gnu Unix-->rundll32.exe advpack.dll,LaunchINFSection KALUNIX.INF,Uninstall VirtualCloneDrive-->"C:\Program Files\Elaborate Bytes\VirtualCloneDrive\vcd-uninst.exe" /D="C:\Program Files\Elaborate Bytes\VirtualCloneDrive" Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27} Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT="" VLC media player 1.0.5-->C:\Program Files\VideoLAN\VLC\uninstall.exe Vuze_Remote Toolbar-->C:\PROGRA~1\VUZE_R~1\UNWISE.EXE /U C:\PROGRA~1\VUZE_R~1\INSTALL.LOG WebcamMax-->"C:\Program Files\WebcamMax\uninst.exe" WebMate-->"C:\Program Files\InstallShield Installation Information\{40B6D0B4-301A-4020-869F-2E3936E02299}\setup.exe" -runfromtemp -l0x040c -removeonly Windows Installer CleanUp-->rundll32.exe advpack.dll,LaunchINFSection SWTUTILS.INF,MSI.Uninstall Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956} Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1} Windows Live Safety Scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT WinMover 3.2.0.6-->"C:\Program Files\WinMover\unins000.exe" XnView 1.94-->"C:\Program Files\XnView\unins000.exe" XnView Shell Extension 2.4.0-->"C:\Program Files\XnView\ShellEx\unins000.exe" ======System event log====== Computer Name: SWEET-57CB51F8B Event Code: 6009 Message: Microsoft ® Windows ® 5.01. 2600 Service Pack 3 Uniprocessor Free. Record Number: 2743 Source Name: EventLog Time Written: 20100301195648.000000+060 Event Type: Informations User: Computer Name: SWEET-57CB51F8B Event Code: 6006 Message: Le service d'Enregistrement d'événement a été arrêté. Record Number: 2742 Source Name: EventLog Time Written: 20100228232200.000000+060 Event Type: Informations User: Computer Name: SWEET-57CB51F8B Event Code: 4201 Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{E74EE560-5424-42DB-8CAD-B54CACF6D473} était connectée au réseau, et a lancé une opération normale sur la carte réseau. Record Number: 2741 Source Name: Tcpip Time Written: 20100228231624.000000+060 Event Type: Informations User: Computer Name: SWEET-57CB51F8B Event Code: 1002 Message: Le bail de l'adresse IP 192.168.1.2 pour la carte réseau dont l'adresse réseau est 00166FC7FA4B a été refusé par le serveur DHCP 192.168.1.1 (celui-ci a envoyé un message DHCPNACK). Record Number: 2740 Source Name: Dhcp Time Written: 20100228231623.000000+060 Event Type: erreur User: Computer Name: SWEET-57CB51F8B Event Code: 1003 Message: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir du serveur DHCP) pour la carte réseau dont l'adresse réseau est 00166FC7FA4B. Il s'est produit l'erreur suivante : L'opération a été annulée par l'utilisateur. . Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du serveur d'adresse réseau (DHCP). Record Number: 2739 Source Name: Dhcp Time Written: 20100228231623.000000+060 Event Type: Avertissement User: =====Application event log===== Computer Name: SWEET-57CB51F8B Event Code: 1000 Message: Les compteurs de performances pour le service MSDTC (MSDTC) ont été chargés. Les données d'enregistrement contiennent les nouvelles valeurs d'index assignées à ce service. Record Number: 5 Source Name: LoadPerf Time Written: 20090824025414.000000+120 Event Type: Informations User: Computer Name: SWEET-57CB51F8B Event Code: 1000 Message: Les compteurs de performances pour le service TermService (Services Terminal Server) ont été chargés. Les données d'enregistrement contiennent les nouvelles valeurs d'index assignées à ce service. Record Number: 4 Source Name: LoadPerf Time Written: 20090824025410.000000+120 Event Type: Informations User: Computer Name: SWEET-57CB51F8B Event Code: 1000 Message: Les compteurs de performances pour le service RemoteAccess (Routage et accès distant) ont été chargés. Les données d'enregistrement contiennent les nouvelles valeurs d'index assignées à ce service. Record Number: 3 Source Name: LoadPerf Time Written: 20090824025227.000000+120 Event Type: Informations User: Computer Name: SWEET-57CB51F8B Event Code: 1000 Message: Les compteurs de performances pour le service PSched (PSched) ont été chargés. Les données d'enregistrement contiennent les nouvelles valeurs d'index assignées à ce service. Record Number: 2 Source Name: LoadPerf Time Written: 20090824025208.000000+120 Event Type: Informations User: Computer Name: SWEET-57CB51F8B Event Code: 1000 Message: Les compteurs de performances pour le service RSVP (QoS RSVP) ont été chargés. Les données d'enregistrement contiennent les nouvelles valeurs d'index assignées à ce service. Record Number: 1 Source Name: LoadPerf Time Written: 20090824025112.000000+120 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SystemRoot%\System32\GnuWin32;C:\Program Files\QT Lite\QTSystem\;C:\Program Files\CheckPoint\fde "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel "PROCESSOR_REVISION"=0d08 "NUMBER_OF_PROCESSORS"=1 "LANG"=EN "LANGUAGE"=EN "WGETRC"=C:\WINDOWS\system32\GnuWin32\etc\wgetrc "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip "tvdumpflags"=8 -----------------EOF-----------------

