|
|
Auteur
|
Message
|
1
|
|
|
|
voici depuis 2 jours ceux qu'avast detecte, supprime mais revient...
donc jai dai un scan ac hijackthis et voici la rapport:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:30, on 2008-05-25
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
EDITION MODERATEUR : Règle du forum à respecter :
Pas de rapport avant qu'il n'en soit demandé un ! 
Veuillez lire l'article suivant :
http://forum.telecharger.01net.com/telecharger/securite_virus_et_assimiles/a_(...)
Merci d'en prendre connaissance.
Donc ke doi je faire maintenant ???
merci d'avance
-->Message édité par micky44 le 28/05/2008 15:11:37<--
|
|
|
|
|
# Télécharge Deckard System Scanner
# >>> Lien et Tuto ici <<<
# Suis les indications et poste le rapport obtenu dans ton prochain message.
|
|
|
|
|
ok !
voici le rapport
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Édition familiale (build 2600) SP 3.0
Architecture: X86; Language: French
CPU 0: AMD Athlon(tm) 64 X2 Dual Core Processor 6400+
Percentage of Memory in Use: 18%
Physical Memory (total/avail): 3070.42 MiB / 2515.45 MiB
Pagefile Memory (total/avail): 4956.05 MiB / 4409.54 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1896.74 MiB
A: is Removable (Unformatted)
C: is Fixed (NTFS) - 143.04 GiB total, 106.46 GiB free.
D: is Fixed (NTFS) - 6 GiB total, 5.92 GiB free.
E: is Removable (No Media)
F: is Removable (No Media)
G: is CDROM (No Media)
H: is Fixed (NTFS) - 232.88 GiB total, 162.61 GiB free.
I: is Removable (No Media)
J: is Removable (No Media)
L: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - MAXTOR STM3250310AS - 232.88 GiB - 1 partition
\PARTITION0 (bootable) - Système de fichiers installable - 232.88 GiB - H:
\\.\PHYSICALDRIVE1 - - 149.05 GiB - 2 partitions
\PARTITION0 - Système de fichiers installable - 6 GiB - D:
\PARTITION1 (bootable) - Système de fichiers installable - 143.04 GiB - C:
\\.\PHYSICALDRIVE3 - Generic USB CF Reader USB Device
\\.\PHYSICALDRIVE5 - Generic USB MS Reader USB Device
\\.\PHYSICALDRIVE2 - Generic USB SD Reader USB Device
\\.\PHYSICALDRIVE4 - Generic USB SM Reader USB Device
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=H:\Documents and Settings\All Users
APPDATA=H:\Documents and Settings\Propri‚taire\Application Data
CLIENTNAME=Console
CommonProgramFiles=H:\Program Files\Fichiers communs
COMPUTERNAME=MICKAEL
ComSpec=H:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=H:
HOMEPATH=\Documents and Settings\Propri‚taire
LOGONSERVER=\\MICKAEL
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=H:\WINDOWS\system32;H:\WINDOWS;H:\WINDOWS\system32\wbem;H:\Program Files\Samsung\Samsung PC Studio 3
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 67 Stepping 3, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=4303
ProgramFiles=H:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=H:
SystemRoot=H:\WINDOWS
TEMP=H:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
TMP=H:\DOCUME~1\PROPRI~1\LOCALS~1\Temp
USERDOMAIN=MICKAEL
USERNAME=Propri‚taire
USERPROFILE=H:\Documents and Settings\Propri‚taire
windir=H:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Propriétaire [I](admin)[/I]
-- Add/Remove Programs ---------------------------------------------------------
--> Dummy
--> RunDll32 H:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "H:\Program Files\InstallShield Installation Information\{88E5FCB8-5F25-11D5-B16F-0800460222F0}\setup.exe" -l0x40c UNINSTALL
--> RunDll32 H:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "H:\Program Files\InstallShield Installation Information\{D76298C2-E532-4A11-BCFF-76F3F19DA84D}\setup.exe" UNINSTALL
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 H:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player ActiveX --> H:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
AMD Power Monitor --> MsiExec.exe /X{A791DE99-AAAF-485E-866E-94B23B3A9763}
AMD Processor Driver --> H:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe -runfromtemp -l0x040c -removeonly
Archiveur WinRAR --> H:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
avast! Antivirus --> H:\Program Files\Alwil Software\Avast4\aswRunDll.exe "H:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Barre d'outils Outlook de Windows Live (Windows Live Toolbar) --> MsiExec.exe /X{4002F73D-EBB3-4EA1-A2FF-DBCB4529759E}
Barre de confiance CM-CIC --> "H:\Program Files\BarreConfCMCIC\Setup.exe" -u
Battlefield 2(TM) --> RunDll32 H:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "H:\Program Files\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0x40c -removeonly
Bloqueur de fenêtres pop-up (Windows Live Toolbar) --> MsiExec.exe /X{51F366F4-C2E4-429A-866A-59C885ED42FD}
Call of Duty - United Offensive --> H:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{A662E280-64A8-4CF5-8407-13D0808602B3}
CCleaner (remove only) --> "H:\Program Files\CCleaner\uninst.exe"
Coffret de pilotes Logitech Legacy USB Camera --> "H:\Program Files\Fichiers communs\LogiShrd\LogiDriverStore\legacyqcam\10.00.1438\LgDrvInst.exe" -remove -instdir"H:\Program Files\Fichiers communs\LogiShrd\LogiDriverStore\legacyqcam\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -promptuninstall -arpregkey"legacyqcam_10.00" /clone_wait /hide_progress
Coffret de pilotes Logitech QuickCam --> "H:\Program Files\Fichiers communs\LogiShrd\LogiDriverStore\lvdrivers\11.50.1145\LgDrvInst.exe" -remove -instdir"H:\Program Files\Fichiers communs\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -promptuninstall -arpregkey"lvdrivers_11.50" /clone_wait /hide_progress
Command & Conquer 3 --> MsiExec.exe /I{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}
Company of Heroes - FAKEMSI --> MsiExec.exe /I{14574B7F-75D1-4718-B7F2-EBF6E2862A35}
Company of Heroes - FAKEMSI --> MsiExec.exe /I{199E6632-EB28-4F73-AECB-3E192EB92D18}
Company of Heroes - FAKEMSI --> MsiExec.exe /I{25724802-CC14-4B90-9F3B-3D6955EE27B1}
Company of Heroes - FAKEMSI --> MsiExec.exe /I{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}
Company of Heroes - FAKEMSI --> MsiExec.exe /I{50193078-F553-4EBA-AA77-64C9FAA12F98}
Company of Heroes - FAKEMSI --> MsiExec.exe /I{51D718D1-DA81-4FAD-919F-5C1CE3C33379}
Company of Heroes - FAKEMSI --> MsiExec.exe /I{66F78C51-D108-4F0C-A93C-1CBE74CE338F}
Company of Heroes - FAKEMSI --> MsiExec.exe /I{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}
Company of Heroes - FAKEMSI --> MsiExec.exe /I{80D03817-7943-4839-8E96-B9F924C5E67D}
Company of Heroes - FAKEMSI --> MsiExec.exe /I{97E5205F-EA4F-438F-B211-F1846419F1C1}
Company of Heroes - FAKEMSI --> MsiExec.exe /I{99A7722D-9ACB-43F3-A222-ABC7133F159E}
Company of Heroes - FAKEMSI --> MsiExec.exe /I{BA801B94-C28D-46EE-B806-E1E021A3D519}
Company of Heroes - FAKEMSI --> MsiExec.exe /I{D4D244D1-05E0-4D24-86A2-B2433C435671}
Company of Heroes - FAKEMSI --> MsiExec.exe /I{EAF636A9-F664-4703-A659-85A894DA264F}
Conflict Vietnam --> RunDll32 H:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "H:\Program Files\InstallShield Installation Information\{7DDAA520-414B-4671-BE8A-12428ACF76A3}\setup.exe" -l0x40c
Counter-Strike: Source --> "H:\Program Files\Steam\steam.exe" steam://uninstall/240
Crysis(R) --> MsiExec.exe /I{000E79B7-E725-4F01-870A-C12942B7F8E4}
Day of Defeat: Source --> "H:\Program Files\Steam\steam.exe" steam://uninstall/300
Day of Defeat: Source Beta --> "H:\Program Files\Steam\steam.exe" steam://uninstall/302
Dual-Core Optimizer --> MsiExec.exe /X{BCA02FAD-2C86-4C8C-A815-51C09F4E51FF}
Détecteur de flux Windows Live Toolbar (Windows Live Toolbar) --> MsiExec.exe /X{175B7C4A-CAF8-437A-B597-73E0D2D970FE}
eMule --> "H:\Program Files\eMule\Uninstall.exe"
EVEREST Ultimate Edition v4.50 --> "H:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
Extension de Windows Live Toolbar (Windows Live Toolbar) --> MsiExec.exe /X{D518AD32-C710-4616-BA0D-D4B1FA5F82E8}
Gestionnaire Internet --> H:\PROGRA~1\Wanadoo\uninstall.exe
Google Earth --> MsiExec.exe /I{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "h:\program files\google\googletoolbar2.dll"
Half-Life 2 --> "H:\Program Files\Steam\steam.exe" steam://uninstall/220
Half-Life 2: Deathmatch --> "H:\Program Files\Steam\steam.exe" steam://uninstall/320
Half-Life 2: Episode One --> "H:\Program Files\Steam\steam.exe" steam://uninstall/380
Half-Life 2: Episode Two --> "H:\Program Files\Steam\steam.exe" steam://uninstall/420
