PC / Internet trèèèèès lent !

[KS_Croc]

Bonjour,

depuis quelques temps, mon PC et Internet sont très lent...

J'ai effectué la pré-désinfection et voici mon rapport HijackThis:

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:24:54, on 19/06/2009

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18248)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

C:\Program Files\D-Link\D-Link Wireless G DWA-510\AirGCFG.exe

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

C:\Program Files\Logitech\QuickCam\Quickcam.exe

C:\tools\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\tools\Adobe\Acrobat 8.0\Acrobat\acrotray.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Windows\system32\SearchFilterHost.exe

C:\HijackThis\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\tools\Adobe\/Adobe Contribute CS3/contributeieplugin.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - (no file)

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\tools\Adobe\/Adobe Contribute CS3/contributeieplugin.dll

O3 - Toolbar: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWA-510] C:\Program Files\D-Link\D-Link Wireless G DWA-510\AirGCFG.exe

O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [HP Software Update] C:\tools\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\tools\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\tools\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [TrojanScanner] C:\tools\Trojan Remover\Trjscan.exe /boot

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [steam] "C:\games\Steam\Steam.exe" -silent

O4 - HKCU\..\Run: [AlcoholAutomount] "C:\tools\Alcohol 52\axcmd.exe" /automount

O4 - HKCU\..\Run: [GridinSoft Trojan Killer] "C:\tools\GridinSoft Trojan Killer\trojankiller.exe" 0

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\tools\Microsoft Office\OFFICE11\ONENOTEM.EXE

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O8 - Extra context menu item: Append to existing PDF - res://C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\tools\MICROS~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\tools\MICROS~1\OFFICE11\REFIEBAR.DLL

O13 - Gopher Prefix:

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe

O23 - Service: Service Google Update (gupdate1c9c2b31153e2b1) (gupdate1c9c2b31153e2b1) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe

O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: NMSAccessU - Unknown owner - C:\tools\CDBurnerXP\NMSAccessU.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\tools\Alcohol 52\StarWind\StarWindServiceAE.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

 

--

End of file - 9805 bytes

 

Pourriez-vous me donner un coup de main pour optimiser ma configuration afin de retrouver une vitesse correcte?

Merci d'avance!

[pear]

Bonsoir,

 

On ne voit pas d'infection dans ce rapport..

 

On va creuser un peu:

Téléchargez Random's system information tool (RSIT) par random/random et sauvegardez-le sur le Bureau.

 

Double-cliquez sur RSIT.exe afin de lancer RSIT.

* Cliquez Continue à l'écran Disclaimer.

* Si l'outil HIjackThis (version à jour) n'est pas présent ou détecté sur l'ordinateur, RSIT le télécharge et vous acceptez la licence.

* L'analyse terminée, deux fichiers texte s'ouvriront.:

Poster le contenu de log.txt (qui sera affiché)

ainsi que de info.txt (qui sera réduit dans la Barre des Tâches).

* Si ces deux rapports n'apparaissent pas, vous les trouverez dans le dossier C:\rsit

 

En attendant suivez ces pistes:

 

 

Vérifier les paramètres d'Internet ..

 

1) Dans Internet Explorer, clique sur Outils > Options Internet... puis, onglet "Sécurité".

2) Choisir la zone Internet puis, clique sur le bouton Niveau par défaut.

 

Si cela ne fonctionne pas, essayer ceci

 

1) Clic sur le bouton Personnaliser le niveau...

2) Cocher tous les boutons radio Activer ou Demander.

3) Valider puis, relancer Internet Explorer.

4) Accéder de nouveau à l'onglet "Sécurité".

5) Cocher le bouton radio Niveau par défaut...

6) Valider puis, relancer Internet Explorer.

 

Si IE est bloqué et que vous ayez Spybot:

 

Pour Windows XP il est possible de refaire un reset de Winsock

(dans le cas où un antivirus se charge dans les LSP il sera supprimé aussi),

cela se fait comme ceci :

Démarrer-Exécuter ->Cmd /k Netsh int ip reset resetlog.txt

Démarrer-Exécuter ->Cmd /k Netsh winsock reset catalog

 

Redémarrez l'ordinateur.

 

 

Eviter les lenteurs Internet.

Connexions Internet dificiles ou très lentes :

ipv6 et Firefox

Désactiver ipv6 et revenir à ipv4

http://www.commentcamarche.net/faq/sujet-7...exions-internet

 

Accélérer les accès réseaux :

Ceci empêche Windows de vérifier la présence de tâches planifiées et des imprimantes partagées avant toute connexion réseau.

Ouvrez : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\RemoteComputer\NameSpace.

Faites un clic bouton droit sur la sous-clé {D6277990-4C6A-11CF-8D87-00AA0060F5BF} puis choisissez "Supprimer".

Faites de même pour la sous-clé {2227A280-3AEA-1069-A2DE-08002B30309D}.

 

Vaccination Spybot

Si ,dans Spybot S&D vous avez vacciné, allez à l'onglet "vaccination"

cliquez sur "Vaccination" dans la colonne sur la gauche :

Cliquez sur annuler (la flèche bleue) pour annuler la vaccination.

 

Dns et Fichier Hosts

Si, comme souvent recommendé, vous avez optimisé votre fichier Hosts pour vous protéger de sites dangereux,

Il faut absolument désactiver le service Client DNS

Des sites peuvent être bloqués par unHosts modifié .

