PC rame au démarrage rapport hijachthis négatif
Hors ligneMilou59 Le 23/12/2008 à 23:29 Profil de Milou59 Configuration de Milou59

re
Log.text

Logfile of random's system information tool 1.05 (written by random/random)
Run by M.Catoire at 2008-12-23 23:12:54
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 42 GB (84%) free of 50 GB
Total RAM: 1023 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:13:04, on 23/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Documents and Settings\M.Catoire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\M.Catoire\Local Settings\Temporary Internet Files\Content.IE5\N3ND9YP0\RSIT[2].exe
C:\Program Files\Trend Micro\HijackThis\M.Catoire.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.mini15.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\M.Catoire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [MPlayer2_FixUp] C:\WINDOWS\inf\unregmp2.exe /Fixups (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [MPlayer2_FixUp] C:\WINDOWS\inf\unregmp2.exe /Fixups (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{04EF8218-C993-4B7A-92C2-E4E5AD4F65C5}: NameServer = 194.117.200.11,194.117.200.16
O17 - HKLM\System\CS1\Services\Tcpip\..\{04EF8218-C993-4B7A-92C2-E4E5AD4F65C5}: NameServer = 194.117.200.11,194.117.200.16
O17 - HKLM\System\CS2\Services\Tcpip\..\{04EF8218-C993-4B7A-92C2-E4E5AD4F65C5}: NameServer = 194.117.200.11,194.117.200.16
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Unknown owner - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe (file missing)
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe

--
End of file - 5067 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskUser.job

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2007-08-31 249896]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2007-07-23 77824]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-01-28 2097488]
"Google Update"=C:\Documents and Settings\M.Catoire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-06 133104]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-03-29 126976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======List of files/folders created in the last 1 months======

2008-12-23 23:12:54 ----D---- C:\rsit
2008-12-23 18:19:39 ----D---- C:\Program Files\ma-config.com
2008-12-23 18:19:39 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
2008-12-23 14:35:02 ----D---- C:\WINDOWS\Minidump
2008-12-23 00:26:12 ----D---- C:\_OTMoveIt
2008-12-22 19:37:56 ----D---- C:\Program Files\Trend Micro
2008-12-20 10:05:55 ----D---- C:\Program Files\Fichiers communs\Adobe
2008-12-20 09:48:39 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-20 09:48:39 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-20 09:48:39 ----A---- C:\WINDOWS\system32\java.exe
2008-12-20 09:48:39 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-12-10 12:04:54 ----D---- C:\Program Files\Avira
2008-12-10 12:04:54 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2008-12-07 21:34:46 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-07 20:17:23 ----D---- C:\WINDOWS\ERUNT
2008-12-03 12:34:15 ----D---- C:\Documents and Settings\M.Catoire\Application Data\dvdcss
2008-12-03 11:31:15 ----D---- C:\WINDOWS\pss
2008-12-03 09:07:49 ----D---- C:\WINDOWS\LastGood(2)
2008-12-02 09:48:36 ----D---- C:\Documents and Settings\All Users\Application Data\Avira(5)
2008-12-01 21:01:37 ----D---- C:\Documents and Settings\All Users\Application Data\Avira(4)
2008-11-30 13:44:35 ----D---- C:\Documents and Settings\All Users\Application Data\Avira(3)