Half-Life 2: Lost Coast --> "H:\Program Files\Steam\steam.exe" steam://uninstall/340
Half-Life Deathmatch: Source --> "H:\Program Files\Steam\steam.exe" steam://uninstall/360
Half-Life(R) 2 --> MsiExec.exe /I{D45EC259-4A19-4656-B588-C2C360DD18EA}
Half-Life: Source --> "H:\Program Files\Steam\steam.exe" steam://uninstall/280
High Definition Audio Driver Package - KB888111 --> "H:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2 --> "H:\Documents and Settings\Propriétaire\Bureau\mickael\HijackThis.exe" /uninstall
Java(TM) 6 Update 4 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
K-Lite Codec Pack 3.2.5 Full --> "H:\Program Files\K-Lite Codec Pack\unins000.exe"
KhalInstallWrapper --> MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}
livebox --> RunDll32 H:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "H:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe" -l0x40c
LogicFunctions --> "H:\Program Files\LogicFunctions\Uninstall.exe"
Logitech Audio Echo Cancellation Component --> MsiExec.exe /X{BEF726DD-4037-4214-8C6A-E625C02D2870}
Logitech Communications Manager --> MsiExec.exe /I{BD202930-5F70-4B35-B875-1E28604F328D}
Logitech Desktop Messenger --> RunDll32 H:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "H:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
Logitech QuickCam --> MsiExec.exe /X{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}
Logitech SetPoint --> H:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe -runfromtemp -l0x040c -removeonly
Logitech Video Enumerator --> MsiExec.exe /X{EA516024-D84D-41F1-814F-83175A6188F2}
Ma-Config.com --> MsiExec.exe /X{05B3F57E-036B-4999-BAE4-E60E82F75442}
Menus intelligents (Windows Live Toolbar) --> MsiExec.exe /X{3585ED1C-74C5-43B0-A232-831B96A12A2B}
Microsoft Compression Client Pack 1.0 for Windows XP --> "H:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "H:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour de sécurité pour Windows XP (KB941569) --> "H:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Navigateur Orange --> H:\PROGRA~1\Wanadoo\Shell.exe inst\uninst_FTBrowser.shl
Navigation par onglets (Windows Live Toolbar) --> MsiExec.exe /X{E74559C2-BB47-45AD-83DD-0D66B67E7811}
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers --> H:\WINDOWS\system32\nvuninst.exe UninstallGUI
OneCare Advisor (Windows Live Toolbar) --> MsiExec.exe /X{F242B06B-517F-4D62-B654-16B11564A912}
OpenMG Limited Patch 4.4-06-13-19-01 --> H:\Program Files\Fichiers communs\Sony Shared\OpenMG\HotFixes\HotFix4.4-06-13-19-01\HotFixSetup\setup.exe /u
OpenMG Secure Module 4.4.00 --> H:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{CFB17307-B244-4EAD-AE8E-CDAF440477C2} UNINSTALL
OpenOffice.org 2.4 --> MsiExec.exe /I{1E0FF527-971B-4BBF-83D1-987E8DEE437D}
Peggle Extreme --> "H:\Program Files\Steam\steam.exe" steam://uninstall/3483
Portal --> "H:\Program Files\Steam\steam.exe" steam://uninstall/400
PunkBuster Services --> H:\WINDOWS\system32\pbsvc.exe -u
REALTEK GbE & FE Ethernet PCI NIC Driver --> H:\Program Files\InstallShield Installation Information\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}\setup.exe -runfromtemp -l0x040c -removeonly
Realtek High Definition Audio Driver --> RunDll32 H:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "H:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
SAMSUNG CDMA Modem Driver Set --> H:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software --> H:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software --> H:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio --> RunDll32 H:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "H:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -l0x40c -removeonly
Samsung PC Studio 3 USB Driver Installer --> RunDll32 H:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "H:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -l0x40c -removeonly
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
SonicStage 3.4 --> RunDll32 H:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "H:\Program Files\InstallShield Installation Information\{A0EB195B-5876-48E6-879D-33D4B2102610}\setup.exe" -l0x40c UNINSTALL -removeonly
Source Dedicated Server --> "H:\Program Files\Steam\steam.exe" steam://uninstall/205
Source SDK --> "H:\Program Files\Steam\steam.exe" steam://uninstall/211
Source SDK Base --> "H:\Program Files\Steam\steam.exe" steam://uninstall/215
Spybot - Search & Destroy --> "H:\Program Files\Spybot - Search & Destroy\unins000.exe"
Steam --> MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Team Fortress 2 --> "H:\Program Files\Steam\steam.exe" steam://uninstall/440
Team Fortress 2 Dedicated Server --> "H:\Program Files\Steam\steam.exe" steam://uninstall/310
TrackMania Nations Forever --> "H:\Program Files\Steam\steam.exe" steam://uninstall/11020
TuneUp Utilities 2008 --> MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
UMVPLStandalone --> MsiExec.exe /X{8AC049F7-1383-45C3-9E7D-F93CA667F9E1}
VCRedistSetup --> MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Windows Live Favorites pour Windows Live Toolbar --> MsiExec.exe /X{DCE65B11-710D-4C54-9DE5-1A6A0BD2186B}
Windows Live installer --> MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger --> MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Live Toolbar --> "H:\Program Files\Windows Live Toolbar\UnInstall.exe" {05AE605F-3146-46ED-BC52-0A14EBF57962}
Windows Live Toolbar --> MsiExec.exe /X{05AE605F-3146-46ED-BC52-0A14EBF57962}
Windows Media Format 11 runtime --> "H:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows XP Service Pack 3 --> "H:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Yahoo! Anti-Spy --> H:\PROGRA~1\Yahoo!\Common\unypsr.exe
Yahoo! Toolbar --> H:\PROGRA~1\Yahoo!\Common\unyt.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type938 / Success
Event Submitted/Written: 05/25/2008 05:45:32 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type932 / Warning
Event Submitted/Written: 05/25/2008 05:31:30 PM
Event ID/Source: 1524 / Userenv
Event Description:
Windows ne peut pas décharger vos classes fichier de Registre - il est en cours d'utilisation par d'autres applications ou services. Le fichier sera déchargé quand il ne sera plus utilisé.
Event Record #/Type931 / Error
Event Submitted/Written: 05/25/2008 05:29:56 PM
Event ID/Source: 1000 / Application Error
Event Description:
Application défaillante , version 0.0.0.0, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x00000000.
Traitement de l'événement propre au support pour [!ws!]
Event Record #/Type926 / Success
Event Submitted/Written: 05/25/2008 04:06:11 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type917 / Success
Event Submitted/Written: 05/25/2008 02:35:50 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type5234 / Error
Event Submitted/Written: 05/25/2008 05:42:56 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM a reçu l'erreur "%%1084" lors de la mise en route du service EventSystem avec les arguments ""
pour démarrer le serveur :
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Event Record #/Type5225 / Error
Event Submitted/Written: 05/25/2008 05:35:01 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM a reçu l'erreur "%%1084" lors de la mise en route du service netman avec les arguments ""
pour démarrer le serveur :
{BA126AE5-2166-11D1-B1D0-00805FC1270E}
Event Record #/Type5224 / Error
Event Submitted/Written: 05/25/2008 05:34:47 PM
Event ID/Source: 7026 / Service Control Manager
Event Description:
Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
Aavmker4
AFD
AmdK8
aswSP
aswTdi
Fips
IPSec
MRxSmb
NetBIOS
NetBT
RasAcd
Rdbss
Tcpip
Event Record #/Type5223 / Error
Event Submitted/Written: 05/25/2008 05:34:47 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
Le service Services IPSEC dépend du service Pilote IPSEC qui n'a pas pu démarrer en raison de l'erreur :
%%31
Event Record #/Type5222 / Error
Event Submitted/Written: 05/25/2008 05:34:47 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
Le service Assistance TCP/IP NetBIOS dépend du service AFD qui n'a pas pu démarrer en raison de l'erreur :
%%31
-- End of Deckard's System Scanner: finished at 2008-05-25 17:57:45 ------------
|
|
|
|
|
|
qu'es ce ke je doi faire maintenant ???