Pour savoir si le hosts est en cause:

 

. Installer un mini programme, HostsToggle: http://accs-net.com/hosts/HostsToggle/

Il permet d'activer ou de désactiver le hosts à volonté.

. Fermer les navigateurs.

. Utiliser HostsToggle pour désactiver le hosts ( un avertissement: "Hosts file disabled..." apparait).

. Relancer un navigateur et essayer d'accéder aux pages qui posent problèmes.

Si le fichier Hosts est bien en cause, supprimez le et installez en un autre.

 

 

Propriétés Tcp/Ip

Dans les propriétés de la "Connexion au réseau local",

dans les propriétés du protocole TCP/IP->Utiliser l'adresse de serveur DNS suivant

tapez les dns de votre FAI

Si vous ne les connaissez pas:

Démarrer->Exécuter->cmd /k ipconfig /all.

[KS_Croc]

Résultats Random's system information tool (RSIT):

 

LOG.TXT

Logfile of random's system information tool 1.06 (written by random/random)

Run by Nicolas at 2009-06-20 17:32:38

Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1

System drive C: has 488 GB (68%) free of 715 GB

Total RAM: 3327 MB (63% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:32:50, on 20/06/2009

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18248)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

C:\Program Files\D-Link\D-Link Wireless G DWA-510\AirGCFG.exe

C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

C:\Program Files\Logitech\QuickCam\Quickcam.exe

C:\tools\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\tools\Adobe\Acrobat 8.0\Acrobat\acrotray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\tools\Mozilla Firefox\firefox.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\explorer.exe

C:\Users\Nicolas\Desktop\RSIT.exe

C:\HijackThis\Nicolas.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\tools\Adobe\/Adobe Contribute CS3/contributeieplugin.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - (no file)

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\tools\Adobe\/Adobe Contribute CS3/contributeieplugin.dll

O3 - Toolbar: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWA-510] C:\Program Files\D-Link\D-Link Wireless G DWA-510\AirGCFG.exe

O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [HP Software Update] C:\tools\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\tools\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\tools\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [TrojanScanner] C:\tools\Trojan Remover\Trjscan.exe /boot

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [steam] "C:\games\Steam\Steam.exe" -silent

O4 - HKCU\..\Run: [AlcoholAutomount] "C:\tools\Alcohol 52\axcmd.exe" /automount

O4 - HKCU\..\Run: [GridinSoft Trojan Killer] "C:\tools\GridinSoft Trojan Killer\trojankiller.exe" 0

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\tools\Microsoft Office\OFFICE11\ONENOTEM.EXE

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O8 - Extra context menu item: Append to existing PDF - res://C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\tools\MICROS~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\tools\MICROS~1\OFFICE11\REFIEBAR.DLL

O13 - Gopher Prefix:

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe

O23 - Service: Service Google Update (gupdate1c9c2b31153e2b1) (gupdate1c9c2b31153e2b1) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe

O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: NMSAccessU - Unknown owner - C:\tools\CDBurnerXP\NMSAccessU.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\tools\Alcohol 52\StarWind\StarWindServiceAE.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

 

--

End of file - 9900 bytes

 

======Scheduled tasks folder======

 

C:\Windows\tasks\Google Software Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachine.job

C:\Windows\tasks\User_Feed_Synchronization-{3656D20E-68BD-42AC-AB4C-B7FA1BC63CB0}.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]

ContributeBHO Class - C:\tools\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-16 118784]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]

Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-03-04 320920]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-8287-79A187E26987}]

VMN Toolbar - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL [2007-09-24 1966080]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]

Adobe PDF Conversion Toolbar Helper - C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-04 34816]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{21FA44EF-376D-4D53-9B0F-8A89D3229068} - []

{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]

{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\tools\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-16 118784]

{A057A204-BACC-4D26-8287-79A187E26987} - VMN Toolbar - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL [2007-09-24 1966080]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-07-03 6266880]

"ANIWZCS2Service"=C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [2007-01-19 49152]

"D-Link D-Link Wireless G DWA-510"=C:\Program Files\D-Link\D-Link Wireless G DWA-510\AirGCFG.exe [2007-05-04 1662976]

"LogitechCommunicationsManager"=C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2008-08-14 565008]

"LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam\Quickcam.exe [2008-08-14 2407184]

"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2008-02-29 76304]

"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-29 61440]

"HP Software Update"=C:\tools\HP\HP Software Update\HPWuSchd2.exe [2008-03-25 49152]

"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

"Adobe Reader Speed Launcher"=C:\tools\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

"Acrobat Assistant 8.0"=C:\tools\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2007-05-10 624248]

"TrojanScanner"=C:\tools\Trojan Remover\Trjscan.exe [2009-06-01 1059720]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]

"Steam"=C:\games\Steam\Steam.exe [2009-06-10 1217784]

"AlcoholAutomount"=C:\tools\Alcohol 52\axcmd.exe [2009-04-02 203416]

"GridinSoft Trojan Killer"=C:\tools\GridinSoft Trojan Killer\trojankiller.exe 0 []

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Lancement rapide de Microsoft Office OneNote 2003.lnk - C:\tools\Microsoft Office\OFFICE11\ONENOTEM.EXE

Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2008-02-11 204800]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

======List of files/folders created in the last 1 months======

 