======List of files/folders modified in the last 1 months======

2008-12-23 23:12:58 ----D---- C:\WINDOWS\Prefetch
2008-12-23 22:47:10 ----D---- C:\Program Files\Mozilla Firefox
2008-12-23 22:19:41 ----D---- C:\WINDOWS\Temp
2008-12-23 22:16:33 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-23 18:19:53 ----SHD---- C:\WINDOWS\Installer
2008-12-23 18:19:39 ----RD---- C:\Program Files
2008-12-23 17:46:46 ----RSH---- C:\boot.ini
2008-12-23 17:46:46 ----A---- C:\WINDOWS\win.ini
2008-12-23 17:46:46 ----A---- C:\WINDOWS\system.ini
2008-12-23 14:35:02 ----D---- C:\WINDOWS
2008-12-23 00:54:32 ----D---- C:\Program Files\Fichiers communs
2008-12-23 00:09:15 ----D---- C:\Documents and Settings
2008-12-22 19:18:55 ----D---- C:\WINDOWS\system32
2008-12-22 10:24:46 ----D---- C:\WINDOWS\system32\config
2008-12-21 12:25:01 ----D---- C:\Documents and Settings\M.Catoire\Application Data\XnView
2008-12-21 11:41:31 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-20 13:22:30 ----D---- C:\WINDOWS\system32\Restore
2008-12-20 13:22:29 ----SHD---- C:\System Volume Information
2008-12-20 11:11:21 ----D---- C:\Program Files\Google
2008-12-20 10:32:35 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-20 10:31:01 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-20 10:09:48 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-12-20 10:05:55 ----D---- C:\Program Files\Adobe
2008-12-20 09:47:39 ----D---- C:\Program Files\Java
2008-12-20 09:30:55 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2008-12-20 09:19:24 ----D---- C:\WINDOWS\system32\Lang
2008-12-19 00:48:28 ----HD---- C:\WINDOWS\inf
2008-12-19 00:48:14 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-19 00:47:29 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-14 10:49:11 ----D---- C:\WINDOWS\Debug
2008-12-13 08:14:39 ----RSD---- C:\WINDOWS\Fonts
2008-12-13 07:37:56 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-12-10 23:55:28 ----D---- C:\Program Files\Internet Explorer
2008-12-10 12:41:55 ----D---- C:\WINDOWS\system32\drivers
2008-12-10 11:53:25 ----D---- C:\WINDOWS\system32\wbem
2008-12-10 11:53:21 ----D---- C:\WINDOWS\Registration
2008-12-10 00:24:37 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-03 13:14:19 ----SD---- C:\WINDOWS\Tasks
2008-12-03 13:01:05 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2008-12-03 12:47:27 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-03 12:42:03 ----D---- C:\Documents and Settings\All Users\Application Data\Avira(2)
2008-12-03 12:39:14 ----D---- C:\Program Files\Alwil Software
2008-12-03 12:23:54 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-12-02 09:58:27 ----D---- C:\WINDOWS\WinSxS
2008-12-01 23:35:46 ----D---- C:\Program Files\Yahoo!
2008-11-30 13:36:54 ----D---- C:\Documents and Settings\M.Catoire\Application Data\skypePM
2008-11-26 08:35:25 ----D---- C:\WINDOWS\Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2007-09-07 62016]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-03-29 2873856]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-12-19 4127232]
R3 Lvckap;Logitech Kernel Audio Processing Filter Driver; \??\C:\WINDOWS\system32\drivers\Lvckap.sys []
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-12-06 39424]
R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-14 5810]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2005-12-06 7136]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-20 21248]
R3 PID_08A0;QuickCam IM(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2005-12-06 916096]
R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2005-11-22 243200]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 lvmvdrv;Logitech Machine Vision Engine Loader; \??\C:\WINDOWS\system32\drivers\lvmvdrv.sys []
S3 LVPrcMon;Logitech LVPrcMon Driver; \??\C:\WINDOWS\system32\drivers\LVPrcMon.sys []
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;AntiVir PersonalEdition Classic Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2007-08-28 63016]
R2 AntiVirService;AntiVir PersonalEdition Classic Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2007-09-11 214056]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-03-29 536576]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-20 152984]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-03-28 593920]
S2 LVPrcSrv;Logitech Process Monitor; c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-12-19 195752]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------



info.text

info.txt logfile of random's system information tool 1.05 2008-12-23 23:13:06

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 6.0 Sprint-->MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
AMD Processor Driver-->C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe -runfromtemp -l0x040c -removeonly
Apple Software Update-->MsiExec.exe /I{55FA89BD-21D3-42F7-9249-C94C0094A83C}
ArcSoft Software Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E397B40-13F7-4CA2-9943-ADB29ACBBFDF}\setup.exe" -l0x40c
Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Avira AntiVir PersonalEdition Classic-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\setup.exe /REMOVE
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Cretacarte-->C:\Program Files\Cretacarte\uninstall.exe
Dual-Core Optimizer-->MsiExec.exe /X{FF3D660E-E5CC-47FD-8050-1B4DE3BA81A9}
EPSON Attach To Email-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x40c -UnInstall
EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BC69DDB8-4840-4D9B-BB31-0D4DB2BA1312}\SETUP.EXE" -l0x40c UNINST
EPSON File Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E86BC406-944E-41F6-ADE6-2C136734C96B}\Setup.exe" -l0x40c UNINST
EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Scan Assistant-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x40c -u
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
EPSON Web-To-Page-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x40c -anything
ESDX6000_CX5900 Guide util.-->C:\Program Files\EPSON\TPMANUAL\ESDX6000_CX5900\USE_G\DOCUNINS.EXE
EVEREST Ultimate Edition v4.20-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\setup.exe" -l0x40c UNINSTALL
LUMIX Simple Viewer-->C:\Program Files\InstallShield Installation Information\{2CDCCE7E-55D5-40CC-AEA0-ABA54713501F}\setup.exe -runfromtemp -l0x040c -removeonly
Ma-Config.com-->MsiExec.exe /X{EC7FE2ED-F305-41B7-90B8-3DAE9E35307A}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft .NET Framework 3.5-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Objectif Tarot-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-Objectif Tarot.dat
OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
PHOTOfunSTUDIO -viewer--->C:\Program Files\InstallShield Installation Information\{9A9DBEBC-C800-4776-A970-D76D6AA405B1}\Setup.exe -runfromtemp -l0x040cPackage -removeonly
PIF DESIGNER-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B90450DF-E781-46FD-B1F1-0C86DA40E443}\SETUP.EXE" -l0x40c anything
Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
QuickTime-->MsiExec.exe /I{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c  -removeonly
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
VLC media player 0.9.4-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
XnView 1.94.2-->"C:\Program Files\XnView\unins000.exe"