|
|
|
|
|
Mauvais rapport !!
celui que je veux est ici >>> C:\Deckard\System Scanner\main.txt
|
|
|
|
|
le voila dsl du retard
Deckard's System Scanner v20071014.68
Run by Propriétaire on 2008-05-25 17:55:01
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
100: 2008-05-25 15:55:07 UTC - RP100 - Deckard's System Scanner Restore Point
99: 2008-05-25 12:06:32 UTC - RP99 - ComboFix created restore point
98: 2008-05-24 12:55:18 UTC - RP98 - Ma-Config.com installé
97: 2008-05-24 12:55:08 UTC - RP97 - Ma-Config.com supprimé
96: 2008-05-24 10:40:19 UTC - RP96 - Point de vérification système
-- First Restore Point --
1: 2008-05-07 12:24:49 UTC - RP1 - Point de vérification système
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Propriétaire.exe) ----------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:55:37, on 25/05/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
H:\Program Files\Alwil Software\Avast4\ashServ.exe
H:\WINDOWS\system32\spoolsv.exe
H:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
H:\WINDOWS\System32\FTRTSVC.exe
H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
H:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
H:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
H:\PROGRA~1\Wanadoo\TaskBarIcon.exe
H:\WINDOWS\RTHDCPL.EXE
H:\WINDOWS\system32\RUNDLL32.EXE
H:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
H:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe
H:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
H:\WINDOWS\system32\ctfmon.exe
H:\WINDOWS\system32\rundll32.exe
H:\Program Files\Steam\Steam.exe
H:\Program Files\Lavalys\EVEREST Ultimate Edition\everest.exe
H:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
H:\WINDOWS\system32\nvsvc32.exe
H:\Program Files\AMD\AMD Power Monitor\AMD_PwrMon.exe
H:\WINDOWS\system32\PnkBstrA.exe
H:\WINDOWS\system32\svchost.exe
H:\PROGRA~1\Wanadoo\ComComp.exe
H:\PROGRA~1\Wanadoo\Toaster.exe
H:\PROGRA~1\Wanadoo\Inactivity.exe
H:\PROGRA~1\Wanadoo\PollingModule.exe
H:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
H:\Program Files\Alwil Software\Avast4\ashWebSv.exe
H:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
H:\PROGRA~1\Wanadoo\Watch.exe
H:\Program Files\Windows Live\Messenger\msnmsgr.exe
H:\Program Files\Windows Live\Messenger\usnsvc.exe
H:\WINDOWS\explorer.exe
H:\Program Files\Internet Explorer\IEXPLORE.EXE
H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
H:\WINDOWS\system32\wuauclt.exe
H:\Documents and Settings\Propriétaire\Bureau\mickael\dss.exe
H:\DOCUME~1\PROPRI~1\Bureau\mickael\Propriétaire.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - H:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - H:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: LogicFunctions module - {18CB1A7B-94CD-4582-8022-ADA16851E44B} - H:\Program Files\LogicFunctions\LogicFunctions.dll
O2 - BHO: (no name) - {613E416F-BCB6-43AD-B0FC-DF7B0D5A70BF} - H:\WINDOWS\system32\ddcCTmlM.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - H:\Program Files\BarreConfCMCIC\TAPBar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - h:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - H:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - H:\Program Files\BarreConfCMCIC\TAPBar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - h:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [avast!] H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WOOWATCH] H:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] H:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "H:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "H:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [SsAAD.exe] H:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKCU\..\Run: [WOOKIT] H:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [swg] H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "H:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [WinSpywareProtect (ver. 5.1)] "H:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\WinSpywareProtect.exe" /autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: AMD Power Monitor.lnk = H:\Program Files\AMD\AMD Power Monitor\AMD_PwrMon.exe
O4 - Global Startup: EVEREST Ultimate Edition.lnk = H:\Program Files\Lavalys\EVEREST Ultimate Edition\everest.exe
O8 - Extra context menu item: &Windows Live Search - res://H:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://H:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?068cc415a2024a309088b274c0950a14
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://H:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?068cc415a2024a309088b274c0950a14
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - H:\Documents and Settings\Propriétaire\Mes documents\mickael.quintin\petit logiciel\StopPub.exe
O9 - Extra 'Tools' menuitem: Stop Pub - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - H:\Documents and Settings\Propriétaire\Mes documents\mickael.quintin\petit logiciel\StopPub.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://simcity.ea.com/update/EARTPX.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/m(...)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://ma-config.com/activex/hardwaredetection_3_0_0_31.cab
O16 - DPF: {C36661D7-3590-45B1-80B5-520839E94DAD} (MaxisSimCity4PatcherX Control) - http://simcity.ea.com/update/MaxisSimCity4PatcherX.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O18 - Protocol: bw+0 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {003FCABC-96AF-40AB-BD01-91322046F273} - H:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: ddcCTmlM - H:\WINDOWS\SYSTEM32\ddcCTmlM.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - H:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - H:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LVCOMSer - Logitech Inc. - H:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - H:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - H:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - H:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: MSCSPTISRV - Sony Corporation - H:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - H:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - H:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - H:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - H:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - H:\WINDOWS\System32\TuneUpDefragService.exe
--
End of file - 24192 bytes
-- File Associations -----------------------------------------------------------
.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R3 PCANDIS5 (PCANDIS5 NDIS Protocol Driver) - h:\windows\system32\pcandis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
S3 AmdTools (AMD Special Tools Driver) - h:\windows\system32\drivers\amdtools.sys (file missing)
S3 PCAMPR5 (PCAMPR5 NDIS Protocol Driver) - h:\windows\system32\pcampr5.sys (file missing)
S3 TVICHW32 - h:\windows\system32\drivers\tvichw32.sys <Not Verified; EnTech Taiwan; TVicHW32 Generic Device Driver for Windows 95/98/ME/NT/2000/2003/XP/XP64>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 FTRTSVC (France Telecom Routing Table Service) - h:\windows\system32\ftrtsvc.exe <Not Verified; France Telecom; FTRTSVC NT Service>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-05-25 17:51:01 268 --a------ H:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
-- Files created between 2008-04-25 and 2008-05-25 -----------------------------
2008-05-25 14:05:33 68096 --a------ H:\WINDOWS\zip.exe
2008-05-25 14:05:33 49152 --a------ H:\WINDOWS\VFind.exe