2009-06-20 17:32:38 ----D---- C:\rsit

2009-06-18 20:05:23 ----A---- C:\Windows\system32\ztvunrar36.dll

2009-06-18 20:05:23 ----A---- C:\Windows\system32\ztvunace26.dll

2009-06-18 20:05:23 ----A---- C:\Windows\system32\ztvcabinet.dll

2009-06-18 20:05:23 ----A---- C:\Windows\system32\unacev2.dll

2009-06-18 20:05:22 ----A---- C:\Windows\system32\UNRAR3.dll

2009-06-18 20:05:21 ----D---- C:\Users\Nicolas\AppData\Roaming\Simply Super Software

2009-06-18 20:05:21 ----D---- C:\ProgramData\Simply Super Software

2009-06-16 10:11:29 ----D---- C:\Users\Nicolas\AppData\Roaming\tor

2009-06-13 14:17:01 ----A---- C:\Windows\system32\EncDec.dll

2009-06-13 14:17:00 ----A---- C:\Windows\system32\psisdecd.dll

2009-06-10 08:01:40 ----A---- C:\Windows\system32\localspl.dll

2009-06-10 08:01:39 ----A---- C:\Windows\system32\rpcrt4.dll

2009-06-10 08:01:35 ----A---- C:\Windows\system32\mshtml.dll

2009-06-10 08:01:34 ----A---- C:\Windows\system32\wininet.dll

2009-06-10 08:01:34 ----A---- C:\Windows\system32\urlmon.dll

2009-06-10 08:01:34 ----A---- C:\Windows\system32\occache.dll

2009-06-10 08:01:34 ----A---- C:\Windows\system32\mstime.dll

2009-06-10 08:01:34 ----A---- C:\Windows\system32\msfeeds.dll

2009-06-10 08:01:34 ----A---- C:\Windows\system32\ieUnatt.exe

2009-06-10 08:01:34 ----A---- C:\Windows\system32\iertutil.dll

2009-06-10 08:01:34 ----A---- C:\Windows\system32\ieframe.dll

2009-06-10 08:01:34 ----A---- C:\Windows\system32\ieencode.dll

2009-06-10 08:01:34 ----A---- C:\Windows\system32\iedkcs32.dll

2009-06-10 08:01:34 ----A---- C:\Windows\system32\ieaksie.dll

2009-06-10 08:01:33 ----A---- C:\Windows\system32\jsproxy.dll

2009-06-09 10:48:55 ----D---- C:\Users\Nicolas\AppData\Roaming\Notepad++

2009-06-09 10:44:49 ----D---- C:\Program Files\CA VMN Anti-Spyware

2009-06-09 10:44:48 ----D---- C:\ProgramData\EmailNotifier

2009-06-09 10:44:48 ----D---- C:\Program Files\vmntoolbar

2009-06-09 10:38:54 ----D---- C:\Users\Nicolas\AppData\Roaming\FileZilla

2009-06-08 16:49:24 ----D---- C:\Users\Nicolas\AppData\Roaming\Canneverbe_Limited

2009-06-08 15:58:30 ----A---- C:\Windows\system32\devil.dll

2009-06-08 15:58:30 ----A---- C:\Windows\system32\avisynth.dll

2009-06-08 15:58:29 ----D---- C:\Program Files\AviSynth 2.5

2009-06-08 15:58:29 ----A---- C:\Windows\system32\i420vfw.dll

2009-06-08 15:58:29 ----A---- C:\Windows\system32\AVSredirect.dll

2009-06-08 15:58:21 ----RSH---- C:\Windows\system32\nbDX.dll

2009-06-08 15:58:21 ----RSH---- C:\Windows\system32\msfDX.dll

2009-06-08 15:58:21 ----RSH---- C:\Windows\system32\flvDX.dll

2009-05-30 16:16:06 ----D---- C:\Users\Nicolas\AppData\Roaming\Publish Providers

2009-05-30 16:16:06 ----D---- C:\Users\Nicolas\AppData\Roaming\NetMedia Providers

2009-05-30 16:06:17 ----D---- C:\Users\Nicolas\AppData\Roaming\Sony

 

======List of files/folders modified in the last 1 months======

 