=====HijackThis Backups=====

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O18 - Protocol: bw+0 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {7B20D2D4-1E85-4F99-A2F6-4D43865F5789} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

======Hosts File======

127.0.0.1 localhost

======Security center information======

AV: Avira AntiVir PersonalEdition (outdated)

System event log

Computer Name: CATOIRE-91A41ED
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service Messenger Sharing Folders USN Journal Reader.

Record Number: 15472
Source Name: Service Control Manager
Time Written: 20081212090959.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: CATOIRE-91A41ED
Event Code: 7
Message: Le périphérique \Device\Harddisk0\D comporte un bloc défectueux.

Record Number: 15471
Source Name: Disk
Time Written: 20081212090957.000000+060
Event Type: erreur
User:

Computer Name: CATOIRE-91A41ED
Event Code: 7036
Message: Le service Gestionnaire de connexions d'accès distant est entré dans l'état : en cours d'exécution.

Record Number: 15470
Source Name: Service Control Manager
Time Written: 20081212090936.000000+060
Event Type: Informations
User:

Computer Name: CATOIRE-91A41ED
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Gestionnaire de connexions d'accès distant.

Record Number: 15469
Source Name: Service Control Manager
Time Written: 20081212090929.000000+060
Event Type: Informations
User: CATOIRE-91A41ED\M.Catoire

Computer Name: CATOIRE-91A41ED
Event Code: 7036
Message: Le service Téléphonie est entré dans l'état : en cours d'exécution.

Record Number: 15468
Source Name: Service Control Manager
Time Written: 20081212090929.000000+060
Event Type: Informations
User:

Application event log

Computer Name: CATOIRE-91A41ED
Event Code: 300
Message: msnmsgr (8432) \\.\C:\Documents and Settings\M.Catoire\Local Settings\Application Data\Microsoft\Messenger\tarotman@hotmail.fr\SharingMetadata\Working\database_7248_BCAE_48BC_7289\dfsr.db: Le moteur de base de données initialise la procédure de récupération.

Record Number: 4001
Source Name: ESENT
Time Written: 20081104203903.000000+060
Event Type: Informations
User:

Computer Name: CATOIRE-91A41ED
Event Code: 102
Message: msnmsgr (8432) \\.\C:\Documents and Settings\M.Catoire\Local Settings\Application Data\Microsoft\Messenger\tarotman@hotmail.fr\SharingMetadata\Working\database_7248_BCAE_48BC_7289\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).

Record Number: 4000
Source Name: ESENT
Time Written: 20081104203903.000000+060
Event Type: Informations
User:

Computer Name: CATOIRE-91A41ED
Event Code: 100
Message: msnmsgr (8432) Le moteur de base de données 5.01.2600.5512 est démarré.

Record Number: 3999
Source Name: ESENT
Time Written: 20081104203903.000000+060
Event Type: Informations
User:

Computer Name: CATOIRE-91A41ED
Event Code: 302
Message: msnmsgr (1664) \\.\C:\Documents and Settings\M.Catoire\Local Settings\Application Data\Microsoft\Messenger\tarotman@hotmail.fr\SharingMetadata\Working\database_7248_BCAE_48BC_7289\dfsr.db: Le moteur de base de données a exécuté la procédure de récupération avec succès.

Record Number: 3998
Source Name: ESENT
Time Written: 20081104085622.000000+060
Event Type: Informations
User:

Computer Name: CATOIRE-91A41ED
Event Code: 301
Message: msnmsgr (1664) \\.\C:\Documents and Settings\M.Catoire\Local Settings\Application Data\Microsoft\Messenger\tarotman@hotmail.fr\SharingMetadata\Working\database_7248_BCAE_48BC_7289\dfsr.db: Le moteur de base de données commence la relecture du fichier journal \\.\C:\Documents and Settings\M.Catoire\Local Settings\Application Data\Microsoft\Messenger\tarotman@hotmail.fr\SharingMetadata\Working\database_7248_BCAE_48BC_7289\fsr.log.

