[Résolu] Virus pour changer.
Forum Sécurité - Virus : [Résolu] Virus pour changer.
Merci d'avoir répondu voila ce qu'a donné l'analyse :
1er fichier :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:22:42, on 17/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
F:\Teamspeak2_RC2\TeamSpeak.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com [...] _0_3_0.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
--
End of file - 5926 bytes
2iéme :
Logfile of random's system information tool 1.05 (written by random/random)
Run by leon at 2009-01-17 14:09:50
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 52 GB (34%) free of 153 GB
Total RAM: 2047 MB (31% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:10:01, on 17/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
F:\Teamspeak2_RC2\TeamSpeak.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
F:\World of Warcraft\WoW.exe
C:\Documents and Settings\leon\Bureau\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\leon.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com [...] _0_3_0.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
--
End of file - 6163 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\NeroLiveEpgUpdate-DENIAUD-73E7A3A_leon.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll [2008-07-29 62728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-03-21 16126464]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2008-07-29 206088]
"TrojanScanner"=C:\Program Files\Trojan Remover\Trjscan.exe [2008-12-10 1230728]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-12-26 13680640]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-12-26 86016]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2008-12-02 3882312]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\erhezpe]
c:\documents and settings\leon\local settings\application data\erhezpe.exe erhezpe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MultiScreen]
C:\Program Files\MultiScreen\MultiScreen.exe [2008-02-22 114688]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlatriumSA]
C:\Program Files\Platrium\bin\1.2.103.0\PlatriumSA.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlatriumWeather]
C:\Program Files\Platrium\bin\1.2.103.0\Weather.exe -auto []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RayV]
C:\Program Files\RayV\RayV\RayV.exe [2008-09-07 3708200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
c:\program files\steam\steam.exe -silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrojanScanner]
C:\Program Files\Trojan Remover\Trjscan.exe [2008-12-10 1230728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\V0230Mon.exe]
C:\WINDOWS\V0230Mon.exe [2006-09-07 32768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^leon^Menu Démarrer^Programmes^Démarrage^hamachi.lnk]
C:\PROGRA~1\Hamachi\hamachi.exe [2008-11-06 624416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^leon^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.4.lnk]
C:\PROGRA~1\OPENOF~1.4\program\QUICKS~1.EXE []
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2008-07-29 218376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll [2008-05-02 72208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=95000000
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\THQ\Company of Heroes\RelicCOH.exe"="C:\Program Files\THQ\Company of Heroes\RelicCOH.exe:*:Enabled:Company of Heroes - Opposing Fronts"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled
nkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:EnablednkBstrB"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\RayV\RayV\RayV.exe"="C:\Program Files\RayV\RayV\RayV.exe:*:Enabled:RayV"
"C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"C:\Documents and Settings\leon\Mes documents\Kaspersky_2009_keys\Kaspersky 2009 keys\Activator.exe"="C:\Documents and Settings\leon\Mes documents\Kaspersky_2009_keys\Kaspersky 2009 keys\Activator.exe:*:Enabled:svchost"
"E:\Program Files\Skype\Phone\Skype.exe"="E:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{382819b1-8401-11dd-8617-001d60cb0cff}]
shell\AutoRun\command - I:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cc560f4e-a546-11dd-864e-001d60cb0cff}]
shell\Auto\command - Start.exe
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.exe
======List of files/folders created in the last 1 months======
2009-01-17 14:09:50 ----D---- C:\rsit
2009-01-17 10:55:57 ----D---- C:\WINDOWS\LastGood
2009-01-17 10:47:02 ----D---- C:\Documents and Settings\leon\Application Data\Auslogics
2009-01-17 10:47:00 ----D---- C:\Program Files\Auslogics
2009-01-17 10:33:39 ----D---- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2009-01-17 10:31:43 ----D---- C:\WINDOWS\system32\AGEIA
2009-01-17 10:31:43 ----D---- C:\Program Files\AGEIA Technologies
2009-01-17 10:31:02 ----D---- C:\WINDOWS\nview
2009-01-17 10:31:02 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-01-17 10:30:47 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2009-01-16 23:27:36 ----D---- C:\Documents and Settings\leon\Application Data\dvdcss
2009-01-16 22:29:55 ----HD---- C:\WINDOWS\PIF
2009-01-16 22:22:15 ----A---- C:\WINDOWS\system32\ztvunace26.dll
2009-01-16 22:22:15 ----A---- C:\WINDOWS\system32\ztvcabinet.dll
2009-01-16 22:22:15 ----A---- C:\WINDOWS\system32\UNRAR3.dll
2009-01-16 22:22:15 ----A---- C:\WINDOWS\system32\unacev2.dll