2009-06-20 17:32:50 ----D---- C:\Windows\Prefetch

2009-06-20 17:32:50 ----D---- C:\HijackThis

2009-06-20 17:32:32 ----D---- C:\Windows\System32

2009-06-20 17:32:32 ----A---- C:\Windows\system32\PerfStringBackup.INI

2009-06-20 17:32:22 ----D---- C:\Windows\Temp

2009-06-20 17:29:34 ----D---- C:\Windows\Tasks

2009-06-20 17:29:32 ----D---- C:\ProgramData\Google Updater

2009-06-19 20:58:08 ----D---- C:\Users\Nicolas\AppData\Roaming\Winamp

2009-06-19 20:51:17 ----SHD---- C:\System Volume Information

2009-06-19 18:32:41 ----A---- C:\Windows\system32\PnkBstrB.exe

2009-06-19 18:09:11 ----D---- C:\Windows

2009-06-19 18:06:28 ----D---- C:\Users\Nicolas\AppData\Roaming\Macromedia

2009-06-19 18:06:21 ----D---- C:\Users\Nicolas\AppData\Roaming\WIPE

2009-06-18 20:16:01 ----AD---- C:\ProgramData\TEMP

2009-06-18 20:05:21 ----HD---- C:\ProgramData

2009-06-18 20:05:21 ----D---- C:\tools

2009-06-18 19:24:03 ----D---- C:\Windows\system32\drivers

2009-06-17 13:31:47 ----D---- C:\Program Files\Common Files\Steam

2009-06-15 19:27:47 ----RSD---- C:\Windows\Fonts

2009-06-15 14:27:27 ----SD---- C:\Users\Nicolas\AppData\Roaming\Microsoft

2009-06-13 21:23:30 ----D---- C:\Windows\winsxs

2009-06-13 21:23:30 ----D---- C:\Windows\ehome

2009-06-13 14:16:30 ----D---- C:\Windows\system32\catroot

2009-06-13 14:16:29 ----D---- C:\Windows\system32\catroot2

2009-06-12 10:06:09 ----A---- C:\Windows\system32\PnkBstrA.exe

2009-06-12 10:06:09 ----A---- C:\Windows\system32\pbsvc.exe

2009-06-10 20:01:29 ----D---- C:\Windows\Debug

2009-06-10 15:12:40 ----D---- C:\Program Files\Internet Explorer

2009-06-10 14:37:44 ----SHD---- C:\Windows\Installer

2009-06-10 14:37:44 ----HD---- C:\Config.Msi

2009-06-09 10:44:49 ----RD---- C:\Program Files

2009-06-08 18:00:45 ----D---- C:\ProgramData\Zoom Player

2009-06-01 18:51:12 ----A---- C:\Windows\system32\mrt.exe

2009-05-30 16:11:22 ----D---- C:\download

2009-05-29 16:34:25 ----D---- C:\Users\Nicolas\AppData\Roaming\Adobe

2009-05-25 20:45:31 ----D---- C:\Program Files\Wipe

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]

R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]

R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-02-13 28376]

R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-03-04 279712]

R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-03-24 55640]

R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-03-04 25888]

R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-01-14 4235776]

R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-07-03 2152088]

R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2008-02-29 35344]

R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2008-02-29 36880]

R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2008-07-26 25624]

R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2008-07-26 627864]

R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2008-07-26 41752]

R3 LVUVC;Logitech QuickCam S5500(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2008-07-26 4658584]

R3 RT61;D-Link Wireless Driver; C:\Windows\system32\DRIVERS\RT61.sys [2006-12-12 286208]

R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-04-07 118784]

R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-21 73088]

S2 BDVEDISK;BDVEDISK; \??\C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys []

S3 a9bj6oyn;a9bj6oyn; C:\Windows\system32\drivers\a9bj6oyn.sys []

S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 e1express;Pilote de la connexion réseau Intel® PRO/1000 PCI Express; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-21 220672]

S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys []

S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2008-02-29 20240]

S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\Windows\system32\DRIVERS\L8042mou.Sys [2008-02-29 63120]

S3 LMouKE;SetPoint Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouKE.Sys [2008-02-29 79120]

S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 Profos;Profos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys []

S3 StillCam;Pilote d'appareil photo numérique série; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]

S3 Trufos;Trufos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys []

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-04-01 108289]

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-03-02 185089]

R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2009-01-14 729088]

R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]

R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2008-01-21 21504]

R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2008-07-26 186904]

R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-07-26 150040]

R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]

R2 NMSAccessU;NMSAccessU; C:\tools\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]

R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]

R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-06-12 75064]

R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]

R2 StarWindServiceAE;StarWind AE Service; C:\tools\Alcohol 52\StarWind\StarWindServiceAE.exe [2007-05-28 275968]

R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-05-18 654848]

S2 gupdate1c9c2b31153e2b1;Service Google Update (gupdate1c9c2b31153e2b1); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-21 133104]

S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-21 183280]

S2 SQLWriter;Enregistreur VSS SQL Server; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]

S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-27 34312]

S3 getPlus® Helper;getPlus® Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-12-01 33752]

S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]

S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe [2008-05-02 121360]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-06-17 316664]

 

-----------------EOF-----------------

 

INFO.TXT

info.txt logfile of random's system information tool 1.06 2009-06-20 17:32:51

 

======Uninstall list======

 

-->MsiExec /X{27DC856A-0916-4988-8198-8714DDD3183D}

32 Bit HP CIO Components Installer-->MsiExec.exe /I{2614F54E-A828-49FA-93BA-45A3F756BFAA}

3DVIA player 4.1-->MsiExec.exe /X{4E868D3D-6EEB-4273-926C-2287236B5B79}

AceHTML 6 Pro-->"C:\tools\AceHTML 6 Pro\uninst-ace.exe"

ACID Xpress 7.0-->MsiExec.exe /X{1C4C5C53-D960-4E1C-96A6-F6B52EA43A45}

Add or Remove Adobe Creative Suite 3 Master Collection-->C:\Program Files\Common Files\Adobe\Installers\4dcfd9b7e901b57f81f667144603236\Setup.exe

Adobe After Effects CS3 Presets-->MsiExec.exe /I{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}

Adobe After Effects CS3 Third Party Content-->C:\Program Files\Common Files\Adobe\Installers\3675c95c239b992d5d0ee8fce969b9e\Setup.exe

Adobe After Effects CS3 Third Party Content-->MsiExec.exe /I{7ECEF10B-F1C2-4FD5-861F-A3FCB4653304}

Adobe After Effects CS3-->MsiExec.exe /I{EB0202F7-016A-410C-ADE4-40F848CCC661}

Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}

Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}

Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}

Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}

Adobe BridgeTalk Plugin CS3-->MsiExec.exe /I{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}

Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}

Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}

Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}

Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}

Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}

Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}

Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}

Adobe Contribute CS3-->MsiExec.exe /I{FC9E08AA-CD59-4C59-BEF9-87E05B9E37D7}

Adobe Creative Suite 3 Master Collection-->MsiExec.exe /I{8718DC03-D066-4957-94E5-50C3C5042E8E}

Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}

Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}

Adobe Dreamweaver CS3-->MsiExec.exe /I{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}

Adobe Encore CS3 Codecs-->MsiExec.exe /I{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}

Adobe Encore CS3-->MsiExec.exe /I{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}

Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}

Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}

Adobe Fireworks CS3-->MsiExec.exe /I{7DFC1012-D346-46CE-B03E-FF79125AE029}

Adobe Flash CS3-->MsiExec.exe /I{6B52140A-F189-4945-BFFC-DB3F00B8C589}

Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{786547F9-59BB-4FA3-B2D8-327FF1F14870}

Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}

Adobe Flash Video Encoder-->MsiExec.exe /I{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}

Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}

Adobe Help Viewer CS3-->MsiExec.exe /I{7ACFB90E-8FD0-4397-AD3A-5195412623A3}

Adobe Illustrator CS3-->MsiExec.exe /I{F08E8D2E-F132-4742-9C87-D5FF223A016A}

Adobe InDesign CS3 Icon Handler-->MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}

Adobe InDesign CS3-->MsiExec.exe /I{CB3F8375-B600-4B9F-83C9-238ED1E583FD}

Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}

Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}

Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}

Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}

Adobe Premiere Pro CS3 Functional Content-->MsiExec.exe /I{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}

Adobe Premiere Pro CS3 Third Party Content-->MsiExec.exe /I{485ACF57-F364-440A-8496-E1E81C8FA1AA}

Adobe Premiere Pro CS3-->MsiExec.exe /I{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}

Adobe Reader 9.1.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}

Adobe Setup-->MsiExec.exe /I{004685F7-9FB6-4789-812F-59ABB34A55AF}

Adobe Setup-->MsiExec.exe /I{4458C442-7376-4CF9-AF58-E8CEA6722363}

Adobe Shockwave Player 11.5-->C:\Windows\system32\Adobe\uninstaller.exe

Adobe SING CS3-->MsiExec.exe /I{B671CBFD-4109-4D35-9252-3062D3CCB7B2}

Adobe Soundbooth CS3 Codecs-->MsiExec.exe /I{0327FA9D-975C-448C-A086-577D57BB25B8}

Adobe Soundbooth CS3-->MsiExec.exe /I{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}

Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}

Adobe SVG Viewer-->C:\Windows\IsUn040c.exe -f"C:\Windows\System32\Adobe\SVG Viewer\Uninst.isu"

Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}

Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}

Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}

Adobe Video Profiles-->MsiExec.exe /I{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}

Adobe WAS CS3-->MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE}

Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}

Adobe XMP DVA Panels CS3-->MsiExec.exe /I{0224CACC-994D-45F8-B973-D65056EA9C2F}

Adobe XMP Panels CS3-->MsiExec.exe /I{D5A31AB1-345D-47C7-A87B-036A669F6DF1}

AGEIA PhysX v7.05.17-->MsiExec.exe /X{27DC856A-0916-4988-8198-8714DDD3183D}

AHV content for Acrobat and Flash-->MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}

ANIWZCS2 Service-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4C590030-7469-453E-8589-D15DA9D03F52}\Setup.exe"

Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}

Archiveur WinRAR-->C:\tools\WinRAR\uninstall.exe

Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}

Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE

Battlefield Heroes-->"C:\games\Battlefield Heroes\uninstaller.exe" "C:\games\Battlefield Heroes\Uninstall.xml"

BurnAware Free 2.3.5-->"C:\tools\BurnAware Free\unins000.exe"

CA VMN Anti-Spyware (remove only)-->"C:\Program Files\CA VMN Anti-Spyware\uninstall.exe"

Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C}

CCleaner (remove only)-->"C:\tools\CCleaner\uninst.exe"

CD Audio Reader Filter (remove only)-->"C:\Program Files\CD Audio Reader Filter\uninstall.exe"

CDBurnerXP-->"C:\tools\CDBurnerXP\unins000.exe"

CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}

Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}

Code de la Route-->MsiExec.exe /X{9BB9F8F2-3073-4F47-8207-0E7191C67DE9}

Coffret de pilotes Logitech QuickCam-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\11.80.1048\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -arpregkey"lvdrivers_11.80" /clone_wait /hide_progress

Counter-Strike: Source-->"C:\games\Steam\steam.exe" steam://uninstall/240

Crayon Physics Deluxe - release 53-->"C:\games\Crayon Physics Deluxe\unins000.exe"

DC-Bass Source 1.1.1-->"C:\Program Files\DSP-worx\DC-Bass Source\Uninstall.exe"

D-Link Wireless G DWA-510-->C:\Program Files\InstallShield Installation Information\{BADEDF59-389D-49CA-AD06-7EF12C5C13CD}\setup.exe -runfromtemp -l0x040c -removeonly

DScaler 5 Mpeg Decoders-->"C:\Program Files\DScaler5\unins000.exe"

eMule-->"C:\tools\eMule\Uninstall.exe"

EuroThink Adresses-->"C:\tools\Adresses\unins000.exe"