Record Number: 3997
Source Name: ESENT
Time Written: 20081104085622.000000+060
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 43 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=2b01
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

-----------------EOF-----------------
Hors ligneMarculinos Le 24/12/2008 à 09:07 Profil de Marculinos Configuration de Marculinos

Viconaute Modérateur
Mister_masque a écrit :
Peux tu quand même posté le rapport HijackThis pour qu'on y jette un Å“il, si tu a utiliser le site HijackThis.de, ce site n'est pas fiable.
Il l'est quand même dans une certaine mesure. Tout le monde n'étant pas si avide de rapports Hijackthis à analyser sous peine d'être en manque ( ), le site Hijackthis.de présente quand même un intérêt pour une majorité de gens.

Hors ligneMister_masque Le 24/12/2008 à 13:54 Profil de Mister_masque Configuration de Mister_masque

Salut Marculinos,

Oui, je suis d'accord, mais à cause de la cotation des visiteurs et des lieux communs sur certains programmes, sa peut quelquefois mené à la catastrophe, il faut évidement garder son sens critique.

Pour le rapport, il est tout propre. Désinstalle Spybot. Peut etre un fichier système un peu mal-mené, essaye de réparer windows avec la commande SFC (dans mon message précédent).

Joyeux Noël à vous deux ()
--
Hors ligneMilou59 Le 24/12/2008 à 14:50 Profil de Milou59 Configuration de Milou59

bonjour
En voulant desinstaller SPYBOT message: The setup files are corrupted. Please obtain a new copie of the program.
Tu as raison, j'installe une nouvelle copie et te tiens au courant.
Joyeuses fêtes à tous
milou
Hors ligneMilou59 Le 25/12/2008 à 23:36 Profil de Milou59 Configuration de Milou59

bonjour
Aprés avoir réinstallé Spybot, lancé analyse. 21 infections détectées et supprimée. Nouvelle analyse aujourd'hui, 1 infection détectée "Right Média".
Pour réparer Windows, je n'ai pas le cd, c'est une société qui a installé Windows XP et qui l'a gardé.
milou
Hors ligneMister_masque Le 26/12/2008 à 18:20 Profil de Mister_masque Configuration de Mister_masque

Bonjour Milou,

Sans CD sa risque d'être dur, hélas
En mode sans échec sa donne quoi ?
--
Hors ligneMilou59 Le 26/12/2008 à 18:23 Profil de Milou59 Configuration de Milou59

Bonjour
peux tu m'expliquer la manip en mode sans échec.
Merci
milou
Hors ligneMister_masque Le 27/12/2008 à 14:44 Profil de Mister_masque Configuration de Mister_masque

Salut,

Démarre en Mode sans échec avec prise en charge réseau (MSE) avec la touche F8 au démarrage.
Aide : Mode sans echec

Voir si sa démarre plus vite ... Normalement oui :)
--
Hors ligneMilou59 Le 29/12/2008 à 14:32 Profil de Milou59 Configuration de Milou59

bonjour
ok fait comme tu as dis, pas d'amélioration.
Milou
Hors ligneMister_masque Le 29/12/2008 à 16:42 Profil de Mister_masque Configuration de Mister_masque

Salut,

Aie ... A part la réparation, j'ne vois pas.
Essaye toujours :

Relance HijackThis en "Do a system scan only".
Coche:


O4 - HKUS\S-1-5-18\..\RunOnce: [MPlayer2_FixUp] C:\WINDOWS\inf\unregmp2.exe /Fixups (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [MPlayer2_FixUp] C:\WINDOWS\inf\unregmp2.exe /Fixups (User 'Default user')


---> Clique sur Fix Cheked.


Un petit nettoyage s'impose
Tu peux installé Ccleaner.

Installe le (si tu le souhaite). Clique sur Analyse puis sur Lancer le nettoyage, si tu a des message de confirmation, bah confirme .
Ensuite dans le menu latéral gauche clique sur Registre, puis sur chercher les erreurs, ensuite clique sur Réparé les erreurs sélectionnés.
Confirme, et clique sur Réparer toute les erreurs. Effectue cette opération 3 fois (si c'est ton premier nettoyage).

Aide: Tutoriel Ccleaner

Je ne vois hélas, rien d'autre à faire, si quelqu'un d'autre a une idée
--
Vous avez résolu votre problème avec VIC ? Faites-le savoir sur les réseaux sociaux !
Vulgarisation-informatique.com
Cours en informatique & tutoriels