Bonjour, je voulais installer MSIMG.dll , mais dès que j'installe , une fentere me dit : DLLRegisterserver est intoruvable .... et de même pour la désinstallation des fichier .dll ! please help ! merci d'avance !

Bonsoir , j'ai un gros problème ! à chaque fois que je veux installer un fichier .reg , il y a le message : La modification du registre a été désactivé par votre administrateur , or je suis administrateur et j'ai jamais désactivé ceci ! et de même pour le gestionnaire des tâches ! s'il vous plait , aidez moi ! Merci d'avance !

voici mon rapport de HijackThis , pour la 1ere étape ! vous pouvez me dire si mon ordi est infecté ou pas ? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:21:23, on 27/03/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.20861) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\FFDS\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\PixArt\PAC7302\Monitor.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\PixArt\PAC207\Monitor.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\CyberLink\YouCam\YouCamTray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\WinMover\WinMover.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Hama\Hama Digital Software Suite\Media Card Companion\MCC Monitor.exe C:\Program Files\LimeWire\LimeWire.exe C:\lotus\wordpro\ltsstart.exe C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe C:\Program Files\iPod\bin\iPodService.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winiunrms.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\HijackThis\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2102473 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll R3 - URLSearchHook: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll R3 - URLSearchHook: Online Sharing Toolbar - {8567a644-e36c-470c-86cf-9c5b4f37db81} - C:\Program Files\Online_Sharing\tbOnli.dll R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Online Sharing Toolbar - {8567a644-e36c-470c-86cf-9c5b4f37db81} - C:\Program Files\Online_Sharing\tbOnli.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O3 - Toolbar: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll O3 - Toolbar: Online Sharing Toolbar - {8567a644-e36c-470c-86cf-9c5b4f37db81} - C:\Program Files\Online_Sharing\tbOnli.dll O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QT Lite\QTTask.exe" -atboottime O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe O4 - HKLM\..\Run: [PAC207_Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0" O4 - HKLM\..\Run: [YouCam Mirror Tray icon] "C:\Program Files\CyberLink\YouCam\YouCamTray.exe" /s O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [HKLM] C:\WINDOWS\FFDS\explorer.exe O4 - HKCU\..\Run: [WinMover] "C:\Program Files\WinMover\WinMover.exe" /q O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WebcamMaxAutoRun] "C:\Program Files\WebcamMax\WebcamMax.exe" -a O4 - HKCU\..\Run: [HKCU] C:\WINDOWS\FFDS\explorer.exe O4 - HKLM\..\Policies\Explorer\Run: [Policies] C:\WINDOWS\FFDS\explorer.exe O4 - HKCU\..\Policies\Explorer\Run: [Policies] C:\WINDOWS\FFDS\explorer.exe O4 - HKUS\S-1-5-20\..\RunOnce: [JkDefrag] rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [sweetRegistry] rundll32 advpack.dll,LaunchINFSection SweetReg.inf,PerUserStub (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\RunOnce: [JkDefrag] rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [JkDefrag] rundll32 advpack.dll,LaunchINFSection JKDEFRAG.INF,RunOnce,1,N (User 'Default user') O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe O4 - Startup: Lotus QuickStart.lnk = C:\lotus\wordpro\ltsstart.exe O4 - Startup: Lotus SuiteStart 97.lnk = C:\lotus\smartctr\suitest.exe O4 - Global Startup: Monitor.lnk = C:\Program Files\Hama\Hama Digital Software Suite\Media Card Companion\MCC Monitor.exe O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG9IDSAgent (AVGIDSAgent) - Unknown owner - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe (file missing) O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) -- End of file - 9301 bytes