EVE-ONLINE (remove only)-->C:\games\EVE\Uninstall.exe

Evil Player v1.28-->C:\tools\Evil Player\Uninstall.exe

F.E.A.R. 2: Project Origin Single-player Demo-->"C:\games\Steam\steam.exe" steam://uninstall/16470

ffdshow [rev 2527] [2008-12-19]-->"C:\tools\K-Lite Codec Pack\ffdshow\unins000.exe"

Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français)-->MsiExec.exe /X{3380F354-C5F7-4E71-8F51-EEE6C3F06C62}

FileZilla Client 3.2.4.1-->C:\tools\FileZilla FTP Client\uninstall.exe

Free Window Registry Repair-->C:\tools\FREEWI~1\UNWISE.EXE C:\tools\FREEWI~1\INSTALL.LOG

Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}

GIMP 2.6.5-->"C:\tools\GIMP-2.0\setup\unins000.exe"

Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

Google Earth-->MsiExec.exe /X{CC016F21-3970-11DE-B878-005056806466}

HijackThis 2.0.2-->"C:\HijackThis\HijackThis.exe" /uninstall

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""

HP Photosmart C6300 All-In-One Driver Software 11.0 Rel .4-->C:\tools\HP\Digital Imaging\{C8732DC3-1736-44b2-B741-2D636DE58605}\setup\hpzscr01.exe -datfile hposcr31.dat -onestop

HP Solution Center 11.0-->C:\tools\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat

HP Update-->MsiExec.exe /X{FE57DE70-95DE-4B64-9266-84DA811053DB}

Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe

Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}

Java 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}

Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}

Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}

KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}

K-Lite Codec Pack 4.7.0 (Full)-->"C:\tools\K-Lite Codec Pack\unins000.exe"

Logitech QuickCam-->MsiExec.exe /X{3AF8FCCD-F51A-4014-9002-F195E1CBC876}

Logitech SetPoint-->C:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe -runfromtemp -l0x040c -removeonly

Logitech Updater-->MsiExec.exe /I{53735ECE-E461-4FD0-B742-23A352436D3A}

Malwarebytes' Anti-Malware-->"C:\Tools\Malwarebytes' Anti-Malware\unins000.exe"

Microsoft .NET Framework 1.1 Hotfix (KB929729)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"

Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}

Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

Microsoft Office FrontPage 2003-->MsiExec.exe /I{9017040C-6000-11D3-8CFE-0150048383C9}

Microsoft Office OneNote 2003-->MsiExec.exe /I{90A1040C-6000-11D3-8CFE-0150048383C9}

Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}

Microsoft Office Project Professional 2003-->MsiExec.exe /I{903B040C-6000-11D3-8CFE-0150048383C9}

Microsoft Office Small Business Connectivity Components-->MsiExec.exe /X{A939D341-5A04-4E0A-BB55-3E65B386432D}

Microsoft Office Visio Professional 2003-->MsiExec.exe /I{9051040C-6000-11D3-8CFE-0150048383C9}

Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}

Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

Microsoft SQL Server Native Client-->MsiExec.exe /I{1F24E48F-7692-4E89-8784-68DD4D2712A0}

Microsoft SQL Server VSS Writer-->MsiExec.exe /I{A30179B7-997A-4D47-AA43-57AE59A9C78B}

Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}

Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}

Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe

Mozilla Firefox (3.0.-->C:\tools\Mozilla Firefox\uninstall\helper.exe

MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

Notepad++-->C:\tools\Notepad++\uninstall.exe

OCR Software by I.R.I.S. 11.0-->C:\tools\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat

OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}

Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall

Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}

PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}

PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u

QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}

RealMedia (remove only)-->"C:\Program Files\RealMedia\uninstall.exe"

Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x040c -removeonly

Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709

Recuva (remove only)-->"C:\tools\Recuva\uninst.exe"

Registry Mechanic 8.0-->"C:\tools\Registry Mechanic\unins000.exe" /Log

Second Sight-->"C:\games\Steam\steam.exe" steam://uninstall/11550

Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

SHOUTcast Source (remove only)-->"C:\Program Files\SHOUTcast Source\uninstall.exe"

Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}

Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}

STALKER: Shadow of Chernobyl-->"C:\games\Steam\steam.exe" steam://uninstall/4500

Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}

SUPER © Version 2009.bld.35 (Jan 5, 2009)-->C:\tools\SUPER\Setup.exe /remove /q0

Team Fortress 2-->"C:\games\Steam\steam.exe" steam://uninstall/440

The Path-->"C:\games\Steam\steam.exe" steam://uninstall/27000

The Witcher Enhanced Edition-->"C:\Program Files\InstallShield Installation Information\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}\setup.exe" -runfromtemp -l0x040c -removeonly

Tom Clancy's Ghost Recon Advanced Warfighter® 2-->"C:\Program Files\InstallShield Installation Information\{F78AC3C0-578C-49AB-BD4E-3107A6036A13}\Setup.exe" -runfromtemp -l0x040c -removeonly

Trojan Remover 6.7.9-->"C:\tools\Trojan Remover\unins000.exe"

VMN Toolbar-->C:\Program Files\vmntoolbar\uninstall.exe

Winamp-->"C:\tools\Winamp\UninstWA.exe"

Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}

Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}

Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}

Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}

Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}

Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}

Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}

Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

Wipe-->C:\PROGRA~1\Wipe\wipe.exe uninstall

Zoom Player (remove only)-->"C:\tools\Zoom Player\uninstall.exe"

 

=====HijackThis Backups=====

 

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" [2009-04-18]

O4 - HKLM\..\Run: [QuickTime Task] "C:\tools\QuickTime\QTTask.exe" -atboottime [2009-04-18]

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\tools\Reader 9.0\Reader\Reader_sl.exe" [2009-04-18]

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) [2009-04-18]

 

======Security center information======

 

AV: BitDefender Antivirus (disabled) (outdated)

FW: BitDefender Firewall (disabled)

AS: BitDefender Antispyware (disabled) (outdated)

AS: Windows Defender

 

======System event log======

 

Computer Name: Hermes

Event Code: 4001

Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement.