2009-01-16 22:22:10 ----D---- C:\Program Files\Trojan Remover
2009-01-16 22:22:10 ----D---- C:\Documents and Settings\All Users\Application Data\Simply Super Software
2009-01-16 19:36:44 ----D---- C:\Program Files\Kaspersky Lab
2009-01-16 19:36:44 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2009-01-16 19:35:02 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-01-16 19:01:42 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-16 18:54:17 ----A---- C:\WINDOWS\ntbtlog.txt
2009-01-16 18:24:57 ----D---- C:\Documents and Settings\leon\Application Data\Malwarebytes
2009-01-16 18:24:53 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-16 18:24:53 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-01-16 09:53:33 ----D---- C:\Documents and Settings\leon\Application Data\MSNInstaller
2009-01-15 21:10:30 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-01-15 21:08:20 ----D---- C:\Program Files\Trend Micro
2009-01-15 18:23:45 ----D---- C:\Program Files\AVG
2009-01-14 22:09:43 ----D---- C:\Documents and Settings\All Users\Application Data\Avg8
2009-01-14 18:11:12 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2009-01-14 16:53:52 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-11 19:51:56 ----A---- C:\WINDOWS\system32\javaws.exe
2009-01-11 19:51:56 ----A---- C:\WINDOWS\system32\javaw.exe
2009-01-11 19:51:56 ----A---- C:\WINDOWS\system32\java.exe
2009-01-11 19:51:56 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-01-09 20:40:40 ----A---- C:\WINDOWS\NeroDigital.ini
2009-01-09 20:24:53 ----D---- C:\Documents and Settings\leon\Application Data\Nero
2009-01-09 20:04:06 ----A---- C:\WINDOWS\Irremote.ini
2009-01-09 20:01:56 ----D---- C:\Program Files\Windows Sidebar
2009-01-09 19:52:08 ----D---- C:\Program Files\Nero
2009-01-09 19:51:45 ----D---- C:\Program Files\Fichiers communs\Nero
2009-01-09 19:51:45 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2009-01-09 19:30:00 ----D---- C:\Program Files\Nsasoft
2009-01-08 17:47:47 ----A---- C:\WINDOWS\system32\BtCoreIf.dll
2009-01-08 17:47:17 ----D---- C:\Program Files\Fichiers communs\Logishrd
2009-01-05 18:23:58 ----D---- C:\Documents and Settings\leon\Application Data\OpenOffice.org
2009-01-03 00:40:30 ----A---- C:\WINDOWS\wininit.ini
2009-01-01 11:11:27 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2008-12-31 17:23:21 ----D---- C:\Documents and Settings\leon\Application Data\Ubisoft
2008-12-31 17:22:01 ----D---- C:\Documents and Settings\All Users\Application Data\Ubisoft
2008-12-31 17:09:23 ----D---- C:\Program Files\Ubisoft
2008-12-31 17:08:58 ----D---- C:\Documents and Settings\leon\Application Data\InstallShield
2008-12-31 16:40:46 ----D---- C:\Documents and Settings\leon\Application Data\Red Kawa
2008-12-30 19:50:00 ----D---- C:\Program Files\AviSynth 2.5
2008-12-30 19:49:55 ----D---- C:\Program Files\Red Kawa
2008-12-30 19:49:38 ----D---- C:\OpenCandy
2008-12-30 14:02:03 ----D---- C:\Program Files\JRE
2008-12-30 14:01:58 ----D---- C:\Program Files\OpenOffice.org 3
2008-12-27 17:07:38 ----D---- C:\Program Files\AP Tuner
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nwiz.exe
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwssr.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwss.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrszht.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrszhc.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrstr.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrsth.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrssv.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrssl.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrssk.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrsru.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrsptb.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrspt.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrspl.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrsno.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrsnl.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrsko.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrsja.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrsit.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrshu.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrshe.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrsfr.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrsfi.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrsesm.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrses.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrseng.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrsel.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrsde.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrsda.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrscs.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwrsar.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwimg.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwdmcpl.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvwddi.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvvitvsr.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvvitvs.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvshell.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrszht.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrstr.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrsth.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrssv.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrssl.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrssk.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrsru.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrspt.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrspl.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrsno.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrsko.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrsja.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrsit.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrshu.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrshe.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrses.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrseng.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrsel.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrsde.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrsda.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrscs.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvrsar.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvmoblsr.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvmobls.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvmctray.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvmccssr.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvmccss.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvmccsrs.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvmccs.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nview.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvgamesr.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvgames.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvdspsch.exe
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvdispsr.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvdisps.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvcuda.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvcpluir.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvcplui.exe
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvcpl.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvcolor.exe
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvcodins.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvcod.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvappbar.exe
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nvapi.dll
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\keystone.exe
2008-12-21 20:47:00 ----D---- C:\Program Files\AVOne
2008-12-20 14:28:20 ----D---- C:\Documents and Settings\leon\Application Data\Smart PC Solutions
2008-12-19 02:28:20 ----HDC---- C:\WINDOWS\$NtUninstallKB960714$
======List of files/folders modified in the last 1 months======
2009-01-17 13:41:53 ----D---- C:\Documents and Settings\leon\Application Data\Azureus
2009-01-17 13:10:32 ----SHD---- C:\WINDOWS\Installer
2009-01-17 13:10:25 ----D---- C:\Program Files\Java
2009-01-17 13:10:11 ----D---- C:\WINDOWS\system32
2009-01-17 13:10:10 ----D---- C:\WINDOWS\Temp
2009-01-17 10:59:57 ----D---- C:\WINDOWS\system32\drivers
2009-01-17 10:55:59 ----HD---- C:\WINDOWS\inf
2009-01-17 10:55:57 ----D---- C:\WINDOWS
2009-01-17 10:55:54 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-17 10:47:00 ----RD---- C:\Program Files
2009-01-17 10:41:50 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-01-17 10:37:24 ----SHD---- C:\System Volume Information
2009-01-17 10:37:24 ----D---- C:\WINDOWS\system32\Restore
2009-01-17 10:35:35 ----D---- C:\Program Files\Mozilla Firefox
2009-01-17 10:32:19 ----D---- C:\WINDOWS\system32\CatRoot
2009-01-17 10:31:33 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-01-17 10:31:06 ----D---- C:\WINDOWS\Help
2009-01-17 10:31:01 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-01-17 10:20:23 ----D---- C:\Program Files\ma-config.com
2009-01-17 10:20:23 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
2009-01-16 23:50:59 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-01-16 21:05:08 ----D---- C:\Program Files\Everest Poker
2009-01-16 20:35:50 ----A---- C:\WINDOWS\win.ini
2009-01-16 19:41:47 ----D---- C:\WINDOWS\Prefetch
2009-01-16 19:40:17 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-01-16 19:36:20 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-16 19:34:57 ----SD---- C:\Documents and Settings\leon\Application Data\Microsoft
2009-01-16 18:45:11 ----D---- C:\WINDOWS\Debug
2009-01-16 09:52:58 ----D---- C:\Program Files\MSN
2009-01-15 22:24:26 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2009-01-15 21:14:53 ----D---- C:\Documents and Settings
2009-01-15 21:10:55 ----D---- C:\Program Files\Lavasoft
2009-01-15 21:10:53 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-01-15 21:10:53 ----D---- C:\Documents and Settings\leon\Application Data\Lavasoft
2009-01-15 21:10:10 ----D---- C:\Documents and Settings\leon\Application Data\Skype
2009-01-15 20:38:11 ----HD---- C:\$AVG8.VAULT$
2009-01-14 22:01:35 ----D---- C:\Program Files\Hitman Pro
2009-01-14 21:05:46 ----D---- C:\Temp
2009-01-14 16:53:48 ----HD---- C:\WINDOWS\$hf_mig$
2009-01-13 18:45:16 ----D---- C:\WINDOWS\Minidump
2009-01-10 02:35:28 ----A---- C:\WINDOWS\system32\MRT.exe
2009-01-09 20:29:38 ----SD---- C:\WINDOWS\Tasks
2009-01-09 19:51:45 ----D---- C:\Program Files\Fichiers communs