2008-05-25 14:05:33 212480 --a------ H:\WINDOWS\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-05-25 14:05:33 136704 --a------ H:\WINDOWS\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-05-25 14:05:33 161792 --a------ H:\WINDOWS\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-05-25 14:05:33 98816 --a------ H:\WINDOWS\sed.exe
2008-05-25 14:05:33 80412 --a------ H:\WINDOWS\grep.exe
2008-05-25 14:05:33 89504 --a------ H:\WINDOWS\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-05-24 17:30:18 0 d-------- H:\Documents and Settings\Propriétaire\Application Data\Media Player Classic
2008-05-24 11:06:15 0 dr-h----- H:\Documents and Settings\Propriétaire\Recent
2008-05-24 10:51:09 0 d-------- H:\Program Files\LogicFunctions
2008-05-23 23:31:06 29312 --a------ H:\WINDOWS\system32\ddcCTmlM.dll
2008-05-23 23:30:56 81920 --a------ H:\WINDOWS\mdtgkswr.exe
2008-05-18 12:34:39 0 d-------- H:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-05-17 17:02:42 0 d-------- H:\WINDOWS\system32\Samsung_USB_Drivers
2008-05-17 17:02:35 0 d-------- H:\WINDOWS\system32\Samsung PC Studio Codecs
2008-05-17 17:02:21 0 d-------- H:\Program Files\Samsung
2008-05-17 16:42:41 0 d-------- H:\Documents and Settings\All Users\SonicStage
2008-05-17 16:33:14 0 d-------- H:\Program Files\Sony Corporation
2008-05-17 16:32:41 770048 --a------ H:\WINDOWS\system32\CDDBUISony.dll <Not Verified; Gracenote; CDDBUIControl Module>
2008-05-17 16:32:41 585728 --a------ H:\WINDOWS\system32\CddbMusicIDSony.dll <Not Verified; Gracenote; CddbMusicID Module>
2008-05-17 16:32:41 73728 --a------ H:\WINDOWS\system32\CddbLinkSony.dll <Not Verified; Gracenote; CddbLink Module>
2008-05-17 16:32:41 98304 --a------ H:\WINDOWS\system32\CddbLangFRSony.dll <Not Verified; Gracenote; Gracenote CddbLangFR>
2008-05-17 16:32:41 643072 --a------ H:\WINDOWS\system32\CDDBControlSony.dll <Not Verified; Gracenote, Inc.; CDDBControl Core Module>
2008-05-17 16:32:16 0 d-------- H:\Documents and Settings\All Users\Application Data\Sony Corporation
2008-05-17 16:31:48 0 d-------- H:\Program Files\Sony
2008-05-17 16:31:23 0 d-------- H:\Program Files\Fichiers communs\Sony Shared
2008-05-17 16:31:23 0 d-------- H:\Documents and Settings\Propriétaire\Application Data\Sony Corporation
2008-05-15 21:45:17 0 d-------- H:\WINDOWS\nvidia icons
2008-05-15 21:45:03 0 d-------- H:\WINDOWS\NV3760132.TMP
2008-05-15 21:27:09 0 d-------- H:\Program Files\ma-config.com
2008-05-15 21:27:09 0 d-------- H:\Documents and Settings\All Users\Application Data\ma-config.com
2008-05-14 23:43:25 23 --a------ H:\WINDOWS\popcinfot.dat
2008-05-13 14:40:14 8 --a------ H:\WINDOWS\system32\nvModes.dat
2008-05-13 14:38:59 0 d-------- H:\Documents and Settings\All Users\Application Data\nView_Profiles
2008-05-13 13:53:02 0 d-------- H:\Documents and Settings\All Users\Application Data\NVIDIA
2008-05-11 18:06:30 0 d-------- H:\Documents and Settings\All Users\Application Data\Adobe
2008-05-11 18:06:23 0 d-------- H:\Program Files\Fichiers communs\Adobe
2008-05-11 17:58:24 0 d-------- H:\Program Files\SpeedFan
2008-05-11 17:29:38 0 d-------- H:\WINDOWS\Downloaded Installations
2008-05-11 17:24:59 0 d-------- H:\Documents and Settings\Propriétaire\Application Data\Nero
2008-05-11 17:24:03 0 d-------- H:\Documents and Settings\All Users\Application Data\Nero
2008-05-11 12:34:19 0 d--h----- H:\WINDOWS\PIF
2008-05-09 17:37:50 669184 --a------ H:\WINDOWS\system32\pbsvc.exe
2008-05-09 17:18:47 0 d-------- H:\Program Files\DAEMON Tools Lite
2008-05-09 17:16:43 717296 --a------ H:\WINDOWS\system32\drivers\sptd.sys
2008-05-09 17:16:38 0 d-------- H:\Documents and Settings\Propriétaire\Application Data\DAEMON Tools
2008-05-09 00:20:03 0 d-------- H:\Documents and Settings\Propriétaire\.AMD Power Monitor Settings
2008-05-09 00:08:14 0 d-------- H:\Program Files\BarreConfCMCIC
2008-05-08 23:40:40 23600 --a------ H:\WINDOWS\system32\drivers\TVICHW32.SYS <Not Verified; EnTech Taiwan; TVicHW32 Generic Device Driver for Windows 95/98/ME/NT/2000/2003/XP/XP64>
2008-05-08 23:11:28 0 d-------- H:\Program Files\AMD
2008-05-08 17:28:24 0 d-------- H:\Documents and Settings\Propriétaire\Application Data\Mozilla
2008-05-08 17:27:09 0 d-------- H:\Documents and Settings\Propriétaire\Application Data\OpenOffice.org2
2008-05-08 16:18:38 188416 --a------ H:\WINDOWS\system32\eax.dll <Not Verified; Creative Technology Ltd; EAX Unified>
2008-05-08 16:13:52 0 d-------- H:\WINDOWS\RegisteredPackages
2008-05-08 15:29:17 0 d-------- H:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-05-08 15:17:20 671 --a------ H:\WINDOWS\eReg.dat
2008-05-08 14:50:36 0 d--hs---- H:\WINDOWS\ftpcache
2008-05-08 13:50:19 0 d-------- H:\WINDOWS\NV34683504.TMP
2008-05-08 12:36:04 0 d-------- H:\Program Files\CyberMUT
2008-05-08 11:42:23 0 d-------- H:\WINDOWS\pss
2008-05-08 05:34:03 0 d--hs--c- H:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-05-08 05:34:00 0 d-------- H:\Program Files\Windows Live
2008-05-08 05:33:34 0 d-------- H:\Documents and Settings\All Users\Application Data\WLInstaller
2008-05-07 20:26:29 552 --a------ H:\WINDOWS\system32\d3d8caps.dat
2008-05-07 20:22:35 0 d-------- H:\Program Files\Windows Media Connect 2
2008-05-07 20:21:50 0 d-------- H:\WINDOWS\system32\LogFiles
2008-05-07 20:21:50 0 d-------- H:\WINDOWS\system32\drivers\UMDF
2008-05-07 20:21:24 0 d-------- H:\Program Files\Microsoft Silverlight
2008-05-07 20:20:42 0 d-------- H:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-05-07 20:18:04 0 d-------- H:\WINDOWS\system32\URTTemp
2008-05-07 20:07:23 0 d-------- H:\Program Files\Fichiers communs\Logitech
2008-05-07 19:51:46 0 d-------- H:\Program Files\eMule
2008-05-07 19:48:41 0 d-------- H:\Documents and Settings\Propriétaire\Application Data\Google
2008-05-07 19:47:42 0 d-------- H:\Program Files\Google
2008-05-07 19:47:42 0 d-------- H:\Documents and Settings\All Users\Application Data\Google
2008-05-07 19:38:06 0 d-------- H:\Program Files\OpenOffice.org 2.4
2008-05-07 19:37:44 0 d-------- H:\Program Files\Java
2008-05-07 19:37:44 0 d-------- H:\Program Files\Fichiers communs\Java
2008-05-07 19:37:37 0 d-------- H:\Documents and Settings\Propriétaire\Application Data\Sun
2008-05-07 19:35:12 0 d-------- H:\Program Files\CCleaner
2008-05-07 19:33:05 0 d-------- H:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-07 19:28:46 0 d-------- H:\WINDOWS\Cache
2008-05-07 19:17:58 0 d-------- H:\WINDOWS\Prefetch
2008-05-07 19:14:36 0 d-------- H:\WINDOWS\system32\fr
2008-05-07 19:14:36 0 d-------- H:\WINDOWS\system32\bits
2008-05-07 19:14:36 0 d-------- H:\WINDOWS\l2schemas
2008-05-07 19:13:42 0 d-------- H:\WINDOWS\ServicePackFiles
2008-05-07 19:09:19 0 d-------- H:\WINDOWS\EHome
2008-05-07 18:35:28 0 d-------- H:\Documents and Settings\Propriétaire\Application Data\Adobe
2008-05-07 17:58:05 0 d-------- H:\Documents and Settings\Propriétaire\Application Data\Yahoo!
2008-05-07 17:31:29 0 d-------- H:\Documents and Settings\All Users\Application Data\LogiShrd
2008-05-07 17:31:24 217088 --a------ H:\WINDOWS\system32\yv12vfw.dll <Not Verified; www.helixcommunity.org; Helix YV12 YUV Codec>
2008-05-07 17:31:24 180224 --a------ H:\WINDOWS\system32\xvidvfw.dll
2008-05-07 17:31:24 593920 --a------ H:\WINDOWS\system32\xvidcore.dll
2008-05-07 17:31:23 3596288 --a------ H:\WINDOWS\system32\qt-dx331.dll
2008-05-07 17:31:23 10752 --a------ H:\WINDOWS\system32\ff_vfw.dll
2008-05-07 17:31:23 73728 --a------ H:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-05-07 17:31:23 740442 --a------ H:\WINDOWS\system32\divx.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-07 17:31:22 0 d-------- H:\Program Files\K-Lite Codec Pack
2008-05-07 17:31:08 0 d-------- H:\Documents and Settings\Propriétaire\Application Data\Logitech
2008-05-07 17:30:54 0 d-------- H:\Program Files\Common Files
2008-05-07 17:30:48 0 d-------- H:\Program Files\Yahoo!
