Se connecter / S'enregistrer
Votre question

pc tres lent infections

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
7 Avril 2008 13:15:58

Bonjour je suis parti 4 mois a l etrange mon pere a utilise mon pc un acer aspire9810 qui fonctionnait tres bien et tres vitte
je rentre il est infecte par des virus que j ai enleve mais il est tres long au demarrage et a la fermeture. j ai fait un combofix en mode administrateur rapport joint puis un rapport avec hijakthis.et cest encore pire
je repart dans 8 jours. merci de m aider.

ComboFix 08-04-06.1 - geant 2008-04-07 12:30:18.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.437 [GMT 2:00]
Endroit: C:\Users\geant\Desktop\ComboFix.exe
* Création d'un nouveau point de restauration
.

((((((((((((((((((((((((((((( Fichiers créés 2008-03-07 to 2008-04-07 ))))))))))))))))))))))))))))))))))))
.

2008-04-07 11:47 . 2008-04-07 11:48 <REP> d-------- C:\Program Files\CCleaner
2008-04-07 11:30 . 2008-04-07 11:30 <REP> d-------- C:\Program Files\Trend Micro
2008-04-07 10:56 . 2008-04-07 11:01 3,552 --a------ C:\Windows\System32\tmp.reg
2008-04-07 10:55 . 2007-09-05 23:22 289,144 --a------ C:\Windows\System32\VCCLSID.exe
2008-04-07 10:55 . 2006-04-27 16:49 288,417 --a------ C:\Windows\System32\SrchSTS.exe
2008-04-07 10:55 . 2008-03-28 23:19 86,528 --a------ C:\Windows\System32\VACFix.exe
2008-04-07 10:55 . 2008-03-26 08:50 82,432 --a------ C:\Windows\System32\IEDFix.exe
2008-04-07 10:55 . 2003-06-05 20:13 53,248 --a------ C:\Windows\System32\Process.exe
2008-04-07 10:55 . 2004-07-31 17:50 51,200 --a------ C:\Windows\System32\dumphive.exe
2008-04-07 10:55 . 2007-10-03 23:36 25,600 --a------ C:\Windows\System32\WS2Fix.exe
2008-04-07 10:12 . 2008-04-07 10:12 <REP> d-------- C:\Users\geant\AppData\Roaming\Grisoft
2008-04-07 10:11 . 2007-05-30 14:10 10,872 --a------ C:\Windows\System32\drivers\AvgAsCln.sys
2008-04-06 18:07 . 2008-04-06 18:07 <REP> d-------- C:\Users\geant\{b505ef9f-9770-46e1-9d70-a0ab44b3c45a}
2008-04-06 18:05 . 2008-04-06 18:05 <REP> d-------- C:\Program Files\Sony Ericsson
2008-04-06 13:09 . 2008-04-06 13:09 <REP> d-------- C:\Program Files\Intuwave Ltd
2008-04-06 12:52 . 2008-04-06 12:52 <REP> d-------- C:\Users\geant\{91c30563-33f1-442d-8f37-173999049790}
2008-04-06 12:25 . 2008-04-06 12:25 <REP> d-------- C:\Users\All Users\BVRP Software
2008-04-06 12:25 . 2008-04-06 12:25 <REP> d-------- C:\PROGRA~2\BVRP Software
2008-04-06 12:17 . 2008-04-06 13:08 <REP> d-------- C:\Users\All Users\Sony Ericsson
2008-04-06 12:17 . 2008-04-06 13:08 <REP> d-------- C:\PROGRA~2\Sony Ericsson
2008-04-06 12:10 . 2008-04-06 12:10 <REP> dr------- C:\Windows\System32\config\systemprofile\Videos
2008-04-06 12:10 . 2008-04-06 12:10 <REP> dr------- C:\Windows\System32\config\systemprofile\Searches
2008-04-06 12:10 . 2008-04-06 12:10 <REP> dr------- C:\Windows\System32\config\systemprofile\Saved Games
2008-04-06 12:10 . 2008-04-06 12:10 <REP> dr------- C:\Windows\System32\config\systemprofile\Pictures
2008-04-06 12:10 . 2008-04-06 12:10 <REP> dr------- C:\Windows\System32\config\systemprofile\Music
2008-04-06 12:10 . 2008-04-06 12:10 <REP> dr------- C:\Windows\System32\config\systemprofile\Links
2008-04-06 12:10 . 2008-04-06 12:10 <REP> dr------- C:\Windows\System32\config\systemprofile\Downloads
2008-04-06 12:10 . 2008-04-06 12:10 <REP> dr------- C:\Windows\System32\config\systemprofile\Documents
2008-04-05 15:48 . 2008-04-05 15:48 <REP> d-------- C:\Users\All Users\Real
2008-04-05 15:48 . 2008-04-05 15:48 <REP> d-------- C:\Program Files\K-Lite Codec Pack
2008-04-05 15:48 . 2007-11-29 23:30 3,596,288 --a------ C:\Windows\System32\qt-dx331.dll
2008-04-05 15:42 . 2008-04-05 15:42 <REP> d-------- C:\Program Files\Common Files\Java
2008-04-05 11:45 . 2008-04-05 11:45 <REP> d-------- C:\Program Files\uTorrent
2008-04-05 11:44 . 2008-04-06 17:20 <REP> d-------- C:\Users\geant\AppData\Roaming\uTorrent
2008-04-05 09:42 . 2008-04-05 09:42 <REP> d-------- C:\Users\All Users\Kaspersky Lab Setup Files
2008-04-05 09:42 . 2008-04-05 09:42 <REP> d-------- C:\PROGRA~2\Kaspersky Lab Setup Files
2008-04-05 09:31 . 2008-04-05 09:31 250 --a------ C:\Windows\gmer.ini
2008-03-24 19:50 . 2008-03-24 19:50 0 --ah----- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-03-22 13:03 . 2008-03-22 12:37 152,576 --a------ C:\Windows\System32\SPWizUI.dll
2008-03-22 13:03 . 2008-03-22 12:37 47,560 --a------ C:\Windows\System32\SPReview.exe
2008-03-22 12:47 . 2008-01-19 00:33 599,552 --a------ C:\Windows\System32\vsp1cln.exe
2008-03-22 12:47 . 2008-01-19 00:33 193,024 --a------ C:\Windows\System32\recdisc.exe
2008-03-22 12:47 . 2008-01-19 00:36 6,656 --a------ C:\Windows\System32\sdspres.dll
2008-03-22 12:44 . 2008-01-19 00:34 6,103,040 --a------ C:\Windows\System32\chtbrkr.dll
2008-03-22 12:39 . 2008-01-19 00:33 44,032 --a------ C:\Windows\System32\cbsra.exe
2008-03-22 12:17 . 2008-04-06 23:08 98,304 --a------ C:\Windows\SPInstall.etl
2008-03-15 18:51 . 2008-03-15 18:51 <REP> d-------- C:\Users\geant\AppData\Roaming\Malwarebytes