2009-01-09 19:51:41 ----D---- C:\WINDOWS\WinSxS
2009-01-08 17:48:31 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-01-08 17:47:52 ----D---- C:\Program Files\Fichiers communs\Logitech
2009-01-08 17:47:18 ----HD---- C:\Program Files\InstallShield Installation Information
2009-01-03 19:30:17 ----A---- C:\log_lobby_dumper.txt
2009-01-03 19:30:17 ----A---- C:\log_lobby.txt
2009-01-03 01:16:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-01-01 20:47:47 ----SH---- C:\boot.ini
2009-01-01 20:47:47 ----A---- C:\WINDOWS\system.ini
2008-12-31 17:18:50 ----D---- C:\WINDOWS\system32\DirectX
2008-12-31 17:18:34 ----RSD---- C:\WINDOWS\assembly
2008-12-30 14:02:16 ----RSD---- C:\WINDOWS\Fonts
2008-12-30 14:01:26 ----D---- C:\Program Files\OpenOffice.org 2.4
2008-12-30 13:58:05 ----D---- C:\Documents and Settings\leon\Application Data\OpenOffice.org2
2008-12-29 23:48:46 ----D---- C:\Program Files\Azureus
2008-12-29 12:26:40 ----D---- C:\Fraps
2008-12-28 01:18:11 ----D---- C:\Documents and Settings\leon\Application Data\LimeWire
2008-12-26 00:08:00 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2008-12-21 20:46:52 ----D---- C:\Program Files\Fichiers communs\InstallShield
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-01-16 213008]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l151x86.sys [2007-11-01 36864]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-10-14 25280]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-03-26 4395008]
R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:\WINDOWS\system32\DRIVERS\klfltdev.sys [2008-03-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-04-30 24592]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2008-02-29 20240]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-02-29 35344]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-02-29 36880]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-12-26 6301344]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 V0230Vfx;V0230Vfx; C:\WINDOWS\system32\DRIVERS\V0230Vfx.sys [2006-03-24 6272]
R3 V0230VID;Live! Cam Video IM Pro; C:\WINDOWS\system32\DRIVERS\V0230VID.sys [2006-09-29 500480]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S1 NCPro;NCPro; C:\WINDOWS\system32\drivers\MTictwl.sys []
S3 app0kbbn;app0kbbn; C:\WINDOWS\system32\drivers\app0kbbn.sys []
S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2008-12-16 10976]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2008-12-16 22368]
S3 MagicTune;MagicTune; C:\WINDOWS\system32\drivers\MTiCtwl.sys []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-11-07 32000]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2009-01-15 611664]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2008-07-29 206088]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe [2008-12-05 935208]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-12-26 163908]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-10-30 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-01-15 202040]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe [2008-05-02 121360]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-12-19 195752]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]
-----------------EOF-----------------
Oui escuse moi j'avais oublié 
info.txt logfile of random's system information tool 1.05 2009-01-17 14:10:04
======Uninstall list======
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->MsiExec /X{AC54E544-3E42-443C-A91D-A00A6974C592}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
AP Tuner 3.08-->"C:\Program Files\AP Tuner\AP Tuner 3.08\uninstall.exe"
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Assassin's Creed-->C:\Program Files\InstallShield Installation Information\{8CFA9151-6404-409A-AF22-4632D04582FD}\setup.exe -runfromtemp -l0x040c -removeonly
Assistant de connexion Windows Live-->MsiExec.exe /I{D6E592B3-67DA-4BBB-9783-E1838FB253A2}
Atheros Communications Inc.(R) L1 Gigabit Ethernet Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6E19F210-3813-4002-B561-94D66AA182B6}\Setup.exe" -l0x9 -removeonly
AusLogics Disk Defrag-->"C:\Program Files\Auslogics\AusLogics Disk Defrag\unins000.exe"
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
AVOne iPod Video Converter-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A1D66D8-2385-4769-B404-AF645C61457C}\Setup.exe"
Azureus Vuze-->C:\Program Files\Azureus\uninstall.exe
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
CoH Invasion Map Pack-->"C:\WW2\Data\Scenarios\mp\Invasion\uninst\unins000.exe"
CoH SGAMappack-->"C:\Documents and Settings\leon\Mes documents\My Games\Company of Heroes\WW2\Scenarios\uninst\unins000.exe"
Company of Heroes - D-Day Coop Map-->"C:\Program Files\D-Day Coop\unins000.exe"
Company of Heroes - FAKEMSI-->MsiExec.exe /I{14574B7F-75D1-4718-B7F2-EBF6E2862A35}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{199E6632-EB28-4F73-AECB-3E192EB92D18}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{25724802-CC14-4B90-9F3B-3D6955EE27B1}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{50193078-F553-4EBA-AA77-64C9FAA12F98}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{51D718D1-DA81-4FAD-919F-5C1CE3C33379}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{66F78C51-D108-4F0C-A93C-1CBE74CE338F}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{80D03817-7943-4839-8E96-B9F924C5E67D}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{97E5205F-EA4F-438F-B211-F1846419F1C1}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{99A7722D-9ACB-43F3-A222-ABC7133F159E}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{BA801B94-C28D-46EE-B806-E1E021A3D519}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{D4D244D1-05E0-4D24-86A2-B2433C435671}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{EAF636A9-F664-4703-A659-85A894DA264F}