2008-05-07 17:30:25 0 d-------- H:\Documents and Settings\All Users\Application Data\Logitech
2008-05-07 17:30:22 0 d-------- H:\Program Files\Fichiers communs\Logishrd
2008-05-07 17:30:20 0 d-------- H:\Program Files\Logitech
2008-05-07 17:29:56 0 d-------- H:\Program Files\Lavalys
2008-05-07 17:25:04 0 d-------- H:\WINDOWS\system32\fr-fr
2008-05-07 17:22:42 0 d-------- H:\WINDOWS\network diagnostic
2008-05-07 17:21:18 0 d-------- H:\Documents and Settings\Propriétaire\Application Data\TuneUp Software
2008-05-07 17:20:46 0 d-------- H:\Program Files\Fichiers communs\Wise Installation Wizard
2008-05-07 17:13:40 0 d--hs---- H:\WINDOWS\Installer
2008-05-07 17:13:39 0 d-------- H:\Program Files\Fichiers communs\ODBC
2008-05-07 17:13:36 0 dr------- H:\Program Files
2008-05-07 17:13:36 0 d-------- H:\Program Files\Fichiers communs
2008-05-07 17:13:36 0 d-------- H:\Program Files\Fichiers communs\SpeechEngines
2008-05-07 17:13:14 0 d--h----- H:\Documents and Settings\Default User\Voisinage réseau
2008-05-07 17:13:14 0 d--h----- H:\Documents and Settings\Default User\Voisinage d'impression
2008-05-07 17:13:14 0 dr-h----- H:\Documents and Settings\Default User\SendTo
2008-05-07 17:13:14 0 d--h----- H:\Documents and Settings\Default User\Recent
2008-05-07 17:13:14 0 d--h----- H:\Documents and Settings\Default User\Modèles
2008-05-07 17:13:14 0 d-------- H:\Documents and Settings\Default User\Mes documents
2008-05-07 17:13:14 0 dr------- H:\Documents and Settings\Default User\Menu Démarrer
2008-05-07 17:13:14 0 dr-h----- H:\Documents and Settings\Default User\Local Settings
2008-05-07 17:13:14 0 d-------- H:\Documents and Settings\Default User\Favoris
2008-05-07 17:13:14 0 d---s---- H:\Documents and Settings\Default User\Cookies
2008-05-07 17:13:14 0 d-------- H:\Documents and Settings\Default User\Bureau
2008-05-07 17:13:14 0 d--h----- H:\Documents and Settings\All Users\Modèles
2008-05-07 17:13:14 0 dr------- H:\Documents and Settings\All Users\Menu Démarrer
2008-05-07 17:13:14 0 d-------- H:\Documents and Settings\All Users\Favoris
2008-05-07 17:13:14 0 dr------- H:\Documents and Settings\All Users\Documents
2008-05-07 17:13:14 0 d-------- H:\Documents and Settings\All Users\Bureau
2008-05-07 17:11:26 0 d-------- H:\WINDOWS\system32\CatRoot2
2008-05-07 17:11:26 0 d-------- H:\WINDOWS\system32\CatRoot
2008-05-07 17:11:21 0 dr-h----- H:\Documents and Settings\Default User\Application Data
2008-05-07 17:11:21 0 d---s---- H:\Documents and Settings\Default User\Application Data\Microsoft
2008-05-07 17:11:20 0 dr-h----- H:\Documents and Settings\All Users\Application Data
2008-05-07 17:11:20 0 d---s---- H:\Documents and Settings\All Users\Application Data\Microsoft
2008-05-07 17:10:58 0 d--hs---- H:\System Volume Information
2008-05-07 17:10:58 0 d-------- H:\Documents and Settings
2008-05-07 17:09:53 0 d-------- H:\Documents and Settings\Propriétaire\Contacts
2008-05-07 17:09:36 0 d-------- H:\Program Files\Windows Live Favorites
2008-05-07 17:09:18 0 d-------- H:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2008-05-07 17:09:12 0 d-------- H:\Program Files\Windows Live Toolbar
2008-05-07 17:08:57 0 d------c- H:\WINDOWS\system32\DRVSTORE
2008-05-07 17:04:39 0 d-------- H:\WINDOWS
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\WinSxS
2008-05-07 17:04:39 0 dr------- H:\WINDOWS\Web
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\twain_32
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\wins
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\wbem
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\usmt
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\spool
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\ShellExt
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\Setup
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\ras
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\oobe
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\npp
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\mui
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\inetsrv
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\IME
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\icsxml
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\ias
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\export
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\drivers
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\drivers\etc
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\drivers\disdn
2008-05-07 17:04:39 0 dr-hs--c- H:\WINDOWS\system32\dllcache
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\dhcp
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\config
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\3com_dmi
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\3076
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\2052
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\1054
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\1042
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\1041
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\1037
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\1036
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\1033
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\1031
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\1028
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system32\1025
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\system
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\security
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\Resources
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\repair
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\Provisioning
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\PeerNet
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\pchealth
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\mui
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\msapps
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\msagent
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\Media
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\java
2008-05-07 17:04:39 0 d--h----- H:\WINDOWS\inf
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\ime
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\Help
2008-05-07 17:04:39 0 dr--s---- H:\WINDOWS\Fonts
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\Driver Cache
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\Debug
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\Cursors
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\Connection Wizard
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\Config
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\AppPatch
2008-05-07 17:04:39 0 d-------- H:\WINDOWS\addins
2008-05-07 17:00:15 0 d-------- H:\Documents and Settings\Propriétaire\Application Data\WinRAR
2008-05-07 16:53:56 0 d-------- H:\Program Files\Steam
2008-05-07 16:44:01 0 d-------- H:\Program Files\Alwil Software
2008-05-07 16:43:26 0 d-------- H:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-05-07 16:39:41 0 d--hs---- H:\Documents and Settings\Propriétaire\UserData
2008-05-07 16:38:48 0 d-------- H:\Documents and Settings\Propriétaire\Application Data\Macromedia
2008-05-07 16:38:34 0 d-------- H:\WINDOWS\system32\PreInstall
2008-05-07 16:34:20 32768 --a------ H:\WINDOWS\system32\WooDial2000.dll <Not Verified; France Télécom R&D; Kit de Connexion et de Services>
2008-05-07 16:34:17 0 d-------- H:\WINDOWS\system32\AlertModule
2008-05-07 16:34:14 94208 --a------ H:\WINDOWS\system32\W32n50.dll <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
2008-05-07 16:34:14 16128 -----n--- H:\WINDOWS\system32\PCANDIS5.SYS <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
2008-05-07 16:34:10 36864 --a------ H:\WINDOWS\system32\IfHelper.dll <Not Verified; France Télécom R&D; IfHelper>
2008-05-07 16:34:10 40960 --a------ H:\WINDOWS\system32\FTRTSVC.exe <Not Verified; France Telecom; FTRTSVC NT Service>
2008-05-07 16:33:43 0 d-------- H:\Program Files\SAGEM
2008-05-07 16:33:38 0 d-------- H:\Program Files\Wanadoo
2008-05-07 16:33:13 0 d-------- H:\WINDOWS\system32\SoftwareDistribution
2008-05-07 15:18:56 327168 --a------ H:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2008-05-07 14:57:37 0 d-------- H:\Program Files\Kaspersky Lab
2008-05-07 14:56:27 0 d-------- H:\WINDOWS\OPTIONS
2008-05-07 14:56:22 0 d-------- H:\Documents and Settings\Propriétaire\Application Data\InstallShield
2008-05-07 14:47:01 0 d-------- H:\WINDOWS\system32\ReinstallBackups
2008-05-07 14:43:16 0 d-------- H:\Program Files\Securitoo