 

Record Number: 63858

Source Name: Microsoft-Windows-WLAN-AutoConfig

Time Written: 20090619185816.962625-000

Event Type: Avertissement

User: AUTORITE NT\SYSTEM

 

Computer Name: Hermes

Event Code: 15016

Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur.

Record Number: 63869

Source Name: Microsoft-Windows-HttpEvent

Time Written: 20090620152706.350560-000

Event Type: Erreur

User:

 

Computer Name: Hermes

Event Code: 7000

Message: Le service BDVEDISK n'a pas pu démarrer en raison de l'erreur :

Le fichier spécifié est introuvable.

Record Number: 63914

Source Name: Service Control Manager

Time Written: 20090620152830.000000-000

Event Type: Erreur

User:

 

Computer Name: Hermes

Event Code: 7034

Message: Le service Enregistreur VSS SQL Server s'est terminé de façon inattendue pour la 1ème fois.

Record Number: 63951

Source Name: Service Control Manager

Time Written: 20090620152830.000000-000

Event Type: Erreur

User:

 

Computer Name: Hermes

Event Code: 7026

Message: Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :

i8042prt

Record Number: 63954

Source Name: Service Control Manager

Time Written: 20090620152830.000000-000

Event Type: Erreur

User:

 

=====Application event log=====

 

Computer Name: Hermes

Event Code: 3011

Message: Le déchargement des chaînes de compteurs de performances pour le service WmiApRpl (WmiApRpl) a échoué. Le premier DWORD de la section Data contient le code d'erreur.

Record Number: 14348

Source Name: Microsoft-Windows-LoadPerf

Time Written: 20090619161455.000000-000

Event Type: Erreur

User:

 

Computer Name: Hermes

Event Code: 10

Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.

Record Number: 14378

Source Name: Microsoft-Windows-WMI

Time Written: 20090620152830.000000-000

Event Type: Erreur

User:

 

Computer Name: Hermes

Event Code: 3012

Message: Les chaînes de performance dans la valeur de Registre Performance sont endommagées lors du traitement du fournisseur de compteurs d'extension Performance. La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans la section Données, la valeur LastCounter est le deuxième DWORD dans la section Données, et la valeur LastHelp est le troisième DWORD dans la section Données.

Record Number: 14383

Source Name: Microsoft-Windows-LoadPerf

Time Written: 20090620153229.000000-000

Event Type: Erreur

User:

 

Computer Name: Hermes

Event Code: 3012

Message: Les chaînes de performance dans la valeur de Registre Performance sont endommagées lors du traitement du fournisseur de compteurs d'extension Performance. La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans la section Données, la valeur LastCounter est le deuxième DWORD dans la section Données, et la valeur LastHelp est le troisième DWORD dans la section Données.

Record Number: 14384

Source Name: Microsoft-Windows-LoadPerf

Time Written: 20090620153229.000000-000

Event Type: Erreur

User:

 

Computer Name: Hermes

Event Code: 3011

Message: Le déchargement des chaînes de compteurs de performances pour le service WmiApRpl (WmiApRpl) a échoué. Le premier DWORD de la section Data contient le code d'erreur.

Record Number: 14385

Source Name: Microsoft-Windows-LoadPerf

Time Written: 20090620153229.000000-000

Event Type: Erreur

User:

 

=====Security event log=====

 

Computer Name: Hermes

Event Code: 5038

Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

 

Nom du fichier : \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys

Record Number: 17926

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090620153250.817617-000

Event Type: Échec de l'audit

User:

 

Computer Name: Hermes

Event Code: 5038

Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

 

Nom du fichier : \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys

Record Number: 17927

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090620153250.834217-000

Event Type: Échec de l'audit

User:

 

Computer Name: Hermes

Event Code: 5038

Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

 

Nom du fichier : \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys

Record Number: 17928

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090620153250.850818-000

Event Type: Échec de l'audit

User:

 

Computer Name: Hermes

Event Code: 5038

Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

 

Nom du fichier : \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys

Record Number: 17929

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090620153250.867418-000

Event Type: Échec de l'audit

User:

 

Computer Name: Hermes

Event Code: 5038

Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

 

Nom du fichier : \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys

Record Number: 17930

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090620153250.884019-000

Event Type: Échec de l'audit

User:

 

======Environment variables======

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\tools\QuickTime\QTSystem\

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=x86

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel

"PROCESSOR_REVISION"=170a

"NUMBER_OF_PROCESSORS"=2

"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat

"DFSTRACINGON"=FALSE

"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

 

-----------------EOF-----------------

 

 

En attendant, j'effectue les autres opérations...

Merci!

[pear]

Bonsoir,

 

Télécharger sur le bureauOTM by OldTimer .