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-07 10:12 0 ----a-w C:\Windows\system32\drivers\lvuvc.hs
2008-04-07 10:02 --------- d-----w C:\Program Files\Common Files\Logitech
2008-04-07 09:53 --------- d-----w C:\PROGRA~2\Microsoft Help
2008-04-07 09:40 --------- d-----w C:\Program Files\MSBuild
2008-04-07 08:52 20,065 ----a-w C:\Users\geant\AppData\Roaming\nvModes.dat
2008-04-06 16:10 --------- d-----w C:\Program Files\epson
2008-04-06 15:57 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-06 12:49 --------- d-----w C:\PROGRA~2\Google Updater
2008-04-05 13:44 --------- d-----w C:\Program Files\Java
2008-04-05 09:34 --------- d-----w C:\Users\geant\AppData\Roaming\Teleca
2008-04-05 09:34 --------- d-----w C:\Program Files\Common Files\Teleca Shared
2008-04-05 08:28 319,984 ----a-w C:\Windows\DIFxAPI.dll
2008-04-05 06:53 --------- d-----w C:\PROGRA~2\Ulead Systems
2008-04-04 22:24 --------- d-----w C:\PROGRA~2\RapidSolution
2008-04-04 22:22 --------- d-----w C:\Program Files\Neuf
2008-04-04 22:12 --------- d---a-w C:\PROGRA~2\TEMP
2008-04-04 22:10 --------- d-----w C:\PROGRA~2\Spybot - Search & Destroy
2008-04-04 17:27 --------- d-----w C:\Program Files\QuickTime
2008-04-04 17:27 --------- d-----w C:\PROGRA~2\Apple Computer
2008-04-04 17:24 --------- d-----w C:\Users\geant\AppData\Roaming\SUPERAntiSpyware.com
2008-04-04 17:14 --------- d-----w C:\Users\geant\AppData\Roaming\ICQ
2008-04-03 14:58 --------- d-----w C:\Users\geant\AppData\Roaming\SolidDocuments
2008-03-22 11:49 174 --sha-w C:\Program Files\desktop.ini
2008-03-22 11:30 --------- d-----w C:\Program Files\Windows Sidebar
2008-03-22 11:30 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-03-22 11:30 --------- d-----w C:\Program Files\Windows Mail
2008-03-22 11:30 --------- d-----w C:\Program Files\Windows Journal
2008-03-22 11:30 --------- d-----w C:\Program Files\Windows Defender
2008-03-22 11:30 --------- d-----w C:\Program Files\Windows Collaboration
2008-03-22 11:30 --------- d-----w C:\Program Files\Windows Calendar
2008-03-22 11:11 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-03-22 11:11 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-03-04 10:33 7,680 ----a-w C:\Windows\System32\ff_vfw.dll
2008-03-04 03:53 78,336 ----a-w C:\Windows\System32\ieencode.dll
2008-03-04 03:52 830,464 ----a-w C:\Windows\System32\wininet.dll
2008-03-04 03:52 47,616 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-03-04 03:52 41,984 ----a-w C:\Windows\System32\licmgr10.dll
2008-03-04 03:52 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-03-04 03:52 20,480 ----a-w C:\Windows\System32\PDMSetup.exe
2008-03-04 03:52 17,920 ----a-w C:\Windows\System32\corpol.dll
2008-03-04 03:52 142,848 ----a-w C:\Windows\System32\IESetting.dll
2008-03-04 03:52 13,824 ----a-w C:\Windows\System32\SetIEInstalledDate.exe
2008-03-04 03:52 13,824 ----a-w C:\Windows\System32\SetDepNx.exe
2008-03-04 03:51 69,120 ----a-w C:\Windows\System32\iesetup.dll
2008-03-04 03:51 69,120 ----a-w C:\Windows\System32\admparse.dll
2008-03-04 03:51 66,560 ----a-w C:\Windows\System32\wextract.exe
2008-03-04 03:51 168,448 ----a-w C:\Windows\System32\iexpress.exe
2008-03-04 03:50 48,128 ----a-w C:\Windows\System32\mshtmler.dll
2008-03-04 03:50 45,568 ----a-w C:\Windows\System32\mshta.exe
2008-03-04 03:50 36,352 ----a-w C:\Windows\System32\imgutil.dll
2008-03-02 21:58 --------- d-----w C:\Program Files\IncrediMail
2008-02-28 17:53 --------- d-----w C:\PROGRA~2\IM
2008-02-28 17:52 --------- d-----w C:\PROGRA~2\IncrediMail
2008-02-19 17:56 --------- d-----w C:\PROGRA~2\Grisoft
2008-02-15 17:47 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-02-14 21:27 --------- d-----w C:\Users\geant\AppData\Roaming\Camfrog
2008-02-14 12:43 6,656 ----a-w C:\Windows\System32\kbd106n.dll
2008-02-09 14:50 --------- d-----w C:\PROGRA~2\SUPERAntiSpyware.com
2008-02-07 21:41 --------- d-----w C:\Program Files\Common Files\Adobe
2008-01-18 22:44 986,680 ----a-w C:\Windows\System32\winload.exe
2008-01-18 22:44 926,776 ----a-w C:\Windows\System32\winresume.exe
2008-01-18 22:43 614,968 ----a-w C:\Windows\System32\ci.dll
2008-01-18 22:43 376,376 ----a-w C:\Windows\System32\mcupdate_GenuineIntel.dll
2008-01-18 22:43 3,600,440 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-01-18 22:43 3,548,728 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-01-18 22:43 247,352 ----a-w C:\Windows\System32\clfs.sys
2008-01-18 22:42 94,776 ----a-w C:\Windows\System32\MigAutoPlay.exe
2008-01-18 22:42 51,768 ----a-w C:\Windows\System32\PSHED.DLL
2008-01-18 22:42 177,208 ----a-w C:\Windows\System32\halmacpi.dll
2008-01-18 22:42 141,880 ----a-w C:\Windows\System32\halacpi.dll
2008-01-18 22:41 24,120 ----a-w C:\Windows\System32\BOOTVID.DLL
2008-01-18 22:41 21,560 ----a-w C:\Windows\System32\kdusb.dll
2008-01-18 22:41 19,512 ----a-w C:\Windows\System32\kdcom.dll
2008-01-18 22:38 46,080 ----a-w C:\Windows\System32\NAPCRYPT.DLL
2008-01-18 22:38 4,595,712 ----a-w C:\Windows\System32\AuthFWSnapin.dll
2008-01-18 22:38 242,744 ----a-w C:\Windows\System32\rsaenh.dll
2008-01-18 22:38 155,704 ----a-w C:\Windows\System32\dssenh.dll
2008-01-18 22:38 131,640 ----a-w C:\Windows\System32\basecsp.dll
2008-01-18 22:38 103,936 ----a-w C:\Windows\System32\NAPHLPR.DLL
2008-01-18 22:38 1,203,792 ----a-w C:\Windows\System32\ntdll.dll
2008-01-18 22:36 99,840 ----a-w C:\Windows\System32\ulib.dll
2008-01-18 22:35 98,304 ----a-w C:\Windows\System32\mssitlb.dll
2008-01-18 22:34 98,816 ----a-w C:\Windows\System32\mfps.dll
2008-01-18 22:33 98,304 ----a-w C:\Windows\System32\makecab.exe
2008-01-18 22:32 258,048 ----a-w C:\Windows\System32\winspool.drv
2008-01-18 22:32 21,504 ----a-w C:\Windows\System32\msacm32.drv
2008-01-18 22:32 166,912 ----a-w C:\Windows\System32\wdmaud.drv
2008-01-18 22:32 1,370,624 ----a-w C:\Windows\System32\Aurora.scr
2008-01-18 22:31 7,680 ----a-w C:\Windows\System32\spwizres.dll
2008-01-18 22:31 57,856 ----a-w C:\Windows\System32\nlsbres.dll
2008-01-18 22:31 118,272 ----a-w C:\Windows\System32\RDPENCDD.dll
2008-01-18 22:30 17,920 ----a-w C:\Windows\System32\netevent.dll
2008-01-18 22:29 705,536 ----a-w C:\Windows\System32\imagesp1.dll
2008-01-18 22:29 58,880 ----a-w C:\Windows\System32\msobjs.dll
2008-01-18 22:28 7,168 ----a-w C:\Windows\System32\f3ahvoas.dll
2008-01-18 22:26 36,864 ----a-w C:\Windows\System32\cdd.dll
2008-01-18 21:06 8,147,456 ----a-w C:\Windows\System32\wmploc.DLL
2008-01-18 21:01 14,336 ----a-w C:\Windows\System32\tsddd.dll
2008-01-18 21:01 134,656 ----a-w C:\Windows\System32\rdpdd.dll
2008-01-18 20:52 56,320 ----a-w C:\Windows\System32\vga256.dll
2007-12-05 17:16 259 ----a-w C:\Program Files\internet explorer\plugins\IEImageRR.dll
2007-10-25 17:00 88 --sh--r C:\Windows\System32\CBF497FD55.sys
2007-10-25 17:00 2,828 --sha-w C:\Windows\System32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 00:33 125952]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-22 08:59 68856]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-05-16 12:58 213936]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 00:33 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-05-16 12:58 213936]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-09-29 13:39 151552]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 17:33 563984]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 17:37 2178832]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 09:12 1029416]
"RtHDVCpl"="RtHDVCpl.exe" [2006-12-01 07:37 4186112 C:\Windows\RtHDVCpl.exe]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2006-12-07 14:25 90191]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2006-12-07 14:25 7766016]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2006-12-07 14:25 81920]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSVideo8"= VfWWDM32.dll
"msacm.l3codec"= l3codeca.acm
"vidc.wmv3"= wmv9vcm.dll
"msacm.scg726"= scg726.acm
"msacm.alf2cd"= alf2cd.acm
"vidc.dvsd"= mcdvd_32.dll
"VIDC.JPEG"= JpegCode.dll
"VIDC.MJPG"= JpegCode.dll
"MSVideo"= vfwwdm32.dll
"msacm.divxa32"= divxa32.acm
"vidc.tscc"= tsccvid.dll
"VIDC.I420"= lvcodec2.dll
"VIDC.YV12"= yv12vfw.dll
"msacm.ac3acm"= ac3acm.acm
"msacm.lameacm"= lameACM.acm
"msacm.l3codecp"=