2008-05-07 14:38:19 0 d-------- H:\WINDOWS\system32\Lang
2008-05-07 14:37:08 49152 -r------- H:\WINDOWS\system32\ChCfg.exe
2008-05-07 14:37:05 0 d-------- H:\WINDOWS\system32\RTCOM
2008-05-07 14:36:19 0 d-------- H:\Program Files\Realtek
2008-05-07 14:36:18 0 d--h----- H:\Program Files\InstallShield Installation Information
2008-05-07 14:36:15 520192 -r------- H:\WINDOWS\RtlExUpd.dll <Not Verified; Realtek Semiconductor Corp.; RtlExUpd Dynamic Link Library>
2008-05-07 14:36:15 315392 --a------ H:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program>
2008-05-07 14:29:38 0 d-------- H:\WINDOWS\nview
2008-05-07 14:28:45 0 d-------- H:\Program Files\Fichiers communs\InstallShield
2008-05-07 14:24:39 0 d-------- H:\Documents and Settings\Propriétaire\Application Data\Identities
2008-05-07 14:24:27 0 d--h----- H:\Documents and Settings\Propriétaire\Voisinage réseau
2008-05-07 14:24:27 0 d--h----- H:\Documents and Settings\Propriétaire\Voisinage d'impression
2008-05-07 14:24:27 0 dr-h----- H:\Documents and Settings\Propriétaire\SendTo
2008-05-07 14:24:27 6815744 --ah----- H:\Documents and Settings\Propriétaire\NTUSER.DAT
2008-05-07 14:24:27 0 d--h----- H:\Documents and Settings\Propriétaire\Modèles
2008-05-07 14:24:27 0 dr------- H:\Documents and Settings\Propriétaire\Mes documents
2008-05-07 14:24:27 0 dr------- H:\Documents and Settings\Propriétaire\Menu Démarrer
2008-05-07 14:24:27 0 d--h----- H:\Documents and Settings\Propriétaire\Local Settings
2008-05-07 14:24:27 0 d-------- H:\Documents and Settings\Propriétaire\Favoris
2008-05-07 14:24:27 0 d--hs---- H:\Documents and Settings\Propriétaire\Cookies
2008-05-07 14:24:27 0 d-------- H:\Documents and Settings\Propriétaire\Bureau
2008-05-07 14:24:27 0 dr-h----- H:\Documents and Settings\Propriétaire\Application Data
2008-05-07 14:24:24 0 d-------- H:\WINDOWS\SoftwareDistribution
2008-05-07 14:24:22 0 d---s---- H:\WINDOWS\system32\Microsoft
2008-05-07 14:24:21 229376 --ah----- H:\Documents and Settings\LocalService\NTUSER.DAT
2008-05-07 14:24:21 0 d--h----- H:\Documents and Settings\LocalService\Local Settings
2008-05-07 14:24:21 0 d--hs---- H:\Documents and Settings\LocalService\Cookies
2008-05-07 14:24:21 0 d-------- H:\Documents and Settings\LocalService\Application Data
2008-05-07 14:24:21 0 d---s---- H:\Documents and Settings\LocalService\Application Data\Microsoft
2008-05-07 14:23:59 229376 --ah----- H:\Documents and Settings\NetworkService\NTUSER.DAT
2008-05-07 14:23:59 0 d--h----- H:\Documents and Settings\NetworkService\Local Settings
2008-05-07 14:23:59 0 d---s---- H:\Documents and Settings\NetworkService\Cookies
2008-05-07 14:23:59 0 d-------- H:\Documents and Settings\NetworkService\Application Data
2008-05-07 14:23:59 0 d---s---- H:\Documents and Settings\NetworkService\Application Data\Microsoft
2008-05-07 14:21:53 0 d-------- H:\WINDOWS\system32\xircom
2008-05-07 14:21:53 0 d-------- H:\Program Files\microsoft frontpage
2008-05-07 14:21:51 262144 --ah----- H:\Documents and Settings\Default User\NTUSER.DAT
2008-05-07 14:21:43 0 d--h----- H:\WINDOWS\$hf_mig$
2008-05-07 14:20:54 0 d--hs---- H:\Documents and Settings\All Users\DRM
2008-05-07 14:20:48 0 dr------- H:\WINDOWS\Offline Web Pages
2008-05-07 14:20:48 0 d---s---- H:\WINDOWS\Downloaded Program Files
2008-05-07 14:20:41 0 d--h----- H:\Program Files\WindowsUpdate
2008-05-07 14:20:38 0 d-------- H:\Program Files\Services en ligne
2008-05-07 14:20:27 0 d-------- H:\WINDOWS\system32\DirectX
2008-05-07 14:20:01 0 d---s---- H:\WINDOWS\Tasks
2008-05-07 14:20:00 0 d-------- H:\Program Files\Fichiers communs\MSSoap
2008-05-07 14:19:56 0 d-------- H:\WINDOWS\system32\Macromed
2008-05-07 14:19:56 0 d-------- H:\WINDOWS\srchasst
2008-05-07 14:19:48 0 d-------- H:\Program Files\Movie Maker
2008-05-07 14:19:42 0 d-------- H:\WINDOWS\system32\Restore
2008-05-07 14:19:28 21892 --a------ H:\WINDOWS\system32\emptyregdb.dat
2008-05-07 14:19:15 0 d-------- H:\WINDOWS\Registration
2008-05-07 14:18:56 0 d-------- H:\Program Files\Online Services
2008-05-07 14:18:52 0 d-------- H:\Program Files\Messenger
2008-05-07 14:18:49 0 d-------- H:\Program Files\MSN Gaming Zone
2008-05-07 14:18:18 0 d-------- H:\Program Files\Windows NT
2008-05-07 14:18:15 0 d-------- H:\WINDOWS\system32\MsDtc
2008-05-07 14:18:14 0 d-------- H:\WINDOWS\system32\Com
-- Find3M Report ---------------------------------------------------------------
2008-05-18 17:15:59 468490 --a------ H:\WINDOWS\system32\perfh00C.dat
2008-05-18 17:15:59 75506 --a------ H:\WINDOWS\system32\perfc00C.dat
2008-05-07 17:13:14 62 --ahs---- H:\Documents and Settings\Propriétaire\Application Data\desktop.ini
2008-05-02 22:46:00 1630208 --a------ H:\WINDOWS\system32\nwiz.exe
2008-05-02 22:46:00 1019904 --a------ H:\WINDOWS\system32\nvwimg.dll
2008-05-02 22:46:00 1703936 --a------ H:\WINDOWS\system32\nvwdmcpl.dll
2008-05-02 22:46:00 466944 --a------ H:\WINDOWS\system32\nvshell.dll
2008-05-02 22:46:00 1486848 --a------ H:\WINDOWS\system32\nview.dll
2008-05-02 22:46:00 1339392 --a------ H:\WINDOWS\system32\nvdspsch.exe
2008-05-02 22:46:00 442368 --a------ H:\WINDOWS\system32\nvappbar.exe
2008-05-02 22:46:00 425984 --a------ H:\WINDOWS\system32\keystone.exe
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{18CB1A7B-94CD-4582-8022-ADA16851E44B}]
27/03/2008 15:02 247296 --a------ H:\Program Files\LogicFunctions\LogicFunctions.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{613E416F-BCB6-43AD-B0FC-DF7B0D5A70BF}]
23/05/2008 23:31 29312 --a------ H:\WINDOWS\system32\ddcCTmlM.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [16/05/2008 01:19]
"WOOWATCH"="H:\PROGRA~1\Wanadoo\Watch.exe" [23/08/2004 14:49]
"WOOTASKBARICON"="H:\PROGRA~1\Wanadoo\GestMaj.exe" [14/10/2004 16:55]
"SunJavaUpdateSched"="H:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 04:25]
"RTHDCPL"="RTHDCPL.EXE" [10/05/2007 11:08 H:\WINDOWS\RTHDCPL.exe]
"nwiz"="nwiz.exe" [02/05/2008 22:46 H:\WINDOWS\system32\nwiz.exe]
"NvCplDaemon"="H:\WINDOWS\system32\NvCpl.dll" [02/05/2008 22:46]
"Adobe Reader Speed Launcher"="H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/01/2008 22:16]
"NvMediaCenter"="H:\WINDOWS\system32\NvMcTray.dll" [02/05/2008 22:46]
"LogitechCommunicationsManager"="H:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [25/10/2007 16:33]
"LVCOMSX"="H:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe" [09/03/2007 13:59]
"SsAAD.exe"="H:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [07/01/2006 02:36]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WOOKIT"="H:\PROGRA~1\Wanadoo\Shell.exe" [23/08/2004 14:50]
"swg"="H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [07/05/2008 20:12]
"CTFMON.EXE"="H:\WINDOWS\system32\ctfmon.exe" [14/04/2008 04:33]
"Steam"="H:\Program Files\Steam\Steam.exe" [07/05/2008 16:54]
"WinSpywareProtect (ver. 5.1)"="H:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\WinSpywareProtect.exe" []
H:\Documents and Settings\Propri‚taire\Menu D‚marrer\Programmes\D‚marrage\
AMD Power Monitor.lnk - H:\Program Files\AMD\AMD Power Monitor\AMD_PwrMon.exe [02/04/2008 15:08:58]
H:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
EVEREST Ultimate Edition.lnk - H:\Program Files\Lavalys\EVEREST Ultimate Edition\everest.exe [11/05/2008 17:41:22]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{613E416F-BCB6-43AD-B0FC-DF7B0D5A70BF}"= H:\WINDOWS\system32\ddcCTmlM.dll [23/05/2008 23:31 29312]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ddcCTmlM]
ddcCTmlM.dll 23/05/2008 23:31 29312 H:\WINDOWS\system32\ddcCTmlM.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
H:\WINDOWS\System32\dimsntfy.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
h:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll 09/01/2008 12:30 72208 h:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Lite"="H:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
"LDM"=H:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"LogitechQuickCamRibbon"="H:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
"SsAAD.exe"=H:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
napagent
hkmsvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cfba0480-1c32-11dd-9c25-de45132fdce9}]
AutoRun\command- K:\EmDesk.exe
EmDesk\command- K:\EmDesk.exe
*Newly Created Service* - EVERESTDRIVER
-- Hosts -----------------------------------------------------------------------
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
8520 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2008-05-25 17:57:45 ------------
|
|
|
|
|
Télécharge le programme R-Hosts de S!RI. Il va remettre ton fichier Hosts par défaut.