Double-clic sur OTM.exe pour le lancer.

Sous Vista,Clic droit sur le fichier ->Choisir Exécuter en tant qu' Administrateur

Vérifier que Unregister Dll's and Ocx's soit coché.

* Copiez /Collez les lignes ci dessous):

 

:Processes

explorer.exe

 

:Files

C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Bonjour

:Services

Bonjour Service

:Reg

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-8287-79A187E26987}]

 

 

:Commands

[purity]

[emptytemp]

[start explorer]

[Reboot]

 

Revenez dans OTM,

Clic droit sur la fenêtre "Paste Instructions for Items to be Moved" sous la barre jaune et choisir Coller(Paste).

* Click le bouton rouge Moveit!

* Fermez OTM

Votre Pc va redémarrer.

Rendez vous dans le dossier C:\_OTM\MovedFiles ,

ouvrez le dernier fichier .log

Copiez/collez en le contenu dans votre prochaine réponse

 

Dans hijackthis, cochez ces lignes puis clic sur Fix checked

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

C:\Windows\system32\igfxdev.dll [2008-02-11 204800]

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) [2009-04-18]

O4 - HKLM\..\Run: [QuickTime Task] "C:\tools\QuickTime\QTTask.exe" -atboottime [2009-04-18]

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\tools\Reader 9.0\Reader\Reader_sl.exe" [2009-04-18]

O4 - HKLM\..\Run: [HP Software Update] C:\tools\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\tools\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service)

[KS_Croc]

Bonsoir, voici le .log OTM:

 

========== PROCESSES ==========

Process explorer.exe killed successfully.

========== FILES ==========

C:\PROGRA~1\VMNTOO~1\vmntoolbar.dll unregistered successfully.

C:\PROGRA~1\VMNTOO~1\vmntoolbar.dll moved successfully.

C:\Program Files\Bonjour\mDNSResponder.exe moved successfully.

C:\Program Files\Bonjour moved successfully.

========== SERVICES/DRIVERS ==========

Service\Driver Bonjour Service stopped successfully.

Service\Driver Bonjour Service deleted successfully.

========== REGISTRY ==========

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-8287-79A187E26987}\\ not found.

========== COMMANDS ==========

File delete failed. C:\Users\Nicolas\AppData\Local\Temp\etilqs_13SorsdeCnnre0XDmpkV scheduled to be deleted on reboot.

File delete failed. C:\Users\Nicolas\AppData\Local\Temp\~DFD2E5.tmp scheduled to be deleted on reboot.

User's Temp folder emptied.

User's Internet Explorer cache folder emptied.

File delete failed. C:\Windows\temp\logishrd\LVPrcInj01.dll scheduled to be deleted on reboot.

Windows Temp folder emptied.

FireFox cache emptied.

Temp folders emptied.

Explorer started successfully

 

OTM by OldTimer - Version 2.1.0.1 log created on 06202009_180854

 

Files moved on Reboot...

File C:\Users\Nicolas\AppData\Local\Temp\etilqs_13SorsdeCnnre0XDmpkV not found!

File C:\Users\Nicolas\AppData\Local\Temp\~DFD2E5.tmp not found!

DllUnregisterServer procedure not found in C:\Windows\temp\logishrd\LVPrcInj01.dll

C:\Windows\temp\logishrd\LVPrcInj01.dll NOT unregistered.

File move failed. C:\Windows\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot.

 

Registry entries deleted on Reboot...

[KS_Croc]

Voici également un nouveau rapport HijckThis:

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:25:59, on 20/06/2009

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18248)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

C:\Program Files\D-Link\D-Link Wireless G DWA-510\AirGCFG.exe

C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

C:\Program Files\Logitech\QuickCam\Quickcam.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\tools\Mozilla Firefox\firefox.exe

C:\HijackThis\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\tools\Adobe\/Adobe Contribute CS3/contributeieplugin.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - (no file)

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\tools\Adobe\/Adobe Contribute CS3/contributeieplugin.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWA-510] C:\Program Files\D-Link\D-Link Wireless G DWA-510\AirGCFG.exe

O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\tools\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\tools\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [TrojanScanner] C:\tools\Trojan Remover\Trjscan.exe /boot

O4 - HKCU\..\Run: [steam] "C:\games\Steam\Steam.exe" -silent

O4 - HKCU\..\Run: [AlcoholAutomount] "C:\tools\Alcohol 52\axcmd.exe" /automount

O4 - HKCU\..\Run: [GridinSoft Trojan Killer] "C:\tools\GridinSoft Trojan Killer\trojankiller.exe" 0

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\tools\Microsoft Office\OFFICE11\ONENOTEM.EXE

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O8 - Extra context menu item: Append to existing PDF - res://C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\tools\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\tools\MICROS~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\tools\MICROS~1\OFFICE11\REFIEBAR.DLL

O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing

O13 - Gopher Prefix:

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe

O23 - Service: Service Google Update (gupdate1c9c2b31153e2b1) (gupdate1c9c2b31153e2b1) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe

O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: NMSAccessU - Unknown owner - C:\tools\CDBurnerXP\NMSAccessU.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\tools\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\tools\Alcohol 52\StarWind\StarWindServiceAE.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

 

--

End of file - 9287 bytes

[skydawn]

Oh man, c'est trop long

[KS_Croc]

Oh man, c'est trop long

 

Désolé... Comment faire pour que ce soit moins long??? :-/