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1543196083-2777753726-1373234775-1000]
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{D31BDFFB-C018-4D52-A331-EC132CEEDAA5}"= UDP:C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite
"{47D02D45-A599-4DA7-8587-D0B108E4B0EC}"= TCP:C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite
"{1E3F24C5-40C6-4144-AF0F-0D1E513002F5}"= UDP:C:\Program Files\Acer Arcade Deluxe\TV Joy\TVEService.exe:CyberLink TVEnhance Resident Program
"{91278EE3-5397-428C-A721-71A3B664A9E7}"= TCP:C:\Program Files\Acer Arcade Deluxe\TV Joy\TVEService.exe:CyberLink TVEnhance Resident Program
"{8B775254-B51F-4429-822C-068958CF0A4A}"= UDP:C:\Program Files\DAP\DAP.exe:D ownload Accelerator Plus (DAP)
"{17CA473E-1185-4024-AF9E-0FE1A56996FC}"= TCP:C:\Program Files\DAP\DAP.exe:D ownload Accelerator Plus (DAP)
"TCP Query User{9F07C17A-E73D-432B-AFDB-328CBC5ACDAF}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus
"UDP Query User{F0A5D464-6C54-4814-BA0C-08B84B91CA01}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus
"{EA301E45-D45D-40F4-BDEF-EC494BDD3B36}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{F693FC91-5132-4162-B0B6-98033814221B}"= UDP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{35F9E302-DC82-4A2E-8BFA-E8CA34599FE0}"= TCP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{1D4F03D2-8CFC-4D82-A5B9-4916189BA7FA}"= UDP:C:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{E2D745ED-BEFC-4C71-B518-D83EC83FC396}"= TCP:C:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"TCP Query User{E97AE9BB-402E-415F-A330-18B6254A1936}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus
"UDP Query User{ACD3D9B4-111B-4C11-8BBB-F5E4B661A0A8}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus
"TCP Query User{6360D8D2-DC7C-413B-9169-4D451592F6F7}C:\\program files\\logitech\\desktop messenger\\8876480\\program\\logitechdesktopmessenger.exe"= UDP:C:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe:Logitech Desktop Messenger
"UDP Query User{937F12AB-6605-40A2-8C70-F3EF7B02CA1D}C:\\program files\\logitech\\desktop messenger\\8876480\\program\\logitechdesktopmessenger.exe"= TCP:C:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe:Logitech Desktop Messenger
"TCP Query User{2E1777DE-8364-4B24-9353-CA306DF76634}C:\\program files\\lci\\lci integrale\\consoles.lci.exe"= UDP:C:\program files\lci\lci integrale\consoles.lci.exe:Consoles.Lci
"UDP Query User{23A83AFA-1E1F-441F-AB78-4AB4FF10E780}C:\\program files\\lci\\lci integrale\\consoles.lci.exe"= TCP:C:\program files\lci\lci integrale\consoles.lci.exe:Consoles.Lci
"{FC5849DA-1EA7-4C07-BD98-E18C36BDA3DF}"= UDP:4662:TCP
"{36142C3D-F41C-4CAC-B65E-64280A8DAD3F}"= TCP:4672:UDP
"TCP Query User{78E89C52-9146-4E2D-9EB2-D1A5BC5C6297}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{EA402A1B-7663-4394-AA88-BBF651516384}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"{E35F977F-0F17-4D87-B968-C96E2F52E151}"= UDP:C:\Program Files\Alwil Software\Avast4\ashAvast.exe:avast! Antivirus
"{68B2CECF-A6BB-4FFA-BB1E-99C08EA36D45}"= TCP:C:\Program Files\Alwil Software\Avast4\ashAvast.exe:avast! Antivirus
"TCP Query User{21716BF2-F936-4772-A9FF-5FC0FF4438AC}C:\\program files\\yahoo!\\messenger\\yahoomessenger.exe"= UDP:C:\program files\yahoo!\messenger\yahoomessenger.exe:Yahoo! Messenger
"UDP Query User{E1CF2F71-6576-4B79-8AAD-92DBB5ED8300}C:\\program files\\yahoo!\\messenger\\yahoomessenger.exe"= TCP:C:\program files\yahoo!\messenger\yahoomessenger.exe:Yahoo! Messenger
"TCP Query User{E99C377F-8C5C-46A1-B5A8-7F059A7BC6B3}C:\\program files\\webmediaplayer\\webmediaplayer.exe"= UDP:C:\program files\webmediaplayer\webmediaplayer.exe:WebMediaPlayer
"UDP Query User{34186FA1-A3B0-49BC-A422-0C78AEDADAB9}C:\\program files\\webmediaplayer\\webmediaplayer.exe"= TCP:C:\program files\webmediaplayer\webmediaplayer.exe:WebMediaPlayer
"TCP Query User{73A6A474-D03F-4563-8B38-0B49755296AD}C:\\program files\\dap\\dap.exe"= UDP:C:\program files\dap\dap.exe:D ownload Accelerator Plus (DAP)
"UDP Query User{A46C00E5-C970-45AD-AB40-9F1DAD06CA8B}C:\\program files\\dap\\dap.exe"= TCP:C:\program files\dap\dap.exe:D ownload Accelerator Plus (DAP)
"TCP Query User{6ECBECF3-B3E4-4B08-B8CE-07F107E7BA65}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{6EDE4919-F250-4587-A843-AED4320CBAB7}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"{C8BD4039-35AD-4D63-819F-889FDEB11244}"= UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{F2839C3A-98CA-4269-B06E-39BF98892CFD}"= TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"TCP Query User{B681B776-8CAE-4D28-8836-088BA954D710}C:\\program files\\itunes\\itunes.exe"= UDP:C:\program files\itunes\itunes.exe:iTunes
"UDP Query User{4511719B-F32A-4235-8097-09005CDC2A00}C:\\program files\\itunes\\itunes.exe"= TCP:C:\program files\itunes\itunes.exe:iTunes
"TCP Query User{83BF4F6D-E1DC-45C2-9667-EAA43AACC58D}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{1C912E1D-6FB6-46F5-9097-8174DE13AC51}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"{C929666A-19FB-42DE-B42C-31A506766A01}"= UDP:14583:emule3
"{5B39DDBF-3C02-4F0E-8155-CAAAB3AD6D40}"= TCP:25889:emule4
"TCP Query User{76F358BE-7428-4FCE-9CF6-DF837B5D56F3}C:\\program files\\intervideo\\dvd8\\windvd.exe"= UDP:C:\program files\intervideo\dvd8\windvd.exe:WinDVD
"UDP Query User{9406E933-1F4D-4CC6-8F56-44CD096FE9A4}C:\\program files\\intervideo\\dvd8\\windvd.exe"= TCP:C:\program files\intervideo\dvd8\windvd.exe:WinDVD
"TCP Query User{F9F1D5DA-A2EB-4CD1-869B-60D30AC3C21A}C:\\program files\\tightvnc\\winvnc.exe"= UDP:C:\program files\tightvnc\winvnc.exe:TightVNC Win32 Server
"UDP Query User{59721481-AF48-465E-BAE6-ED2BC9D838FA}C:\\program files\\tightvnc\\winvnc.exe"= TCP:C:\program files\tightvnc\winvnc.exe:TightVNC Win32 Server
"TCP Query User{40BD9F73-2D5F-4B06-B20B-23EEAA6FFD6C}C:\\program files\\bitdownload\\bitdownload.exe"= UDP:C:\program files\bitdownload\bitdownload.exe:Torrent P2P application
"UDP Query User{8E9C48CB-9CDA-43A8-BF73-AB72A7A3B4DA}C:\\program files\\bitdownload\\bitdownload.exe"= TCP:C:\program files\bitdownload\bitdownload.exe:Torrent P2P application
"TCP Query User{30112E22-D7E5-4FEB-9060-452F1864B54A}C:\\program files\\tightvnc\\winvnc.exe"= UDP:C:\program files\tightvnc\winvnc.exe:TightVNC Win32 Server
"UDP Query User{F7E5A53F-3499-4982-B817-C2661B51A220}C:\\program files\\tightvnc\\winvnc.exe"= TCP:C:\program files\tightvnc\winvnc.exe:TightVNC Win32 Server
"TCP Query User{F86F8A3D-EA95-4DF2-BEAF-57A020184CB3}C:\\program files\\icq6\\icq.exe"= UDP:C:\program files\icq6\icq.exe:ICQ Library
"UDP Query User{A6EE89A5-DDE5-4702-A3EB-BB64DB235A90}C:\\program files\\icq6\\icq.exe"= TCP:C:\program files\icq6\icq.exe:ICQ Library
"TCP Query User{DC478942-102A-4FCA-A2CD-BA90146E9602}C:\\program files\\camfrog\\camfrog server\\camfrogserver.exe"= UDP:C:\program files\camfrog\camfrog server\camfrogserver.exe:CamfrogServer
"UDP Query User{B9DE6878-56B0-4CFA-8E0E-9F388233F21F}C:\\program files\\camfrog\\camfrog server\\camfrogserver.exe"= TCP:C:\program files\camfrog\camfrog server\camfrogserver.exe:CamfrogServer
"{0733E08A-52AF-48F8-9211-1CAF2209FA08}"= UDP:C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe:VideoAccelerator
"{1BEBE207-C7DC-4676-A7B5-E31088BF197C}"= TCP:C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe:VideoAccelerator
"{65FB593C-D3BA-44E0-AD81-49D9BD2B8B8C}"= UDP:C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe:VideoAcceleratorService
"{09D94D4A-17DB-4A1A-82EC-A1C59A5201D5}"= TCP:C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe:VideoAcceleratorService
"{76CFE2D8-3592-4F90-A4A9-80ED4125AAFF}"= UDP:C:\Program Files\Winamp Remote\bin\Orb.exe:o rb
"{BCAE154D-1BFA-4C25-ABD0-400F3BE49910}"= TCP:C:\Program Files\Winamp Remote\bin\Orb.exe:o rb
"{CD9CD3D9-4B28-4BB7-9D4B-8D9B31B47D70}"= UDP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:o rbTray
"{CD4267B2-E310-4E49-A8AF-0DADFB276484}"= TCP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:o rbTray
"{29BF5465-7473-4B9D-9CAE-C188A176EA80}"= UDP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:o rbIR
"{E1AAEAE9-4953-4063-B16B-13893BC343C4}"= TCP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:o rbIR
"{098F387C-D544-45A6-8896-6F596797BB8D}"= UDP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:o rb Stream Client
"{83441CCF-2360-4ABA-A740-090B47387338}"= TCP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:o rb Stream Client
"{A61808B7-5EF5-4F1C-AE23-A83025812EDA}"= UDP:C:\Program Files\iolo\System Mechanic Professional 7\Personal Firewall\ioloFW.exe:iolo Firewall®
"{CB523EB6-80F0-4B72-8B1D-83088C50E0AE}"= TCP:C:\Program Files\iolo\System Mechanic Professional 7\Personal Firewall\ioloFW.exe:iolo Firewall®
"{26BFC7C4-714F-46E9-AA2C-A4954996D714}"= UDP:C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\ioloAV.exe:iolo AntiVirus®
"{1A1D0B79-2EAB-489D-9A27-080BDE0F881B}"= TCP:C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\ioloAV.exe:iolo AntiVirus®
"{34AE1486-0572-4E6E-BA43-36AAC895FDBC}"= UDP:C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\iAVEmailScanner.exe:iolo AntiVirus® Email Protection
"{08CC493D-CB82-41AB-9176-CE6166B5C154}"= TCP:C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\iAVEmailScanner.exe:iolo AntiVirus® Email Protection
"{B43677A3-D7B6-43F5-936A-7AA617FE62E1}"= UDP:C:\Program Files\BitTorrent_DNA\dna.exe:BitTorrent DNA
"{6269435A-FD35-4F00-A48A-50BCED476A1C}"= TCP:C:\Program Files\BitTorrent_DNA\dna.exe:BitTorrent DNA
"{01AC85DD-480F-4EF0-B9BA-AB48543D3776}"= UDP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
"{99EA7B64-DA6D-4489-9FAF-B95A64D10D45}"= TCP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
"{AFC4902D-819B-4274-9A1F-19A41DD705AF}"= UDP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{BAB875D9-7D73-4550-B082-95429BCF2448}"= TCP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{CDE504E3-7A38-435C-828B-CB4F328090E3}"= UDP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{7005540A-9B82-4E5C-8EE3-F49E397BBCB5}"= TCP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{4423359E-CAA1-484F-B581-720BBE4EB7A2}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent
"{8737FF58-1AB4-47AC-A4C5-45FF0013A5EB}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent
"TCP Query User{900426EB-5AFF-4D0D-9082-A0273D806907}C:\\program files\\internet explorer\\plugins\\cxsrrs.exe"= UDP:C:\program files\internet explorer\plugins\cxsrrs.exe:cxsrrs
"UDP Query User{916B2DB3-8E21-40EE-A998-EFB0877DDC19}C:\\program files\\internet explorer\\plugins\\cxsrrs.exe"= TCP:C:\program files\internet explorer\plugins\cxsrrs.exe:cxsrrs
"TCP Query User{FE45C847-B470-40CA-AA8B-673C8CE11B57}C:\\program files\\nokia\\nokia software updater\\nsu_ui_client.exe"= UDP:C:\program files\nokia\nokia software updater\nsu_ui_client.exe:Nokia Software Updater
"UDP Query User{B929BA9E-8BA1-4703-AC4A-E7E3C085B679}C:\\program files\\nokia\\nokia software updater\\nsu_ui_client.exe"= TCP:C:\program files\nokia\nokia software updater\nsu_ui_client.exe:Nokia Software Updater
"TCP Query User{74B521A1-4764-49C4-A553-B4299E5FE5DF}C:\\program files\\common files\\nokia\\service layer\\a\\nsl_host_process.exe"= UDP:C:\program files\common files\nokia\service layer\a\nsl_host_process.exe:Nokia Service Layer Host Process
"UDP Query User{0128AB83-2D09-420E-BA22-B158B8BAA56B}C:\\program files\\common files\\nokia\\service layer\\a\\nsl_host_process.exe"= TCP:C:\program files\common files\nokia\service layer\a\nsl_host_process.exe:Nokia Service Layer Host Process
"TCP Query User{ECF5AA71-A7F7-4606-846B-7BF3C401C811}C:\\program files\\camfrog\\camfrog video chat\\camfrog video chat.exe"= UDP:C:\program files\camfrog\camfrog video chat\camfrog video chat.exe:Camfrog Client Module
"UDP Query User{F25382D6-DFC3-4A92-B83C-FC76B0FFB711}C:\\program files\\camfrog\\camfrog video chat\\camfrog video chat.exe"= TCP:C:\program files\camfrog\camfrog video chat\camfrog video chat.exe:Camfrog Client Module
"{B798B8F8-C0AD-459D-B9CE-A6EE146B7282}"= UDP:58317:p ando P2P TCP Listening Port
"{C506C8B0-E828-474F-921F-CF79FCBCE53E}"= TCP:58317:p ando P2P UDP Listening Port
"TCP Query User{88346CC1-F05C-4F73-B326-5F3992E19D78}C:\\program files\\pando networks\\pando\\pando.exe"= UDP:C:\program files\pando networks\pando\pando.exe:p ando
"UDP Query User{1A3C57EA-A699-468B-B853-1B096ED1FCC8}C:\\program files\\pando networks\\pando\\pando.exe"= TCP:C:\program files\pando networks\pando\pando.exe:p ando
"TCP Query User{4605C8DA-67D5-4B1E-808F-B62E45DEFB55}C:\\program files\\skype\\phone\\skype.exe"= Disabled:UDP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{02F545F8-F7DF-46A7-9C54-F27B93389EC7}C:\\program files\\skype\\phone\\skype.exe"= Disabled:TCP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"{B0AD2205-E54F-471A-93EC-01B92F98F4C4}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\ImpCnt.exe:IncrediMail
"{707E4251-7899-4179-821D-79D49F66E290}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\ImpCnt.exe:IncrediMail
"{A359A2A2-4EA2-4774-A93E-5BA57DB69142}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\IncMail.exe:IncrediMail
"{7F57E969-01AA-4CF3-AFF7-2EBA9F165C90}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\IncMail.exe:IncrediMail
"{1140E23A-CD19-4839-A2D2-4925CB74E7BF}"= Disabled:UDP:C:\Program Files\IncrediMail\bin\ImApp.exe:IncrediMail
"{957D130C-A794-40FA-9D2A-2DFEBB308F3F}"= Disabled:TCP:C:\Program Files\IncrediMail\bin\ImApp.exe:IncrediMail
"TCP Query User{C7011A93-071A-42A3-928F-3B991EDF9557}C:\\programdata\\kaspersky lab setup files\\kaspersky anti-virus 7.0.1.325\\english\\setup.exe"= UDP:C:\programdata\kaspersky lab setup files\kaspersky anti-virus 7.0.1.325\english\setup.exe:Kaspersky Anti-Virus 7.0 Setup
"UDP Query User{4C07A785-36ED-427E-9563-1DD1AA713C1E}C:\\programdata\\kaspersky lab setup files\\kaspersky anti-virus 7.0.1.325\\english\\setup.exe"= TCP:C:\programdata\kaspersky lab setup files\kaspersky anti-virus 7.0.1.325\english\setup.exe:Kaspersky Anti-Virus 7.0 Setup
"TCP Query User{B35E2D96-6795-467F-8D2E-8EC2B4BE592E}C:\\program files\\intuwave ltd\\shared\\mrouterruntime\\mrouterruntime.exe"= UDP:C:\program files\intuwave ltd\shared\mrouterruntime\mrouterruntime.exe:mRouterRuntime
"UDP Query User{11DF55EA-B2DE-4B86-BA4D-DD40E0097C16}C:\\program files\\intuwave ltd\\shared\\mrouterruntime\\mrouterruntime.exe"= TCP:C:\program files\intuwave ltd\shared\mrouterruntime\mrouterruntime.exe:mRouterRuntime