>>> http://siri.urz.free.fr/Softs/RHosts.exe
Double clique sur le programme pour le lancer puis clique sur Restaurer.
Valide la modification en appuyant sur OK.
Affiche les Fichiers cachés de XP >>> Pour afficher les fichiers cachés de XP
Télécharge ComboFix de sUBs sur ton Bureau et pas ailleurs
# Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.
# Double clique sur Combofix.exe et suis les instructions.
/!\ Laisse le travailler et ne l'interromps surtout pas /!\
Quand il aura fini, il va généré un log. Poste le rapport dans ta prochaine réponse avec un nouveau log Hijackthis.
Note :
# Ne pas cliquer dans la fenêtre de combofix durant le passage de l'outils.
# Le rapport se trouve également ici : C:\Combofix.txt
# N'oublie pas de réactiver tes protections !!!
|
|
|
|
|
Tout d'abord merci pour l'aide.
alors en 1ier ca sera le rapport de combofix et apres de Hijackthis
ComboFix 08-05-25.5 - Propriétaire 2008-05-26 21:18:55.3 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.2565 [GMT 2:00]
Endroit: H:\Documents and Settings\Propriétaire\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
((((((((((((((((((((((((((((( Fichiers créés 2008-04-26 to 2008-05-26 ))))))))))))))))))))))))))))))))))))
.
2008-05-25 17:54 . 2008-05-25 17:54 <REP> d-------- H:\Deckard
2008-05-24 17:30 . 2008-05-24 17:30 <REP> d-------- H:\Documents and Settings\Propriétaire\Application Data\Media Player Classic
2008-05-24 10:51 . 2008-05-24 10:51 <REP> d-------- H:\Program Files\LogicFunctions
2008-05-23 23:31 . 2008-05-23 23:31 29,312 --a------ H:\WINDOWS\system32\ddcCTmlM.dll
2008-05-23 23:30 . 2008-05-23 20:51 81,920 --a------ H:\WINDOWS\mdtgkswr.exe
2008-05-18 12:34 . 2008-05-18 12:34 <REP> d-------- H:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-05-18 00:07 . 2006-06-23 00:29 720,176 -ra------ H:\WINDOWS\system32\drivers\LV302AV.SYS
2008-05-18 00:07 . 2007-10-12 04:00 490,008 --a------ H:\WINDOWS\system32\LVUI2.dll
2008-05-18 00:07 . 2007-10-12 04:00 465,432 --a------ H:\WINDOWS\system32\LVUI2RC.dll
2008-05-18 00:07 . 2007-10-12 03:57 416,280 --a------ H:\WINDOWS\system32\lvcodec2.dll
2008-05-18 00:07 . 2006-06-23 00:29 116,272 -ra------ H:\WINDOWS\system32\lvcoinst.dll
2008-05-18 00:07 . 2007-10-12 03:11 59,500 --a------ H:\WINDOWS\system32\lvcoinst.ini
2008-05-18 00:07 . 2007-10-12 04:00 41,752 --a------ H:\WINDOWS\system32\drivers\LVUSBSta.sys
2008-05-18 00:07 . 2007-10-12 03:18 21,138 --a------ H:\WINDOWS\system32\Repository.reg
2008-05-18 00:07 . 2007-10-12 03:55 13,848 --a------ H:\WINDOWS\system32\drivers\lv302af.sys
2008-05-18 00:04 . 2008-05-18 00:04 118,784 -r------- H:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe
2008-05-17 17:02 . 2008-05-17 17:02 <REP> d-------- H:\WINDOWS\system32\Samsung_USB_Drivers
2008-05-17 17:02 . 2008-05-17 17:02 <REP> d-------- H:\WINDOWS\system32\Samsung PC Studio Codecs
2008-05-17 17:02 . 2008-05-17 17:02 <REP> d-------- H:\Program Files\Samsung
2008-05-17 17:02 . 2005-12-22 12:24 137,884 --a------ H:\WINDOWS\system32\drivers\sscdmdm.sys
2008-05-17 17:02 . 2005-12-22 12:24 80,272 --a------ H:\WINDOWS\system32\drivers\sscdbus.sys
2008-05-17 17:02 . 2005-12-22 12:24 11,877 --a------ H:\WINDOWS\system32\drivers\sscdcmnt.sys
2008-05-17 17:02 . 2005-12-22 12:24 11,877 --a------ H:\WINDOWS\system32\drivers\sscdcm.sys
2008-05-17 17:02 . 2005-12-22 12:24 11,188 --a------ H:\WINDOWS\system32\drivers\sscdwhnt.sys
2008-05-17 17:02 . 2005-12-22 12:24 11,188 --a------ H:\WINDOWS\system32\drivers\sscdwh.sys
2008-05-17 17:02 . 2005-12-22 12:24 10,864 --a------ H:\WINDOWS\system32\drivers\sscdmdfl.sys
2008-05-17 17:02 . 2005-08-28 20:51 766 --a------ H:\WINDOWS\system32\Uninstall.ico
2008-05-17 16:42 . 2008-05-17 16:42 <REP> d-------- H:\Documents and Settings\All Users\SonicStage
2008-05-17 16:33 . 2008-05-17 16:33 <REP> d-------- H:\Program Files\Sony Corporation
2008-05-17 16:33 . 2001-09-13 02:15 90,112 --------- H:\WINDOWS\snymsico.dll
2008-05-17 16:33 . 2002-08-08 15:51 38,951 --------- H:\WINDOWS\system32\drivers\NETMDUSB.sys
2008-05-17 16:33 . 2005-10-31 10:46 36,679 --------- H:\WINDOWS\system32\drivers\NETMD052.sys
2008-05-17 16:33 . 2003-11-10 12:31 36,232 --------- H:\WINDOWS\system32\drivers\NETMD033.sys
2008-05-17 16:33 . 2003-04-01 18:55 35,319 --------- H:\WINDOWS\system32\drivers\NETMD031.sys
2008-05-17 16:33 . 2001-08-31 15:07 27,255 --------- H:\WINDOWS\system32\drivers\NWWMUSB.sys
2008-05-17 16:33 . 2002-09-11 10:20 11,510 --------- H:\WINDOWS\system32\drivers\VMCUSB.sys
2008-05-17 16:32 . 2008-05-17 16:32 <REP> d-------- H:\Documents and Settings\All Users\Application Data\Sony Corporation
2008-05-17 16:31 . 2008-05-17 16:33 <REP> d-------- H:\Program Files\Sony
2008-05-17 16:31 . 2008-05-17 16:33 <REP> d-------- H:\Program Files\Fichiers communs\Sony Shared
2008-05-17 16:31 . 2008-05-17 16:42 <REP> d-------- H:\Documents and Settings\Propriétaire\Application Data\Sony Corporation
2008-05-16 15:31 . 2008-05-16 15:31 268 --ah----- H:\sqmdata06.sqm
2008-05-16 15:31 . 2008-05-16 15:31 244 --ah----- H:\sqmnoopt06.sqm
2008-05-15 21:45 . 2008-05-15 21:45 <REP> d-------- H:\WINDOWS\nvidia icons
2008-05-15 21:45 . 2008-05-15 21:52 <REP> d-------- H:\WINDOWS\NV3760132.TMP
2008-05-15 21:27 . 2008-05-24 14:55 <REP> d-------- H:\Program Files\ma-config.com
2008-05-15 21:27 . 2008-05-24 14:55 <REP> d-------- H:\Documents and Settings\All Users\Application Data\ma-config.com
2008-05-14 23:43 . 2008-05-14 23:52 23 --a------ H:\WINDOWS\popcinfot.dat
2008-05-13 14:40 . 2008-05-13 18:40 8 --a------ H:\WINDOWS\system32\nvModes.dat
2008-05-13 14:38 . 2008-05-13 14:43 <REP> d-------- H:\Documents and Settings\All Users\Application Data\nView_Profiles
2008-05-13 13:53 . 2008-05-13 13:53 <REP> d-------- H:\Documents and Settings\All Users\Application Data\NVIDIA
2008-05-12 18:22 . 2008-05-12 18:22 69 --a------ H:\WINDOWS\NeroDigital.ini