Company of Heroes-->"C:\Program Files\THQ\Company of Heroes\Uninstall_French.exe"
Connection Booster 4.0.0.0-->"C:\Program Files\Connection Booster\unins000.exe"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Creative Live! Cam Video IM Pro Driver (1.01.03.0928)-->C:\WINDOWS\CtDrvIns.exe -uninstall -script VF0230.uns -unsext NT -plugin V0230Pin.dll -pluginres CtCamPin.crl
CryEngine(R)2 Sandbox(TM)2-->MsiExec.exe /I{7E4B7FD9-4ECE-4298-A910-3160B7918059}
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
EmoDio-->MsiExec.exe /X{C20CE592-B0F8-4D20-BF31-0151CA6331A6}
Everest Poker (Remove Only)-->C:\Program Files\Everest Poker\cstart.exe /uninstall
Favorit-->"c:\documents and settings\leon\local settings\application data\uciioyq.exe" -uninstall
Frets On Fire-->"C:\Program Files\Frets on Fire\Uninstall.exe"
Grand Theft Auto IV-->"C:\Program Files\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x040c -removeonly
Hamachi 1.0.2.5-->C:\Program Files\Hamachi\uninstall.exe
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hitman Pro-->"C:\Program Files\Hitman Pro\unins000.exe"
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{3CCB732A-E472-4CF9-B1EE-F18365341FE0}
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
Java(TM) 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Kaspersky Internet Security 2009-->MsiExec.exe /I{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}
Kaspersky Internet Security 2009-->MsiExec.exe /I{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}
KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LimeWire 4.18.8-->"C:\Program Files\LimeWire\uninstall.exe"
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\SETUP.EXE" -l0x40c UNINSTALL
Logitech Registration-->MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
Logitech SetPoint-->C:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe -runfromtemp -l0x040c -removeonly
Ma-Config.com-->MsiExec.exe /X{EC7FE2ED-F305-41B7-90B8-3DAE9E35307A}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{FD052FB9-FE90-4438-B355-15EDC89D8FB1}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser (KB925673)-->MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
MultiScreen-->C:\Program Files\InstallShield Installation Information\{E36E864B-BFB6-440A-9A23-2B0BEDE59A92}\setup.exe -runfromtemp -l0x040c -removeonly
Natural Color Pro-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC2C7405-BC58-4E11-8F51-29671BEAC06B}\setup.exe" -l0x9
Nero 9 Trial-->C:\Program Files\Fichiers communs\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="8M01-20CX-4294-TL10-U4U0-UKE2-MMT7-AHWX"
Nero 9-->C:\Program Files\Fichiers communs\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="9M03-01A1-PCX7-K31A-8A94-98PT-KT2E-522A"
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA PhysX v8.10.13-->MsiExec.exe /X{AC54E544-3E42-443C-A91D-A00A6974C592}
OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
Product Key Explorer 2.1.4-->"C:\Program Files\Nsasoft\ProductKeyExplorer\unins000.exe"
PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
RayV-->C:\Program Files\RayV\RayV\uninstall.exe
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
Rhabot-->MsiExec.exe /I{F2B869E1-11A4-4F20-8238-C07D3E78896C}
Rockstar Games Social Club-->"C:\Program Files\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x040c -removeonly
Satsuki Decoder Pack 4000-->C:\Program Files\Satsuki Decoder Pack\Uninstall.exe
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sibelius Scorch (Firefox, Opera, Netscape only)-->MsiExec.exe /I{5F4B558D-8AEB-4DEE-AAB3-C00D1D9A86BA}
Speed Gear v6.0-->"C:\Program Files\Speed Gear\unins000.exe"
Trojan Remover 6.7.5-->"C:\Program Files\Trojan Remover\unins000.exe"
TuxGuitar 1.0-->C:\Program Files\tuxguitar-1.0-jet\Uninstall.exe
Update Service-->C:\Program Files\Sony Ericsson\Update Service\uninst.exe
UseNeXT-->"C:\Program Files\UseNeXT\unins000.exe"
VideoLAN VLC media player 0.8.6i-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Videora iPod Converter 4.04-->C:\Program Files\Red Kawa\Video Converter App\uninstaller.exe
Windows Live Call-->MsiExec.exe /I{01523985-2098-43AF-9C97-12B07BE02A9B}
Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Presentation Foundation Language Pack (FRA)-->MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation FR Language Pack-->MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836}
World of Warcraft-->C:\Program Files\Fichiers communs\Blizzard Entertainment\Wrath of the Lich King\Uninstall.exe
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
=====HijackThis Backups=====
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O4 - Startup: OpenOffice.org 3.0.lnk.disabled
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O3 - Toolbar: (no name) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - (no file)
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O4 - Global Startup: NCProTray.lnk = ?
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======Security center information======
AV: Kaspersky Internet Security (disabled)
FW: Kaspersky Internet Security (disabled)
System event log
Computer Name: DENIAUD-73E7A3A
Event Code: 7036
Message: Le service HTTP SSL est entré dans l'état : en cours d'exécution.
Record Number: 8480
Source Name: Service Control Manager
Time Written: 20081230204301.000000+060
Event Type: Informations
User:
Computer Name: DENIAUD-73E7A3A
Event Code: 7035
Message: Un contrôle Arrêter a correctement été envoyé au service PnkBstrB.
Record Number: 8479
Source Name: Service Control Manager
Time Written: 20081230204259.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: DENIAUD-73E7A3A
Event Code: 7036
Message: Le service PnkBstrB est entré dans l'état : arrêté.
Record Number: 8478
Source Name: Service Control Manager
Time Written: 20081230204259.000000+060
Event Type: Informations
User:
Computer Name: DENIAUD-73E7A3A
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service HTTP SSL.
Record Number: 8477
Source Name: Service Control Manager
Time Written: 20081230204257.000000+060
Event Type: Informations
User: AUTORITE NT\SERVICE LOCAL
Computer Name: DENIAUD-73E7A3A
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service PnkBstrK.
Record Number: 8476
Source Name: Service Control Manager
Time Written: 20081230195228.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM
Application event log
Computer Name: DENIAUD-73E7A3A
Event Code: 101
Message: MsnMsgr (1732) Le moteur de base de données est arrêté.
Record Number: 2781
Source Name: ESENT
Time Written: 20081212205534.000000+060
Event Type: Informations
User:
Computer Name: DENIAUD-73E7A3A
Event Code: 103
Message: MsnMsgr (1732) \\.\C:\Documents and Settings\leon\Local Settings\Application Data\Microsoft\Messenger\dardest@hotmail.fr\SharingMetadata\Working\database_32D4_B893_D4B8_5AB5\dfsr.db: Le moteur de base de données a arrêté une instance (0).
Record Number: 2780
Source Name: ESENT
Time Written: 20081212205534.000000+060
Event Type: Informations
User:
Computer Name: DENIAUD-73E7A3A
Event Code: 102
Message: MsnMsgr (1732) \\.\C:\Documents and Settings\leon\Local Settings\Application Data\Microsoft\Messenger\dardest@hotmail.fr\SharingMetadata\Working\database_32D4_B893_D4B8_5AB5\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).
Record Number: 2779
Source Name: ESENT
Time Written: 20081212184732.000000+060
Event Type: Informations
User:
Computer Name: DENIAUD-73E7A3A
Event Code: 100
Message: MsnMsgr (1732) Le moteur de base de données 5.01.2600.5512 est démarré.
Record Number: 2778
Source Name: ESENT
Time Written: 20081212184732.000000+060
Event Type: Informations
User:
Computer Name: DENIAUD-73E7A3A
Event Code: 12001
Message:
Record Number: 2777
Source Name: usnjsvc
Time Written: 20081212184729.000000+060
Event Type:
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel
"PROCESSOR_REVISION"=0f0b
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"RGSCLauncher"=C:\Program Files\Rockstar Games\Rockstar Games Social Club
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_0_0_0
-----------------EOF-----------------
Poste-moi le rapport Panda quand il sera fini 
Je ne lai pas acheté monté j suis allé chez un spécialiste, j'ai choisi mes pièces séparément. (je c pas si sa te répond vraiment 
)
Donc j'ai remis l'ancien câble et ... sa n'a rien changé xD
Je ne voir plus quoi faire 
Ben justement, c'est le pilote du chipset que je t'ai donné tout à l'heure.
---> Ajoute maintenant [Résolu] au titre. Pour cela :
- Clique, dans ton premier message, sur le bouton Editer
.
- Rajoute la mention [Résolu] devant le titre.
- Clique ensuite sur Valider votre message.