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
"DoNotAllowExceptions"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Acer\\Empowering Technology\\eDataSecurity\\eDSfsu.exe"= C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu
"C:\\Acer\\Empowering Technology\\eDataSecurity\\encryption.exe"= C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption
"C:\\Acer\\Empowering Technology\\eDataSecurity\\decryption.exe"= C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:D ecryption
"C:\\Program Files\\BitTorrent\\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
"C:\\Program Files\\Internet Explorer\\PLUGINS\\cxsrrs.exe"= C:\Program Files\Internet Explorer\PLUGINS\cxsrrs.exe:*:Enabled:IE updater
"c:\\msiupdat.exe"= c:\msiupdat.exe:*:Enabled:utorrent7

R0 PSDFilter;PSDFilter;C:\Windows\system32\DRIVERS\psdfilter.sys [2006-11-10 16:10]
R0 PSDNServ;PSDNSERVER;C:\Windows\system32\drivers\PSDNServ.sys [2006-11-10 16:21]
R0 psdvdisk;psdvdisk;C:\Windows\system32\drivers\psdvdisk.sys [2006-11-08 17:11]
R1 ElRawDisk;ElRawDisk;C:\Windows\system32\drivers\elrawdsk.sys [2007-09-20 14:12]
R2 eNet Service;eNet Service;C:\Acer\Empowering Technology\eNet\eNet Service.exe [2006-11-20 22:43]
R2 eSettingsService;eSettings Service;C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2006-11-13 01:13]
R2 MobilityService;MobilityService;C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 13:57]
R2 TVECapSvc;TVEnhance Background Capture Service (TBCS);"C:\Program Files\Acer Arcade Deluxe\TV Joy\Kernel\TV\TVECapSvc.exe" [2006-11-28 03:00]
R2 TVESched;TVEnhance Task Scheduler (TTS));"C:\Program Files\Acer Arcade Deluxe\TV Joy\Kernel\TV\TVESched.exe" [2006-11-28 03:00]
R2 WMIService;ePower Service;C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2006-12-01 11:34]
R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-04 11:39]
R3 AVer3xEn;AVerMedia SAA713x BDA Encoder Service;C:\Windows\system32\DRIVERS\AVer3xEn.sys [2006-11-14 10:24]
R3 lv321av;Logitech USB PC Camera (VC0321);C:\Windows\system32\DRIVERS\lv321av.sys [2006-11-07 22:19]
R3 SMSCIRDA;SMSC Infrared Device Driver;C:\Windows\system32\DRIVERS\SMSCirda.sys [2007-04-25 13:32]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 09:51]
S3 WSVD;WSVD;C:\Windows\system32\drivers\WSVD.sys [2006-09-19 17:47]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{06a79eab-f8c3-11db-b555-000000000000}]
\shell\AutoRun\command - F:\SETUP.EXE
\shell\configure\command - F:\SETUP.EXE
\shell\install\command - F:\SETUP.EXE