2008-05-11 18:06 . 2008-05-11 18:06 <REP> d-------- H:\Program Files\Fichiers communs\Adobe
2008-05-11 17:58 . 2008-05-15 21:34 <REP> d-------- H:\Program Files\SpeedFan
2008-05-11 17:58 . 2008-05-11 17:58 45 --a------ H:\WINDOWS\system32\initdebug.nfo
2008-05-11 17:36 . 2008-05-11 17:36 108,144 --a------ H:\WINDOWS\system32\CmdLineExt.dll
2008-05-11 17:29 . 2008-05-11 17:29 <REP> d-------- H:\WINDOWS\Downloaded Installations
2008-05-11 17:24 . 2008-05-11 17:24 <REP> d-------- H:\Documents and Settings\Propriétaire\Application Data\Nero
2008-05-11 17:24 . 2008-05-12 18:44 <REP> d-------- H:\Documents and Settings\All Users\Application Data\Nero
2008-05-11 12:34 . 2008-05-11 12:34 <REP> d--h----- H:\WINDOWS\PIF
2008-05-09 17:37 . 2007-07-19 18:14 3,727,720 --a------ H:\WINDOWS\system32\d3dx9_35.dll
2008-05-09 17:37 . 2007-07-19 18:14 1,358,192 --a------ H:\WINDOWS\system32\D3DCompiler_35.dll
2008-05-09 17:37 . 2008-05-09 17:37 669,184 --a------ H:\WINDOWS\system32\pbsvc.exe
2008-05-09 17:37 . 2007-07-19 18:14 444,776 --a------ H:\WINDOWS\system32\d3dx10_35.dll
2008-05-09 17:18 . 2008-05-09 17:18 <REP> d-------- H:\Program Files\DAEMON Tools Lite
2008-05-09 17:16 . 2008-05-09 17:16 <REP> d-------- H:\Documents and Settings\Propriétaire\Application Data\DAEMON Tools
2008-05-09 17:16 . 2008-05-09 17:16 717,296 --a------ H:\WINDOWS\system32\drivers\sptd.sys
2008-05-09 16:01 . 2008-04-14 04:33 21,504 --a------ H:\WINDOWS\system32\hidserv.dll
2008-05-09 16:01 . 2008-04-14 04:33 21,504 --a--c--- H:\WINDOWS\system32\dllcache\hidserv.dll
2008-05-09 16:01 . 2008-04-14 04:05 14,720 --a------ H:\WINDOWS\system32\drivers\kbdhid.sys
2008-05-09 16:01 . 2008-04-14 04:05 14,720 --a--c--- H:\WINDOWS\system32\dllcache\kbdhid.sys
2008-05-09 00:20 . 2008-05-09 00:20 <REP> d-------- H:\Documents and Settings\Propriétaire\.AMD Power Monitor Settings
2008-05-09 00:20 . 2008-05-09 00:20 <REP> d-------- H:\Documents and Settings\Propriétaire\.AMD Power Monitor Settings
2008-05-09 00:08 . 2008-05-09 00:08 <REP> d-------- H:\Program Files\BarreConfCMCIC
2008-05-08 23:40 . 2008-05-08 23:40 23,600 --a------ H:\WINDOWS\system32\drivers\TVICHW32.SYS
2008-05-08 23:14 . 2006-07-01 22:42 43,520 --a------ H:\WINDOWS\system32\drivers\AmdK8.sys
2008-05-08 23:11 . 2008-05-11 17:29 <REP> d-------- H:\Program Files\AMD
2008-05-08 23:11 . 2007-06-29 14:47 34,304 --a------ H:\WINDOWS\system32\drivers\AmdLLD.sys
2008-05-08 17:43 . 2008-05-08 17:43 268 --ah----- H:\sqmdata05.sqm
2008-05-08 17:43 . 2008-05-08 17:43 244 --ah----- H:\sqmnoopt05.sqm
2008-05-08 17:27 . 2008-05-08 21:59 <REP> d-------- H:\Documents and Settings\Propriétaire\Application Data\OpenOffice.org2
2008-05-08 16:48 . 2008-05-08 16:54 329 --a------ H:\WINDOWS\CoDUO.INI
2008-05-08 16:21 . 2008-05-08 16:29 745 --a------ H:\WINDOWS\CoD.INI
2008-05-08 16:18 . 2004-08-12 11:06 188,416 --a------ H:\WINDOWS\system32\eax.dll
2008-05-08 15:29 . 2008-05-08 15:29 <REP> d-------- H:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-05-08 15:29 . 2008-05-10 02:37 354,560 --a------ H:\WINDOWS\system32\TuneUpDefragService.exe
2008-05-08 15:29 . 2008-04-04 14:51 28,416 --a------ H:\WINDOWS\system32\uxtuneup.dll
2008-05-08 15:17 . 2008-05-08 15:17 671 --a------ H:\WINDOWS\eReg.dat
2008-05-08 15:07 . 2007-05-16 16:45 3,497,832 --a------ H:\WINDOWS\system32\d3dx9_34.dll
2008-05-08 15:07 . 2007-03-12 16:42 3,495,784 --a------ H:\WINDOWS\system32\d3dx9_33.dll
2008-05-08 15:07 . 2007-05-16 16:45 1,124,720 --a------ H:\WINDOWS\system32\D3DCompiler_34.dll
2008-05-08 15:07 . 2007-03-12 16:42 1,123,696 --a------ H:\WINDOWS\system32\D3DCompiler_33.dll
2008-05-08 15:07 . 2007-05-16 16:45 443,752 --a------ H:\WINDOWS\system32\d3dx10_34.dll
2008-05-08 15:07 . 2007-03-15 16:57 443,752 --a------ H:\WINDOWS\system32\d3dx10_33.dll
2008-05-08 15:07 . 2007-05-31 19:30 266,088 --a------ H:\WINDOWS\system32\xactengine2_8.dll
2008-05-08 15:07 . 2007-04-04 18:55 261,480 --a------ H:\WINDOWS\system32\xactengine2_7.dll
2008-05-08 15:07 . 2007-04-04 18:53 81,768 --a------ H:\WINDOWS\system32\xinput1_3.dll
2008-05-08 15:07 . 2007-05-31 19:29 18,280 --a------ H:\WINDOWS\system32\x3daudio1_2.dll
2008-05-08 15:06 . 2008-05-09 17:38 22,328 --a------ H:\Documents and Settings\Propriétaire\Application Data\PnkBstrK.sys
2008-05-08 15:05 . 2008-05-09 17:37 103,736 --a------ H:\WINDOWS\system32\PnkBstrB.exe
2008-05-08 15:05 . 2008-05-09 17:37 66,872 --a------ H:\WINDOWS\system32\PnkBstrA.exe
2008-05-08 15:05 . 2008-05-09 00:34 277 --a------ H:\WINDOWS\game.ini
2008-05-08 14:50 . 2008-05-08 14:50 <REP> d--hs---- H:\WINDOWS\ftpcache
2008-05-08 14:28 . 2007-07-30 19:19 271,224 --a------ H:\WINDOWS\system32\mucltui.dll
2008-05-08 14:28 . 2007-07-30 19:18 30,072 --a------ H:\WINDOWS\system32\mucltui.dll.mui
2008-05-08 13:50 . 2008-05-08 13:52 <REP> d-------- H:\WINDOWS\NV34683504.TMP
2008-05-08 13:50 . 2008-05-02 22:46 182,347 --a------ H:\WINDOWS\system32\nvapps.nvb
2008-05-08 12:36 . 2008-05-08 18:12 <REP> d-------- H:\Program Files\CyberMUT
2008-05-08 05:34 . 2008-05-08 05:34 <REP> d-------- H:\Program Files\Windows Live
2008-05-08 05:34 . 2008-05-08 05:36 <REP> d--hsc--- H:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-05-08 05:33 . 2008-05-08 05:33 <REP> d-------- H:\Documents and Settings\All Users\Application Data\WLInstaller
2008-05-08 05:32 . 2008-05-08 05:32 268 --ah----- H:\sqmdata04.sqm
2008-05-08 05:32 . 2008-05-08 05:32 244 --ah----- H:\sqmnoopt04.sqm
2008-05-07 20:26 . 2008-05-07 20:26 552 --a------ H:\WINDOWS\system32\d3d8caps.dat
2008-05-07 20:22 . 2008-05-07 20:22 <REP> d-------- H:\Program Files\Windows Media Connect 2
2008-05-07 20:22 . 2008-04-14 04:33 221,184 --a------ H:\WINDOWS\system32\wmpns.dll
2008-05-07 20:21 . 2008-05-08 15:05 <REP> d-------- H:\WINDOWS\system32\LogFiles
2008-05-07 20:21 . 2008-05-07 20:22 <REP> | | |