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7C800000-ECBD-15CF-3B95-00AA005B3383}]
C:\Program Files\Internet Explorer\PLUGINS\cxsrrs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{F4A96AB1-07E2-E578-7C1A-4B6C149787F8}]
C:\Windows\system32:svchost.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-07 12:41:50
Windows 6.0.6001 Service Pack 1 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------

PROCESS: C:\Windows\Explorer.exe
-> ?:\Windows\system32\bcrypt.dll
.
Temps d'accomplissement: 2008-04-07 12:46:21
ComboFix-quarantined-files.txt 2008-04-07 10:45:47
Pre-Run: 32,145,707,008 octets libres
Post-Run: 30,748,139,520 octets libres
.
2008-04-06 07:59:30 --- E O F ---

*******************************************************

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:14:44, on 07/04/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.17184)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Windows\Explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - (no file)
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - (no file)
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Browser Adjust - {44627E97-789B-40d4-B5C2-58BD171129A1} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (file missing)
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: bw+0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logishrd\SrvLnch\SrvLnch.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TVEnhance Background Capture Service (TBCS) (TVECapSvc) - Unknown owner - C:\Program Files\Acer Arcade Deluxe\TV Joy\Kernel\TV\TVECapSvc.exe
O23 - Service: TVEnhance Task Scheduler (TTS)) (TVESched) - Unknown owner - C:\Program Files\Acer Arcade Deluxe\TV Joy\Kernel\TV\TVESched.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 20123 bytes

Autres pages sur : tres lent infections

a b 8 Sécurité
7 Avril 2008 14:02:59

Bonjour,

Pourquoi tu penses à une infection ?
7 Avril 2008 14:15:39

oui peut etre pas une infection mais si tu peu m aider a lui faire retrouver sa vitesse d origine. Mon pere m a dis qu il avait installer la mise a jour vista sp1 mais quand je suis rentre il n y avait plus ma carte nvidia installe un virus qui affichait des pub toute les deux minutes et avec cclean j ai vu dans les programmes de demarrage un programme ecrit en chinois sans descriptif j ai enleve tout de suite l entree.
Mais mon pc met 10 minuttes pour demarer et 10 minuttes pour s arreter de plus souvent il me dit que je n ai pas asser d autorite pour executer certaine chose alors que je suis l administrateur. c est un pc que j ai achete 1490 euros chez geant casino mais qui etait en demo depuis le debut j ai toujour 2 fenetre au demarrage acer puis denouveau acer. j aimerait retrouver un pc sain et rapide comme au debut. de plus geant casino ne mon pas donner de disques et je n ai jamais fait de sauvegarde ni de formatage mais tous les programme sont achete et pas cracke.
Contenus similaires
a b 8 Sécurité
7 Avril 2008 14:25:10

Tu as toujours des pubs intempestives ?

Télécharge Gmer.
Dézippe le dans un dossier ou sur ton bureau.

Déconnecte toi d'Internet puis et ferme tous les programmes.
Double-clique sur Gmer.exe.

IMPORTANT: Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.

Clique sur l'onglet rootkit.
A droite, coche Files et Services.
Clique maintenant sur Scan.

Lorsque le scan est terminé, clique sur Copy.

Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
Le rapport doit alors apparaître.
Enregistre le fichier sur ton bureau et copie/colle le contenu ici.
7 Avril 2008 16:53:14

merci de t occuper de mon probleme, j ai fait comme tu ma dis mais gmer ne trouve rien. par contre j ai edite un rapport complet avec DSS je n ai plus de pub mais mon pc qui etait un avion de chasse est devenu une tortue

Deckard's System Scanner v20071014.68
Run by geant on 2008-04-07 14:37:10
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 5 Restore Point(s) --
15: 2008-04-07 10:29:40 UTC - RP1315 - ComboFix created restore point
14: 2008-04-07 10:02:38 UTC - RP1314 - Supprimé Microsoft Office Visio Professional 2007
13: 2008-04-07 10:02:19 UTC - RP1313 - Removed KhalSetup
12: 2008-04-07 10:01:35 UTC - RP1312 - Removed UMVPLStandalone
11: 2008-04-07 09:59:51 UTC - RP1311 - Removed MSVC80_x86


-- First Restore Point --
1: 2008-04-06 18:50:03 UTC - RP1300 - Point de contrôle planifié


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 1022 MiB (1024 MiB recommended).


-- HijackThis (run as geant.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:45:56, on 07/04/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.17184)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Windows\Explorer.exe
C:\Users\geant\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\geant.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - (no file)
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - (no file)
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Browser Adjust - {44627E97-789B-40d4-B5C2-58BD171129A1} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: bw+0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {E4FC7F6A-3FCB-4013-B09A-FAB73491D601} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logishrd\SrvLnch\SrvLnch.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TVEnhance Background Capture Service (TBCS) (TVECapSvc) - Unknown owner - C:\Program Files\Acer Arcade Deluxe\TV Joy\Kernel\TV\TVECapSvc.exe
O23 - Service: TVEnhance Task Scheduler (TTS)) (TVESched) - Unknown owner - C:\Program Files\Acer Arcade Deluxe\TV Joy\Kernel\TV\TVESched.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 19968 bytes

-- File Associations -----------------------------------------------------------

.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.js - unable to read key
.js - unable to read key
.txt - unable to read key
.txt - unable to read key


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 PSDFilter - c:\windows\system32\drivers\psdfilter.sys <Not Verified; HiTRUST; >
R0 PSDNServ (PSDNSERVER) - c:\windows\system32\drivers\psdnserv.sys <Not Verified; HiTRUST; >
R0 psdvdisk - c:\windows\system32\drivers\psdvdisk.sys <Not Verified; HiTRUST; >
R0 UBHelper - c:\windows\system32\drivers\ubhelper.sys
R1 ElRawDisk - \??\c:\windows\system32\drivers\elrawdsk.sys
R1 StarOpen - c:\windows\system32\drivers\staropen.sys
R2 int15 - \??\c:\acer\empowering technology\erecovery\int15.sys
R2 mdmxsdk - c:\windows\system32\drivers\mdmxsdk.sys <Not Verified; Conexant; Diagnostic Interface x86 Driver>
R2 XAudio - c:\windows\system32\drivers\xaudio.sys <Not Verified; Conexant Systems, Inc.; SoftK56 Modem Driver>
R3 NTIDrvr (Upper Class Filter Driver) - c:\windows\system32\drivers\ntidrvr.sys <Not Verified; NewTech Infosystems, Inc.; >

S3 HSXHWAZL - c:\windows\system32\drivers\hsxhwazl.sys <Not Verified; Conexant Systems, Inc.; SoftK56 Modem Driver>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 eLockService (eLock Service) - c:\acer\empowering technology\elock\service\elockserv.exe <Not Verified; Acer Inc.; Acer eLock Management>
R2 eNet Service - c:\acer\empowering technology\enet\enet service.exe <Not Verified; Acer Inc.; Acer eNet Management>
R2 eRecoveryService (eRecovery Service) - c:\acer\empowering technology\erecovery\erecoveryservice.exe <Not Verified; Acer Inc.; eRecoveryService>
R2 eSettingsService (eSettings Service) - c:\acer\empowering technology\esettings\service\capuserv.exe <Not Verified; ; Service>
R2 MobilityService - c:\acer\mobility center\mobilityservice.exe -p
R2 RichVideo (Cyberlink RichVideo Service(CRVS)) - "c:\program files\cyberlink\shared files\richvideo.exe" <Not Verified; ; RichVideo Module>
R2 TVECapSvc (TVEnhance Background Capture Service (TBCS)) - "c:\program files\acer arcade deluxe\tv joy\kernel\tv\tvecapsvc.exe" <Not Verified; ; CLCapSvc Module>
R2 TVESched (TVEnhance Task Scheduler (TTS))) - "c:\program files\acer arcade deluxe\tv joy\kernel\tv\tvesched.exe" <Not Verified; ; CLSched Module>
R2 WMIService (ePower Service) - c:\acer\empowering technology\epower\epowersvc.exe <Not Verified; acer; Acer ePower Management>
R2 XAudioService - c:\windows\system32\drivers\xaudio.exe <Not Verified; Conexant Systems, Inc.; SoftK56 Modem Driver>

S2 OutpostFirewall (Outpost Firewall Service) -


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-04-07 10:10:05 422 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{2A54B557-CB92-4C23-B413-94EFE868D582}.job
2008-04-05 13:18:14 376 --a------ C:\Windows\Tasks\1-Click Maintenance.job


-- Files created between 2008-03-07 and 2008-04-07 -----------------------------

2008-04-07 12:46:32 53248 --a------ C:\Windows\PSEXESVC.EXE <Not Verified; Sysinternals; Sysinternals PsExec>
2008-04-07 11:47:55 0 d-------- C:\Program Files\CCleaner
2008-04-07 11:30:59 0 d-------- C:\Program Files\Trend Micro
2008-04-07 10:56:39 3552 --a------ C:\Windows\system32\tmp.reg
2008-04-07 10:55:50 25600 --a------ C:\Windows\system32\WS2Fix.exe
2008-04-07 10:55:50 289144 --a------ C:\Windows\system32\VCCLSID.exe <Not Verified; S!Ri; >
2008-04-07 10:55:50 86528 --a------ C:\Windows\system32\VACFix.exe <Not Verified; S!Ri.URZ; VACFix>
2008-04-07 10:55:50 288417 --a------ C:\Windows\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2008-04-07 10:55:50 53248 --a------ C:\Windows\system32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility>
2008-04-07 10:55:50 82432 --a------ C:\Windows\system32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-04-07 10:55:50 51200 --a------ C:\Windows\system32\dumphive.exe
2008-04-06 18:05:15 0 d-------- C:\Program Files\Sony Ericsson
2008-04-06 13:09:33 0 d-------- C:\Program Files\Intuwave Ltd
2008-04-06 13:01:35 294912 --a------ C:\Windows\system32\msxbse35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-04-06 13:01:35 166672 --a------ C:\Windows\system32\mstext35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-04-06 13:01:35 262144 --a------ C:\Windows\system32\msrd2x35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-04-06 13:01:35 250128 --a------ C:\Windows\system32\mspdox35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-04-06 13:01:35 168720 --a------ C:\Windows\system32\msltus35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-04-06 13:01:35 344064 --a------ C:\Windows\system32\msexch35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-04-06 13:01:34 368912 --a------ C:\Windows\system32\VBAR332.DLL <Not Verified; Microsoft Corporation; Microsoft Visual Basic for Applications>
2008-04-06 13:01:34 1238288 --a------ C:\Windows\system32\msjt4jlt.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-04-06 13:01:34 1050896 --a------ C:\Windows\system32\msjet35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-04-06 13:01:34 252688 --a------ C:\Windows\system32\msexcl35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-04-06 13:01:33 44304 --a------ C:\Windows\system32\msrpfs35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-04-06 13:01:33 415504 --a------ C:\Windows\system32\msrepl35.dll <Not Verified; Microsoft Corporation; Microsoft® Access>
2008-04-06 13:01:33 24848 --a------ C:\Windows\system32\msjter35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-04-06 13:01:33 123664 --a------ C:\Windows\system32\msjint35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-04-06 13:01:33 39424 --a------ C:\Windows\system32\JETCOMP.exe <Not Verified; Microsoft Corporation; Microsoft® Database Compact Utility>
2008-04-06 12:25:37 0 d-------- C:\Users\All Users\BVRP Software
2008-04-06 12:17:44 0 d-------- C:\Users\All Users\Sony Ericsson
2008-04-05 15:48:34 164352 --a------ C:\Windows\system32\unrar.dll
2008-04-05 15:48:30 217088 --a------ C:\Windows\system32\yv12vfw.dll <Not Verified; www.helixcommunity.org; Helix YV12 YUV Codec>
2008-04-05 15:48:30 159839 --a------ C:\Windows\system32\xvidvfw.dll
2008-04-05 15:48:30 755027 --a------ C:\Windows\system32\xvidcore.dll
2008-04-05 15:48:29 3596288 --a------ C:\Windows\system32\qt-dx331.dll
2008-04-05 15:48:29 81920 --a------ C:\Windows\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-04-05 15:48:29 682496 --a------ C:\Windows\system32\divx.dll <Not Verified; DivX, Inc.; DivX®>
2008-04-05 15:48:27 7680 --a------ C:\Windows\system32\ff_vfw.dll
2008-04-05 15:48:24 0 d-------- C:\Users\All Users\Real
2008-04-05 15:48:24 0 d-------- C:\Program Files\K-Lite Codec Pack
2008-04-05 15:42:58 0 d-------- C:\Program Files\Common Files\Java
2008-04-05 11:45:07 0 d-------- C:\Program Files\uTorrent
2008-04-05 09:42:18 0 d-------- C:\Users\All Users\Kaspersky Lab Setup Files
2008-04-04 17:14:16 68096 --a------ C:\Windows\zip.exe
2008-04-04 17:14:16 49152 --a------ C:\Windows\VFind.exe
2008-04-04 17:14:16 212480 --a------ C:\Windows\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-04-04 17:14:16 136704 --a------ C:\Windows\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-04-04 17:14:16 161792 --a------ C:\Windows\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-04-04 17:14:16 98816 --a------ C:\Windows\sed.exe
2008-04-04 17:14:16 80412 --a------ C:\Windows\grep.exe
2008-04-04 17:14:16 73728 --a------ C:\Windows\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-03-22 13:03:46 152576 --a------ C:\Windows\system32\SPWizUI.dll <Not Verified; Microsoft Corporation; Système d'exploitation Microsoft® Windows®>


-- Find3M Report ---------------------------------------------------------------

2008-04-07 12:18:04 672334 --a------ C:\Windows\system32\perfh00C.dat
2008-04-07 12:18:04 124434 --a------ C:\Windows\system32\perfc00C.dat
2008-04-07 12:15:01 20065 --a------ C:\Users\geant\AppData\Roaming\nvModes.001
2008-04-07 12:02:26 0 d-------- C:\Program Files\Common Files\Logitech
2008-04-07 11:40:07 0 d-------- C:\Program Files\MSBuild
2008-04-07 10:52:59 20065 --a------ C:\Users\geant\AppData\Roaming\nvModes.dat
2008-04-07 10:12:03 0 d-------- C:\Users\geant\AppData\Roaming\Grisoft
2008-04-06 18:10:10 0 d-------- C:\Program Files\epson
2008-04-06 18:00:28 0 d-------- C:\Program Files\Common Files
2008-04-06 17:57:15 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-04-06 17:20:48 0 d-------- C:\Users\geant\AppData\Roaming\uTorrent
2008-04-06 02:09:27 0 d-------- C:\Users\geant\AppData\Roaming\Real
2008-04-05 15:44:57 0 d-------- C:\Program Files\Java
2008-04-05 11:34:43 0 d-------- C:\Users\geant\AppData\Roaming\Teleca
2008-04-05 11:34:20 0 d-------- C:\Program Files\Common Files\Teleca Shared
2008-04-05 00:22:01 0 d-------- C:\Program Files\Neuf
2008-04-04 19:28:01 2560 --a------ C:\Windows\_MSRSTRT.EXE
2008-04-04 19:27:21 0 d-------- C:\Program Files\QuickTime
2008-04-04 19:24:52 0 d-------- C:\Users\geant\AppData\Roaming\SUPERAntiSpyware.com
2008-04-04 19:14:32 0 d-------- C:\Users\geant\AppData\Roaming\ICQ
2008-04-03 16:58:35 0 d-------- C:\Users\geant\AppData\Roaming\SolidDocuments
2008-03-22 13:49:18 174 --ahs---- C:\Program Files\desktop.ini
2008-03-22 13:30:39 0 d-------- C:\Program Files\Windows Calendar
2008-03-22 13:30:38 0 d-------- C:\Program Files\Windows Sidebar
2008-03-22 13:30:37 0 d-------- C:\Program Files\Movie Maker
2008-03-22 13:30:35 0 d-------- C:\Program Files\Windows Mail
2008-03-22 13:30:32 0 d-------- C:\Program Files\Windows Collaboration
2008-03-22 13:30:30 0 d-------- C:\Program Files\Windows Journal
2008-03-22 13:30:28 0 d-------- C:\Program Files\Windows Photo Gallery
2008-03-22 13:30:13 0 d-------- C:\Program Files\Windows Defender
2008-03-15 18:51:31 0 d-------- C:\Users\geant\AppData\Roaming\Malwarebytes
2008-03-02 23:58:53 0 d-------- C:\Program Files\IncrediMail
2008-02-15 19:47:01 0 d-------- C:\Program Files\Microsoft Silverlight
2008-02-14 23:27:58 0 d-------- C:\Users\geant\AppData\Roaming\Camfrog
2008-02-07 23:41:32 0 d-------- C:\Program Files\Common Files\Adobe


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [16/05/2006 12:58]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [29/09/2006 13:39]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [25/10/2007 17:33]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [25/10/2007 17:37]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/01/2008 23:16]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [06/12/2007 09:12]
"RtHDVCpl"="RtHDVCpl.exe" [01/12/2006 07:37 C:\Windows\RtHDVCpl.exe]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [07/12/2006 14:25]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [07/12/2006 14:25]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [07/12/2006 14:25]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 04:25]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [11/06/2007 11:25]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [19/01/2008 00:33]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [22/05/2007 08:59]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [16/05/2006 12:58]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [19/01/2008 00:33]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
"EnableUIADesktopToggle"=0 (0x0)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=1 (0x1)
"HideStartupScripts"=0 (0x0)
"DisableRegistryTools"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=1 (0x1)
"HideStartupScripts"=0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE Mcx2Svc WebClient SstpSvc
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{06a79eab-f8c3-11db-b555-000000000000}]
AutoRun\command- F:\SETUP.EXE
configure\command- F:\SETUP.EXE
install\command- F:\SETUP.EXE


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7C800000-ECBD-15CF-3B95-00AA005B3383}]
C:\Program Files\Internet Explorer\PLUGINS\cxsrrs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{F4A96AB1-07E2-E578-7C1A-4B6C149787F8}]
C:\Windows\system32:svchost.exe



-- Hosts -----------------------------------------------------------------------

127.0.0.1 .supercocklol.com
127.0.0.1 www..webloyalty.com
127.0.0.1 007guard.com
127.0.0.1 www.007guard.com
127.0.0.1 008i.com
127.0.0.1 008k.com
127.0.0.1 www.008k.com
127.0.0.1 00hq.com
127.0.0.1 www.00hq.com
127.0.0.1 010402.com

8116 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2008-04-07 15:28:41 ------------

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft® Windows Vista™ Édition Familiale Premium (build 6001) SP 1.0
Architecture: X86; Language: French

CPU 0: Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz
Percentage of Memory in Use: 48%
Physical Memory (total/avail): 1021.44 MiB / 525.1 MiB
Pagefile Memory (total/avail): 3626.62 MiB / 2737.42 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1893.55 MiB

C: is Fixed (NTFS) - 51.65 GiB total, 28.12 GiB free.
D: is Fixed (NTFS) - 51.36 GiB total, 31.81 GiB free.
E: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - ST9120821AS - 111.79 GiB - 3 partitions
\PARTITION0 - Unknown - 8.79 GiB
\PARTITION1 (bootable) - MS-DOS V4 Huge - 51.65 GiB - C:
\PARTITION2 - Système de fichiers installable - 51.36 GiB - D:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

AS: AVG Anti-Spyware v7, 5, 1, 43 (GRISOFT s.r.o.) Outdated
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation) Disabled

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Acer\\Empowering Technology\\eDataSecurity\\eDSfsu.exe"="C:\\Acer\\Empowering Technology\\eDataSecurity\\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\\Acer\\Empowering Technology\\eDataSecurity\\encryption.exe"="C:\\Acer\\Empowering Technology\\eDataSecurity\\encryption.exe:*:Enabled:encryption"
"C:\\Acer\\Empowering Technology\\eDataSecurity\\decryption.exe"="C:\\Acer\\Empowering Technology\\eDataSecurity\\decryption.exe:*:Enabled:D ecryption"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\Internet Explorer\\PLUGINS\\cxsrrs.exe"="C:\\Program Files\\Internet Explorer\\PLUGINS\\cxsrrs.exe:*:Enabled:IE updater"
"c:\\msiupdat.exe"="c:\\msiupdat.exe:*:Enabled:utorrent7"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\geant\AppData\Roaming
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=OLIVIER
ComSpec=C:\Windows\system32\cmd.exe
DEFAULT_CA_NR=CA8
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\geant
LOCALAPPDATA=C:\Users\geant\AppData\Local
LOGONSERVER=\\OLIVIER
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\Common Files\Teleca Shared
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 6, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f06
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\geant\AppData\Local\Temp
TMP=C:\Windows\TEMP
USERDOMAIN=OLIVIER
USERNAME=geant
USERPROFILE=C:\Users\geant
windir=C:\Windows


-- User Profiles ---------------------------------------------------------------

geant


-- Add/Remove Programs ---------------------------------------------------------

--> "C:\Program Files\InstallShield Installation Information\{F7B05784-334C-4F76-8BAB-30ABEB7FD534}\setup.exe" REMOVEALL --u:{F37167DD-4436-4641-90B6-329D60632DDA}
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5927AF0D-335C-41D6-937B-54587EBD6D2C}\setup.exe" -uninstall
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\setup.exe" -uninstall
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B804C424-B66D-447A-84BD-C6B88C392C3A}\setup.exe" -uninstall
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E4C891D6-6844-41B8-86E8-633CACCC644F}\setup.exe" -uninstall
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F79A208D-D929-11D9-9D77-000129760D75}\setup.exe" -uninstall
Acer Arcade Deluxe --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}\setup.exe" -uninstall
Acer eDataSecurity Management --> C:\Acer\Empowering Technology\eDataSecurity\eDSnstHelper.exe -Operation UNINSTALL
Acer eLock Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}\setup.exe" -l0x40c -removeonly
Acer Empowering Technology --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x40c -removeonly
Acer eNet Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\setup.exe" -l0x40c -removeonly
Acer ePower Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe" -l0x40c -removeonly
Acer ePresentation Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF839132-BD43-4056-ACBF-4377F4A88E2A}\setup.exe" -l0x40c -removeonly
Acer eSettings Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE65A9A0-9686-45C6-9098-3C9543A412F0}\setup.exe" -l0x40c -removeonly
Acer GridVista --> C:\Windows\UnInst32.exe GridV.UNI
Acer Mobility Center Plug-In --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11316260-6666-467B-AC34-183FCB5D4335}\setup.exe" -l0x40c -removeonly
Acer ScreenSaver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly
Acer Tour --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94389919-B0AA-4882-9BE8-9F0B004ECA35}\setup.exe" -l0x40c -removeonly
Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Camfrog Video Chat 4.1 (remove only) --> "C:\Program Files\Camfrog\Camfrog Video Chat\uninstall.exe"
Camtasia Studio 4 --> MsiExec.exe /I{1BA16E5A-72B9-44B7-9FDA-FB6CE7FF6C0C}
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
DHTML Editing Component --> MsiExec.exe /I{2EA870FA-585F-4187-903D-CB9FFD21E2E0}
eMule --> "C:\Program Files\eMule\Uninstall.exe"
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Intel(R) Matrix Storage Manager --> C:\Windows\System32\Imsmudlg.exe
Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
K-Lite Mega Codec Pack 3.8.5 --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"
Launch Manager --> C:\Windows\UnInst32.exe LManager.UNI
Logitech Audio Echo Cancellation Component --> MsiExec.exe /X{BEF726DD-4037-4214-8C6A-E625C02D2870}
Logitech Desktop Messenger --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
Logitech QuickCam --> MsiExec.exe /X{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}
Logitech Video Enumerator --> MsiExec.exe /X{EA516024-D84D-41F1-814F-83175A6188F2}
Microsoft Office Visio Professional 2007 --> MsiExec.exe /X{90120000-0051-0000-0000-0000000FF1CE}
Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (2.0.0.13) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
Neuf - Kit de connexion --> C:\Program Files\Neuf\Kit\uninstall.exe
NTI Backup NOW! 4.7 --> "C:\Program Files\InstallShield Installation Information\{67ADE9AF-5CD9-4089-8825-55DE4B366799}\setup.exe" -removeonly
NTI CD & DVD-Maker --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7
NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI
Outil de mise à jour Google --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
PowerProducer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" -uninstall
Programme de gestion Camera de Logitech® --> "C:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
Realtek High Definition Audio Driver --> RtlUpd.exe -r -m
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Skype™ 3.5 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
System Requirements Lab --> C:\Program Files\SystemRequirementsLab\Uninstall.exe
Texas Instruments PCIxx21/x515/xx12 drivers. --> C:\Program Files\InstallShield Installation Information\{F7B05784-334C-4F76-8BAB-30ABEB7FD534}\setup.exe -runfromtemp -l0x040c
VCRedistSetup --> MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type66072 / Success
Event Submitted/Written: 04/07/2008 00:13:51 PM
Event ID/Source: 5617 / WinMgmt
Event Description:


Event Record #/Type66067 / Success
Event Submitted/Written: 04/07/2008 00:13:42 PM
Event ID/Source: 5615 / WinMgmt
Event Description:


Event Record #/Type66057 / Success
Event Submitted/Written: 04/07/2008 00:13:16 PM
Event ID/Source: 902 / Software Licensing Service
Event Description:
Le service de gestion des licences du logiciel a démarré.

Event Record #/Type66047 / Success
Event Submitted/Written: 04/07/2008 00:10:10 PM
Event ID/Source: 5617 / WinMgmt
Event Description:


Event Record #/Type66044 / Success
Event Submitted/Written: 04/07/2008 00:10:00 PM
Event ID/Source: 5615 / WinMgmt
Event Description:




-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type190993 / Error
Event Submitted/Written: 04/07/2008 00:24:50 PM
Event ID/Source: 8003 / bowser
Event Description:
Le maître explorateur a reçu une annonce de serveur de l'ordinateur PC-DE-LOUISPOTE
qui pense qu'il est le maître explorateur sur le domaine pour le transport NetBT_Tcpip_{CBD57B1B-5919-4C49-8799-88.
Le maître explorateur s'arrête ou une élection est provoquée.

Event Record #/Type190979 / Error
Event Submitted/Written: 04/07/2008 00:14:53 PM
Event ID/Source: 10000 / DCOM
Event Description:
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\agent.exe -Embedding740{FFF2D28F-E4EE-44D9-8104-8E71556757F6}

Event Record #/Type190935 / Error
Event Submitted/Written: 04/07/2008 00:13:56 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
Outpost Firewall Service%%3

Event Record #/Type190882 / Error
Event Submitted/Written: 04/07/2008 00:13:06 PM
Event ID/Source: 15016 / HTTP
Event Description:
\Device\Http\ReqQueueKerberos

Event Record #/Type190862 / Error
Event Submitted/Written: 04/07/2008 00:10:19 PM
Event ID/Source: 7026 / Service Control Manager
Event Description:
SASKUTIL
VFILT



-- End of Deckard's System Scanner: finished at 2008-04-07 15:28:41 ------------

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft® Windows Vista™ Édition Familiale Premium (build 6001) SP 1.0
Architecture: X86; Language: French

CPU 0: Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz
Percentage of Memory in Use: 48%
Physical Memory (total/avail): 1021.44 MiB / 525.1 MiB
Pagefile Memory (total/avail): 3626.62 MiB / 2737.42 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1893.55 MiB

C: is Fixed (NTFS) - 51.65 GiB total, 28.12 GiB free.
D: is Fixed (NTFS) - 51.36 GiB total, 31.81 GiB free.
E: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - ST9120821AS - 111.79 GiB - 3 partitions
\PARTITION0 - Unknown - 8.79 GiB
\PARTITION1 (bootable) - MS-DOS V4 Huge - 51.65 GiB - C:
\PARTITION2 - Système de fichiers installable - 51.36 GiB - D:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

AS: AVG Anti-Spyware v7, 5, 1, 43 (GRISOFT s.r.o.) Outdated
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation) Disabled

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Acer\\Empowering Technology\\eDataSecurity\\eDSfsu.exe"="C:\\Acer\\Empowering Technology\\eDataSecurity\\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\\Acer\\Empowering Technology\\eDataSecurity\\encryption.exe"="C:\\Acer\\Empowering Technology\\eDataSecurity\\encryption.exe:*:Enabled:encryption"
"C:\\Acer\\Empowering Technology\\eDataSecurity\\decryption.exe"="C:\\Acer\\Empowering Technology\\eDataSecurity\\decryption.exe:*:Enabled:D ecryption"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\Internet Explorer\\PLUGINS\\cxsrrs.exe"="C:\\Program Files\\Internet Explorer\\PLUGINS\\cxsrrs.exe:*:Enabled:IE updater"
"c:\\msiupdat.exe"="c:\\msiupdat.exe:*:Enabled:utorrent7"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\geant\AppData\Roaming
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=OLIVIER
ComSpec=C:\Windows\system32\cmd.exe
DEFAULT_CA_NR=CA8
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\geant
LOCALAPPDATA=C:\Users\geant\AppData\Local
LOGONSERVER=\\OLIVIER
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\Common Files\Teleca Shared
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 6, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f06
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\geant\AppData\Local\Temp
TMP=C:\Windows\TEMP
USERDOMAIN=OLIVIER
USERNAME=geant
USERPROFILE=C:\Users\geant
windir=C:\Windows


-- User Profiles ---------------------------------------------------------------

geant


-- Add/Remove Programs ---------------------------------------------------------

--> "C:\Program Files\InstallShield Installation Information\{F7B05784-334C-4F76-8BAB-30ABEB7FD534}\setup.exe" REMOVEALL --u:{F37167DD-4436-4641-90B6-329D60632DDA}
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5927AF0D-335C-41D6-937B-54587EBD6D2C}\setup.exe" -uninstall
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\setup.exe" -uninstall
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B804C424-B66D-447A-84BD-C6B88C392C3A}\setup.exe" -uninstall
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E4C891D6-6844-41B8-86E8-633CACCC644F}\setup.exe" -uninstall
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F79A208D-D929-11D9-9D77-000129760D75}\setup.exe" -uninstall
Acer Arcade Deluxe --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}\setup.exe" -uninstall
Acer eDataSecurity Management --> C:\Acer\Empowering Technology\eDataSecurity\eDSnstHelper.exe -Operation UNINSTALL
Acer eLock Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}\setup.exe" -l0x40c -removeonly
Acer Empowering Technology --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x40c -removeonly
Acer eNet Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\setup.exe" -l0x40c -removeonly
Acer ePower Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe" -l0x40c -removeonly
Acer ePresentation Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF839132-BD43-4056-ACBF-4377F4A88E2A}\setup.exe" -l0x40c -removeonly
Acer eSettings Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE65A9A0-9686-45C6-9098-3C9543A412F0}\setup.exe" -l0x40c -removeonly
Acer GridVista --> C:\Windows\UnInst32.exe GridV.UNI
Acer Mobility Center Plug-In --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11316260-6666-467B-AC34-183FCB5D4335}\setup.exe" -l0x40c -removeonly
Acer ScreenSaver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly
Acer Tour --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94389919-B0AA-4882-9BE8-9F0B004ECA35}\setup.exe" -l0x40c -removeonly
Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Camfrog Video Chat 4.1 (remove only) --> "C:\Program Files\Camfrog\Camfrog Video Chat\uninstall.exe"
Camtasia Studio 4 --> MsiExec.exe /I{1BA16E5A-72B9-44B7-9FDA-FB6CE7FF6C0C}
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
DHTML Editing Component --> MsiExec.exe /I{2EA870FA-585F-4187-903D-CB9FFD21E2E0}
eMule --> "C:\Program Files\eMule\Uninstall.exe"
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Intel(R) Matrix Storage Manager --> C:\Windows\System32\Imsmudlg.exe
Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
K-Lite Mega Codec Pack 3.8.5 --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"
Launch Manager --> C:\Windows\UnInst32.exe LManager.UNI
Logitech Audio Echo Cancellation Component --> MsiExec.exe /X{BEF726DD-4037-4214-8C6A-E625C02D2870}
Logitech Desktop Messenger --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
Logitech QuickCam --> MsiExec.exe /X{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}
Logitech Video Enumerator --> MsiExec.exe /X{EA516024-D84D-41F1-814F-83175A6188F2}
Microsoft Office Visio Professional 2007 --> MsiExec.exe /X{90120000-0051-0000-0000-0000000FF1CE}
Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (2.0.0.13) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
Neuf - Kit de connexion --> C:\Program Files\Neuf\Kit\uninstall.exe
NTI Backup NOW! 4.7 --> "C:\Program Files\InstallShield Installation Information\{67ADE9AF-5CD9-4089-8825-55DE4B366799}\setup.exe" -removeonly
NTI CD & DVD-Maker --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7
NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI
Outil de mise à jour Google --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
PowerProducer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" -uninstall
Programme de gestion Camera de Logitech® --> "C:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
Realtek High Definition Audio Driver --> RtlUpd.exe -r -m
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Skype™ 3.5 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
System Requirements Lab --> C:\Program Files\SystemRequirementsLab\Uninstall.exe
Texas Instruments PCIxx21/x515/xx12 drivers. --> C:\Program Files\InstallShield Installation Information\{F7B05784-334C-4F76-8BAB-30ABEB7FD534}\setup.exe -runfromtemp -l0x040c
VCRedistSetup --> MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type66072 / Success
Event Submitted/Written: 04/07/2008 00:13:51 PM
Event ID/Source: 5617 / WinMgmt
Event Description:


Event Record #/Type66067 / Success
Event Submitted/Written: 04/07/2008 00:13:42 PM
Event ID/Source: 5615 / WinMgmt
Event Description:


Event Record #/Type66057 / Success
Event Submitted/Written: 04/07/2008 00:13:16 PM
Event ID/Source: 902 / Software Licensing Service
Event Description:
Le service de gestion des licences du logiciel a démarré.

Event Record #/Type66047 / Success
Event Submitted/Written: 04/07/2008 00:10:10 PM
Event ID/Source: 5617 / WinMgmt
Event Description:


Event Record #/Type66044 / Success
Event Submitted/Written: 04/07/2008 00:10:00 PM
Event ID/Source: 5615 / WinMgmt
Event Description:




-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type190993 / Error
Event Submitted/Written: 04/07/2008 00:24:50 PM
Event ID/Source: 8003 / bowser
Event Description:
Le maître explorateur a reçu une annonce de serveur de l'ordinateur PC-DE-LOUISPOTE
qui pense qu'il est le maître explorateur sur le domaine pour le transport NetBT_Tcpip_{CBD57B1B-5919-4C49-8799-88.
Le maître explorateur s'arrête ou une élection est provoquée.

Event Record #/Type190979 / Error
Event Submitted/Written: 04/07/2008 00:14:53 PM
Event ID/Source: 10000 / DCOM
Event Description:
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\agent.exe -Embedding740{FFF2D28F-E4EE-44D9-8104-8E71556757F6}

Event Record #/Type190935 / Error
Event Submitted/Written: 04/07/2008 00:13:56 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
Outpost Firewall Service%%3

Event Record #/Type190882 / Error
Event Submitted/Written: 04/07/2008 00:13:06 PM
Event ID/Source: 15016 / HTTP
Event Description:
\Device\Http\ReqQu
7 Avril 2008 16:56:27

/Written: 04/07/2008 00:10:19 PM
Event ID/Source: 7026 / Service Control Manager
Event Description:
SASKUTIL
VFILT



-- End of Deckard's System Scanner: finished at 2008-04-07 15:28:41 ------------

a b 8 Sécurité
7 Avril 2008 17:58:14

Ton pc est propre, cela ne relève pas de la sécurité informatique.
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS