grimmy

Salut ! Comme dis ds le titre, j ai un PC portable sous seven que je souhaite mettre en reseau avec mon PC de salon sous XP. J'ai réussi à faire que le PC sous XP voie et puisse accéder aux données que j'ai partagées sous Seven Mais de mon PC Seven, je vois bien le nom du PC XP, mais je ne peux pas y accéder. (Windows ne peut pas accéder à ...). Et dans les détails, j ai le message suivant :"Le chemin réseau n'a pas été trouvé" Je suis allé voir sur le net mais j'ai pas trouvé d'informations suffisamment claires ou utiles à mon cas (et j ai cherché pourtant....) Alors si vous aviez une piste à me donner .... Merci d'avance !!!! Fabrice

Ok , merci Apollo !!! Je vais donc de ce pas occuper ma fin de matinée à l'installation du parefeu que tu 'as indiqué (en espérant que je m'en sorte bien ..) Question bête : Le pare feu d'XP doit il être désactivé ensuite (conflit ??) PS : J'ai posté sur le forum Malware Complaints Bonne journée !!!

Salut Apollo, merci de ces conseils. Concernant le pare feu, j'ai celui de XP déjà. Il ne suffit pas ? c'est une passoire ? Quan d je fais le test de sécurité sur Zebulon, on me dit que mon PC est invisible. Malgré cela, il y a donc un intérêt a placer un autre firewall ??? @+ !

Voilà, tout est fait, mes mises à jour que tu m'as indiquées aussi !! Et beh ! c est quand même du rude boulot tout ça !!! Je te remercie pour tout le temps que tu as passé à mon chevet (enfin à celui de mon PC ) A bientôt ! (pour d'autres aventures qui sait !!!)

Et voilà le second log d'USBFix avec l'option 2. A demain ! ############################## | UsbFix V6.083 | User : Fabrice (Administrateurs) # SILMARIL-3RQ5TV Update on 30/01/2010 by El Desaparecido , C_XX & Chimay8 Start at: 01:31:35 | 31/01/2010 Website : http://pagesperso-orange.fr/NosTools/index.html Contact : FindyKill.Contact@gmail.com Intel® Pentium® 4 CPU 3.00GHz Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3 Internet Explorer 8.0.6001.18702 Windows Firewall Status : Enabled AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ] C:\ -> Disque fixe local # 57,27 Go (35,79 Go free) # NTFS D:\ -> Disque fixe local # 9,41 Go (7,39 Go free) # NTFS E:\ -> Disque fixe local # 134,97 Go (117,24 Go free) # NTFS F:\ -> Disque CD-ROM G:\ -> Disque fixe local # 298,08 Go (61,03 Go free) [Elements] # NTFS H:\ -> Disque amovible # 3,79 Go (1,69 Go free) [uDISK] # FAT32 I:\ -> Disque amovible # 953,23 Mo (21,19 Mo free) # FAT ############################## | Processus actifs | C:\WINDOWS\System32\smss.exe 692 C:\WINDOWS\system32\csrss.exe 1228 C:\WINDOWS\system32\winlogon.exe 1324 C:\WINDOWS\system32\services.exe 1416 C:\WINDOWS\system32\lsass.exe 1428 C:\WINDOWS\system32\nvsvc32.exe 1612 C:\WINDOWS\system32\svchost.exe 1660 C:\WINDOWS\system32\svchost.exe 1716 C:\WINDOWS\System32\svchost.exe 1772 C:\WINDOWS\system32\svchost.exe 1812 C:\WINDOWS\System32\svchost.exe 1864 C:\WINDOWS\System32\svchost.exe 1968 C:\WINDOWS\system32\spoolsv.exe 404 C:\Program Files\Avira\AntiVir Desktop\sched.exe 472 C:\WINDOWS\System32\svchost.exe 584 C:\WINDOWS\Explorer.EXE 804 C:\Program Files\Avira\AntiVir Desktop\avguard.exe 860 C:\Program Files\Microsoft LifeCam\MSCamS32.exe 904 C:\WINDOWS\System32\svchost.exe 1084 C:\WINDOWS\system32\wuauclt.exe 1284 C:\WINDOWS\System32\alg.exe 300 C:\WINDOWS\system32\wbem\wmiprvse.exe 1024 ################## | Elements infectieux | Supprimé ! C:\Recycler\S-1-5-21-789336058-329068152-725345543-1005 Supprimé ! D:\Recycler\S-1-5-21-789336058-329068152-725345543-1005 Supprimé ! E:\Recycler\S-1-5-21-789336058-329068152-725345543-1005 Supprimé ! G:\autorun.inf Supprimé ! G:\$Recycle.Bin\S-1-5-21-1806310115-3489458024-2815896165-1000 Supprimé ! G:\Recycler\S-1-5-21-1275210071-1677128483-839522115-1003 Supprimé ! G:\Recycler\S-1-5-21-624678228-1409347577-1116979471-1005 Supprimé ! G:\Recycler\S-1-5-21-789336058-329068152-725345543-1005 H:\autorun.inf -> fichier appelé : "H:\nano/bananna.exe " ( Absent ! ) H:\autorun.inf -> fichier appelé : "H:\nano/bananna.exe " ( Absent ! ) Supprimé ! H:\nano Supprimé ! H:\autorun.inf I:\autorun.inf -> fichier appelé : "I:\start.exe" ( Présent ! ) Supprimé ! I:\start.exe Supprimé ! I:\autorun.inf ################## | Registre | ################## | Mountpoints2 | Supprimé ! HKCU\...\Explorer\MountPoints2\{e4ad2ad6-8856-11de-a702-00110965e099}\Shell\AutoRun\Command ################## | Listing des fichiers présent | [30/01/2010 12:41|--a------|33372] C:\aaw7boot.log [12/01/2010 08:05|--a------|566] C:\Ad-Report-SCAN[1].log [19/05/2009 20:14|--a------|0] C:\AUTOEXEC.BAT [16/07/2009 16:56|-rahs----|216] C:\boot.ini [30/08/2002 16:00|-rahs----|4952] C:\Bootfont.bin [19/05/2009 20:14|--a------|0] C:\CONFIG.SYS [31/01/2010 01:31|--a------|20] C:\GINA.TEXT [11/01/2010 03:31|--a------|230424] C:\img2-001.raw [30/06/2009 16:30|--a------|230424] C:\img2-002.raw [19/05/2009 20:14|-rahs----|0] C:\IO.SYS [20/05/2009 00:36|--a------|54911] C:\lma_log.html [19/05/2009 20:14|-rahs----|0] C:\MSDOS.SYS [30/08/2002 16:00|--a------|47580] C:\ntdetect.com [30/08/2002 16:00|--a------|235824] C:\ntldr [29/02/2004 16:44|--a------|52576] C:\orange.bmp [?|?|?] C:\pagefile.sys [12/01/2010 08:07|--a------|7077] C:\TB.txt [30/01/2010 22:02|--a------|47454] C:\TDSSKiller.2.2.2_30.01.2010_22.02.22_log.txt [31/01/2010 01:36|--a------|3907] C:\UsbFix.txt [31/01/2010 01:31|--a------|41] C:\WLANCUGINA.TEXT [28/11/2008 20:31|--a------|155636] D:\hotmail-1-2-20b2.xpi [26/05/2009 17:54|--a------|178712] D:\web-mail-1-3-3b7.xpi [03/06/2009 23:11|--a------|502159] E:\5e - Oxy‚nation seine.pptx [02/03/2009 20:47|--a------|0] G:\DFR7FE.tmp [15/06/2009 22:03|--a------|200] G:\Raccourci vers Lecteur CD.lnk [09/09/2009 07:34|--a------|402] G:\Raccourci vers SVT 2009-2010.lnk [10/12/2009 10:17|--a------|129024] H:\dent.ppt [06/11/2009 09:33|---hs----|348160] H:\msvcr71.dll [15/01/2010 11:25|--a------|14336] H:\CNPE 5 f‚vrier Etr doc.doc [15/01/2010 13:05|--a------|29445] H:\CNPE 5 f‚vrier.docx [15/01/2010 13:03|--a------|21527] H:\CNPE 5 f‚vrier Etr.docx [06/11/2009 12:35|--a------|685154654] H:\D‚chets - Le cauchemar du nucl‚aire - 13-10-2009 - Arte.avi [25/09/2009 06:21|--a------|367093760] H:\[Nucl‚aire] Que faire de nos d‚chets nucl‚aires - C'est pas sorcier France 3 2006 - 26m04s.avi [15/01/2010 11:26|--a------|45568] H:\CNPE 5 f‚vrier doc.doc [16/01/2006 15:47|--a------|293] I:\start.ini [07/09/2007 18:10|--a------|2806] I:\certif.p12 [05/08/2004 04:00|--a------|1896] I:\autoexec.nt [07/01/2008 22:11|--a------|27301104] I:\chemsk10_.exe [02/09/2009 07:52|--a------|1433158] I:\emploi du temps 6e1.bmp [04/09/2009 18:41|--a------|18383360] I:\Diaporama CR.ppt [25/09/2009 01:25|--a------|367173632] I:\C'est Pas Sorcier - L'‚nergie nucl‚aire.avi [18/01/2010 22:59|--a------|27100264] I:\PowerPointViewer.exe ################## | Vaccination | # C:\autorun.inf -> Dossier créé par UsbFix. # D:\autorun.inf -> Dossier créé par UsbFix. # E:\autorun.inf -> Dossier créé par UsbFix. # G:\autorun.inf -> Dossier créé par UsbFix. # H:\autorun.inf -> Dossier créé par UsbFix. # I:\autorun.inf -> Dossier créé par UsbFix. ################## | Upload | Veuillez envoyer le fichier : C:\UsbFix_Upload_Me_SILMARIL-3RQ5TV.zip : http://chiquitine.changelog.fr/Sample/Upload.php Merci pour votre contribution . ################## | ! Fin du rapport # UsbFix V6.083 ! |

Avant tou, je te remercie et te souhaite une bonne nuit ! Donc voila le rapport USBFIX avec l'option 1 ############################## | UsbFix V6.083 | User : Fabrice (Administrateurs) # SILMARIL-3RQ5TV Update on 30/01/2010 by El Desaparecido , C_XX & Chimay8 Start at: 01:24:10 | 31/01/2010 Website : http://pagesperso-orange.fr/NosTools/index.html Contact : FindyKill.Contact@gmail.com Intel® Pentium® 4 CPU 3.00GHz Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3 Internet Explorer 8.0.6001.18702 Windows Firewall Status : Enabled AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ] C:\ -> Disque fixe local # 57,27 Go (35,83 Go free) # NTFS D:\ -> Disque fixe local # 9,41 Go (7,39 Go free) # NTFS E:\ -> Disque fixe local # 134,97 Go (117,24 Go free) # NTFS F:\ -> Disque CD-ROM G:\ -> Disque fixe local # 298,08 Go (61,03 Go free) [Elements] # NTFS H:\ -> Disque amovible # 3,79 Go (1,69 Go free) [uDISK] # FAT32 I:\ -> Disque amovible # 953,23 Mo (21,19 Mo free) # FAT ############################## | Processus actifs | C:\WINDOWS\System32\smss.exe 696 C:\WINDOWS\system32\csrss.exe 1312 C:\WINDOWS\system32\winlogon.exe 1480 C:\WINDOWS\system32\services.exe 1648 C:\WINDOWS\system32\lsass.exe 1684 C:\WINDOWS\system32\nvsvc32.exe 1992 C:\WINDOWS\system32\svchost.exe 188 C:\WINDOWS\system32\svchost.exe 292 C:\WINDOWS\System32\svchost.exe 380 C:\WINDOWS\system32\svchost.exe 424 C:\WINDOWS\System32\svchost.exe 604 C:\WINDOWS\System32\svchost.exe 352 C:\WINDOWS\system32\spoolsv.exe 1152 C:\Program Files\Avira\AntiVir Desktop\sched.exe 1244 C:\WINDOWS\System32\svchost.exe 1356 C:\Program Files\Avira\AntiVir Desktop\avguard.exe 996 C:\WINDOWS\Explorer.EXE 1068 C:\Program Files\Microsoft LifeCam\MSCamS32.exe 1252 C:\WINDOWS\System32\svchost.exe 1536 C:\WINDOWS\system32\devldr32.exe 244 C:\WINDOWS\system32\RunDll32.exe 548 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 1096 C:\Program Files\Microsoft IntelliType Pro\itype.exe 1828 C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe 884 C:\WINDOWS\vVX1000.exe 1368 C:\WINDOWS\StartupMonitor.exe 1744 C:\WINDOWS\system32\RUNDLL32.EXE 1796 C:\Program Files\Windows Live\Messenger\msnmsgr.exe 228 C:\Program Files\Brother\Brmfcmon\BrMfimon.exe 744 C:\WINDOWS\system32\ctfmon.exe 916 C:\WINDOWS\System32\alg.exe 2852 C:\WINDOWS\system32\mmc.exe 3280 C:\WINDOWS\System32\svchost.exe 2352 C:\Program Files\Mozilla Firefox\firefox.exe 632 C:\WINDOWS\system32\wbem\wmiprvse.exe 1736 ################## | Elements infectieux | G:\autorun.inf H:\autorun.inf H:\nano I:\autorun.inf ################## | Registre | ################## | Mountpoints2 | HKCU\..\..\Explorer\MountPoints2\{01fe0511-4bcb-11de-a6bf-00110965e099} Shell\AutoRun\command =I:\start.exe Shell\FramaKey\command =I:\start.exe HKCU\..\..\Explorer\MountPoints2\{0e2b695b-44b6-11de-9163-00110965e099} Shell\AutoRun\command =nano/bananna.exe Shell\explore\command =nano/bananna.exe Shell\open\command =nano/bananna.exe HKCU\..\..\Explorer\MountPoints2\{e4ad2ad6-8856-11de-a702-00110965e099} Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL NoLimit.exe ################## | ! Fin du rapport # UsbFix V6.083 ! |

Ok, je savais que l'utilisation des logiciels P2P menait souvent à ce genre de problème, mais il est vrai que de 1) je les utilise pas souvent (sauf Gigatribe, mais c est avec des collègues pour echanger des fichiers de boulot) et de 2) pour le moment je m'étais pas chopé quoique ce soit vu que mon antivirus avait jusqu'à présent réussi à bloquer les sales choses. Mais bon, c'est sur qu'au moins là j'ai un exemple !! Et j'irai faire un peu de lecture vers les endroits que tu m'as indiqué ! Bon le scan est fini. Il m'a trouvé 2 choses qu'apparemment il a éliminé. je te poste le log de fin de Malwarbytes,. il me demande de rebooter pour finir le nettoyage, donc je reboote et ensuite je te remets les logs de RSIT comme demandé ! Merci . Malwarebytes' Anti-Malware 1.44 Version de la base de données: 3664 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 31/01/2010 01:01:36 mbam-log-2010-01-31 (01-01-36).txt Type de recherche: Examen complet (C:\|D:\|E:\|G:\|H:\|) Eléments examinés: 325435 Temps écoulé: 2 hour(s), 49 minute(s), 19 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Program Files\Ad-Remover\pv.com (Adware.Swizzor) -> Quarantined and deleted successfully. D:\Downloads Firefox\emoticones-love-3d.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

Et bien pour le moment, je n ai pas eu de nouveau d'erreur systeme et (mais c'est peut être juste une idée), j ai l'impression qu'il boote plus vite qu'avant ...(?) Bon, là j en suis au G, le dernier disque apres c'est la clé et puis ce sera fini pour le scan @ tt et merci !

Ok, merci pour ces quelques infos ! Bon le scan est toujours en cours, encore sur le c: (pff c est long mais bon ! ) et il y a un fichier infecté apparemment (EDIT : Non 2 rien que sur le C:. Là il attaque le D: ...) .. Vais attendre la suite et je te tiens au courant !! @+

Ok ! Je m'emballe trop vite alors, mais ca me fait tellement plaisir d'avoir grâce à toi trouver qqch alors que ca faisait je sais pas combien de scan que je faisais sans rien trouver .... Infection USB ? C a d via une clé USB ? Si c'est ça ca pourrait aussi expliquer que ma clé USB que j utilise pour transférer des fichiers entre le boulot et chez moi me pose qq soucis depuis quelques temps aussi alors peut être ??? Bon on verra ça alors avec le scan , puisque j y ai mis la clé USB en question dans la liste des lecteurs à scanner aussi !! Donc à plus tard (à la fin du scan...) et merci encore ! PS : Au fait, si tu as le temps, tu peux me dire ce que c était ces 3 fichiers qui ont été supprimés , histoire que j approfondisse un peu ma culture informatique ?

Bon, alors j ai rebooté le PC. Apparemment en effet, 3 trucs étaient pas bienvenus dans mon PC. Je lance le scan malwarebytes Voici les 2 logs de RSIT. J'espère que tout est ok maintenant ! En tout cas merci beaucoup ! Logfile of random's system information tool 1.06 (written by random/random) Run by Fabrice at 2010-01-30 22:05:26 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 37 GB (63%) free of 59 GB Total RAM: 1023 MB (54% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:05:29, on 30/01/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\system32\devldr32.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\WINDOWS\vVX1000.exe C:\WINDOWS\StartupMonitor.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Brother\Brmfcmon\BrMfimon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe D:\Downloads Firefox\RSIT.exe C:\Documents and Settings\Fabrice\Bureau\Maintenance\Fabrice.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe" O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe" O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{A3409FF4-F625-4D06-AEB2-6865BCF01556}: NameServer = 192.168.1.1 O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 4498 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\User_Feed_Synchronization-{FDF23347-F772-48BD-ACD0-6A319E123431}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-14 35840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-14 73728] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Raccourci vers la page des propriétés de High Definition Audio"=C:\WINDOWS\system32\HDAudPropShortcut.exe [2004-03-17 61952] "Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd [] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "itype"=c:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-01-07 1496968] "BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2006-06-28 622592] "LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2007-05-17 279912] "VX1000"=C:\WINDOWS\vVX1000.exe [2009-06-26 757248] "Jet Detection"=C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe [2001-11-29 28672] "Run StartupMonitor"=C:\WINDOWS\StartupMonitor.exe [2000-05-20 86016] "nwiz"=nwiz.exe /installquiet [] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-01-11 110696] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-01-11 13666408] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule" "C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox" "C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe" "C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe" "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "D:\Downloads Firefox\Pack617Winks\installer\mcoinstall.exe"="D:\Downloads Firefox\Pack617Winks\installer\mcoinstall.exe:*:Enabled:mcoinstall" "C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv" "C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console" "C:\Program Files\play2p\play2p.exe"="C:\Program Files\play2p\play2p.exe:*:Disabled:play2p" "C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Disabled:RealPlayer" "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Disabled:Skype Extras Manager" "C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Disabled:Teamviewer Remote Control Application" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Disabled:Windows Live Call" "C:\WINDOWS\system32\mcoinstall.exe"="C:\WINDOWS\system32\mcoinstall.exe:*:Disabled:mcoinstall" "D:\Downloads Firefox\mcoview.exe"="D:\Downloads Firefox\mcoview.exe:*:Disabled:mcoview" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Disabled:Windows Live FolderShare" "C:\Program Files\aMSN\bin\wish.exe"="C:\Program Files\aMSN\bin\wish.exe:*:Disabled:Wish Application" "E:\receptions GT\Emulateur DS + jeux[www.torrent411.com]\desmume_sse2.exe"="E:\receptions GT\Emulateur DS + jeux[www.torrent411.com]\desmume_sse2.exe:*:Disabled:desmume_sse2" "C:\Program Files\GigaTribe\gigatribe.exe"="C:\Program Files\GigaTribe\gigatribe.exe:*:Enabled:GigaTribe" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{01fe0511-4bcb-11de-a6bf-00110965e099}] shell\AutoRun\command - H:\start.exe shell\FramaKey\command - H:\start.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0e2b695b-44b6-11de-9163-00110965e099}] shell\AutoRun\command - nano/bananna.exe shell\explore\command - nano/bananna.exe shell\open\command - nano/bananna.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e4ad2ad6-8856-11de-a702-00110965e099}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL NoLimit.exe ======List of files/folders created in the last 1 months====== 2010-01-30 22:02:22 ----A---- C:\TDSSKiller.2.2.2_30.01.2010_22.02.22_log.txt 2010-01-30 19:40:08 ----D---- C:\Program Files\AGEIA Technologies 2010-01-30 19:39:51 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation 2010-01-30 19:39:38 ----D---- C:\Program Files\NVIDIA Corporation 2010-01-30 19:38:45 ----A---- C:\WINDOWS\system32\OpenCL.dll 2010-01-30 19:38:43 ----A---- C:\WINDOWS\system32\nvoglnt.dll 2010-01-30 19:38:43 ----A---- C:\WINDOWS\system32\nvcuvid.dll 2010-01-30 19:38:43 ----A---- C:\WINDOWS\system32\nvcuvenc.dll 2010-01-30 19:38:43 ----A---- C:\WINDOWS\system32\nvcuda.dll 2010-01-30 19:38:43 ----A---- C:\WINDOWS\system32\nvcompiler.dll 2010-01-30 19:38:43 ----A---- C:\WINDOWS\system32\nvcodins.dll 2010-01-30 19:38:43 ----A---- C:\WINDOWS\system32\nvcod.dll 2010-01-30 19:38:43 ----A---- C:\WINDOWS\system32\nvapi.dll 2010-01-30 19:38:36 ----D---- C:\NVIDIA 2010-01-30 12:36:06 ----D---- C:\rsit 2010-01-30 08:45:32 ----A---- C:\WINDOWS\imsins.BAK 2010-01-30 08:45:25 ----HDC---- C:\WINDOWS\$NtUninstallKB971513$ 2010-01-29 23:46:58 ----D---- C:\WINDOWS\NV1643460.TMP 2010-01-27 15:41:55 ----D---- C:\Program Files\DDali 2010-01-27 15:41:55 ----A---- C:\WINDOWS\system32\Vbrun300.dll 2010-01-27 15:35:00 ----D---- C:\Program Files\GLD 2010-01-27 15:34:47 ----A---- C:\WINDOWS\unin040c.exe 2010-01-21 01:31:28 ----D---- C:\Documents and Settings\Fabrice\Application Data\QuickScan 2010-01-18 22:59:40 ----D---- C:\Program Files\MSECache 2010-01-13 14:09:47 ----A---- C:\WINDOWS\system32\TweakUI.exe 2010-01-12 18:34:38 ----D---- C:\Documents and Settings\Fabrice\Application Data\Malwarebytes 2010-01-12 18:34:26 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2010-01-12 18:34:25 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-01-12 08:03:33 ----D---- C:\Program Files\Ad-Remover 2010-01-12 08:00:53 ----A---- C:\TB.txt 2010-01-11 22:17:44 ----A---- C:\WINDOWS\system32\nvsvc32.exe 2010-01-11 22:17:44 ----A---- C:\WINDOWS\system32\nvmctray.dll 2010-01-11 22:17:44 ----A---- C:\WINDOWS\system32\nvmccs.dll 2010-01-11 22:17:44 ----A---- C:\WINDOWS\system32\nvcpl.dll 2010-01-11 22:17:44 ----A---- C:\WINDOWS\system32\nvcolor.exe 2010-01-11 22:17:40 ----A---- C:\WINDOWS\system32\nvwddi.dll 2010-01-11 22:17:40 ----A---- C:\WINDOWS\system32\nvrszht.dll 2010-01-11 22:17:40 ----A---- C:\WINDOWS\system32\nvrszhc.dll 2010-01-11 22:17:40 ----A---- C:\WINDOWS\system32\nvrstr.dll 2010-01-11 22:17:40 ----A---- C:\WINDOWS\system32\nvrsth.dll 2010-01-11 22:17:40 ----A---- C:\WINDOWS\system32\nvrssv.dll 2010-01-11 22:17:40 ----A---- C:\WINDOWS\system32\nvrssl.dll 2010-01-11 22:17:40 ----A---- C:\WINDOWS\system32\nvrssk.dll 2010-01-11 22:17:40 ----A---- C:\WINDOWS\system32\nvrsru.dll 2010-01-11 22:17:40 ----A---- C:\WINDOWS\system32\nvrsptb.dll 2010-01-11 22:17:40 ----A---- C:\WINDOWS\system32\nvrspt.dll 2010-01-11 22:17:40 ----A---- C:\WINDOWS\system32\nvrspl.dll 2010-01-11 22:17:40 ----A---- C:\WINDOWS\system32\nvrsno.dll 2010-01-11 22:17:40 ----A---- C:\WINDOWS\system32\nvrsnl.dll 2010-01-11 22:17:40 ----A---- C:\WINDOWS\system32\nvrsko.dll 2010-01-11 22:17:40 ----A---- C:\WINDOWS\system32\nvrsja.dll 2010-01-11 22:17:40 ----A---- C:\WINDOWS\system32\nvrsit.dll 2010-01-11 22:17:40 ----A---- C:\WINDOWS\system32\nvrshu.dll 2010-01-11 22:17:40 ----A---- C:\WINDOWS\system32\nvrshe.dll 2010-01-11 22:17:40 ----A---- C:\WINDOWS\system32\nvrsfr.dll 2010-01-11 22:17:40 ----A---- C:\WINDOWS\system32\nvrsfi.dll 2010-01-11 22:17:40 ----A---- C:\WINDOWS\system32\nvrsesm.dll 2010-01-11 22:17:40 ----A---- C:\WINDOWS\system32\nvrses.dll 2010-01-11 22:17:40 ----A---- C:\WINDOWS\system32\nvrseng.dll 2010-01-11 22:17:40 ----A---- C:\WINDOWS\system32\nvrsel.dll 2010-01-11 22:17:40 ----A---- C:\WINDOWS\system32\nvrsde.dll 2010-01-11 22:17:40 ----A---- C:\WINDOWS\system32\nvrsda.dll 2010-01-11 22:17:40 ----A---- C:\WINDOWS\system32\nvrscs.dll 2010-01-11 22:17:40 ----A---- C:\WINDOWS\system32\nvrsar.dll 2010-01-06 15:17:35 ----D---- C:\WINDOWS\system32\NtmsData 2010-01-04 11:06:27 ----D---- C:\WINDOWS\SxsCaPendDel ======List of files/folders modified in the last 1 months====== 2010-01-30 22:02:24 ----D---- C:\WINDOWS\Prefetch 2010-01-30 22:02:23 ----D---- C:\WINDOWS\system32\drivers 2010-01-30 21:59:45 ----D---- C:\WINDOWS\Temp 2010-01-30 21:56:53 ----D---- C:\Program Files\Mozilla Firefox 2010-01-30 21:55:47 ----D---- C:\WINDOWS\system32\CatRoot2 2010-01-30 21:55:02 ----A---- C:\WINDOWS\RTacDbg.txt 2010-01-30 21:55:00 ----D---- C:\WINDOWS 2010-01-30 21:52:28 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-01-30 19:45:14 ----HD---- C:\WINDOWS\inf 2010-01-30 19:41:37 ----SHD---- C:\Config.Msi 2010-01-30 19:41:13 ----D---- C:\WINDOWS\system32 2010-01-30 19:41:02 ----D---- C:\WINDOWS\Help 2010-01-30 19:40:53 ----SHD---- C:\WINDOWS\Installer 2010-01-30 19:40:08 ----RD---- C:\Program Files 2010-01-30 19:39:54 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard 2010-01-30 19:39:39 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-01-30 19:39:24 ----D---- C:\WINDOWS\system32\CatRoot 2010-01-30 19:14:02 ----D---- C:\Program Files\Mozilla Thunderbird 2010-01-30 19:08:48 ----HDC---- C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6} 2010-01-30 19:08:02 ----D---- C:\Program Files\Lavasoft 2010-01-30 19:07:56 ----DC---- C:\WINDOWS\system32\DRVSTORE 2010-01-30 12:43:56 ----SD---- C:\WINDOWS\Tasks 2010-01-30 08:51:01 ----D---- C:\WINDOWS\system 2010-01-30 08:49:24 ----D---- C:\WINDOWS\security 2010-01-30 08:46:07 ----D---- C:\Program Files\Internet Explorer 2010-01-30 08:45:44 ----HD---- C:\WINDOWS\$hf_mig$ 2010-01-29 20:29:22 ----D---- C:\WINDOWS\system32\LogFiles 2010-01-29 20:29:21 ----D---- C:\WINDOWS\Debug 2010-01-29 20:09:44 ----D---- C:\Program Files\CFWebAdvancedU_BOBTV.FR 2010-01-29 20:09:42 ----D---- C:\Program Files\CFWebAdvancedU 2010-01-27 15:35:00 ----D---- C:\Program Files\Common Files 2010-01-22 07:15:24 ----D---- C:\Documents and Settings\Fabrice\Application Data\BitTorrent 2010-01-21 12:45:00 ----SHD---- C:\System Volume Information 2010-01-21 12:45:00 ----D---- C:\WINDOWS\system32\Restore 2010-01-20 13:05:19 ----D---- C:\Program Files\Microsoft Silverlight 2010-01-13 18:00:22 ----D---- C:\Program Files\Fichiers communs\Adobe 2010-01-13 18:00:20 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2010-01-13 09:01:06 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2010-01-13 06:51:16 ----D---- C:\WINDOWS\AppPatch 2010-01-12 05:03:33 ----A---- C:\WINDOWS\system32\nv4_disp.dll 2010-01-09 21:14:09 ----D---- C:\WINDOWS\Registration 2010-01-08 16:28:16 ----A---- C:\Program Files\Fabrice.txt 2010-01-06 15:21:56 ----SD---- C:\WINDOWS\Downloaded Program Files 2010-01-05 23:30:51 ----D---- C:\WINDOWS\Minidump 2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe 2010-01-04 11:05:52 ----D---- C:\Program Files\Microsoft Office 2010-01-04 11:05:52 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2010-01-04 11:05:50 ----D---- C:\WINDOWS\system32\wbem 2010-01-04 11:04:55 ----D---- C:\Documents and Settings\Fabrice\Application Data\SoftGrid Client 2010-01-02 20:40:12 ----D---- C:\Documents and Settings\Fabrice\Application Data\CamfrogWEB ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgntdd;avgntdd; C:\WINDOWS\SYSTEM32\DRIVERS\avgntdd.sys [2009-02-13 45416] R1 avipbb;avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 ssmdrv;ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [2009-07-13 28520] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\WINDOWS\System32\DRIVERS\AegisP.sys [2009-05-19 21035] R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-06-08 279712] R2 CAMTHWDM;WebcamMax, WDM Video Capture; C:\WINDOWS\system32\DRIVERS\CAMTHWDM.sys [2009-08-07 1053056] R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-05-20 25888] R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2009-07-06 34064] R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys [] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 cmudax;C-Media High Definition Audio Interface; C:\WINDOWS\system32\drivers\cmudax.sys [2005-05-12 1287296] R3 emu10k;Creative SB Live! (WDM); C:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904] R3 emu10k1;Pilote du Gestionnaire d'interface Creative (WDM); C:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 KMWDFILTER;HIDUASDesc; C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408] R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\WINDOWS\system32\DRIVERS\ManyCam.sys [2008-01-14 21632] R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2002-08-30 12288] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-01-12 10276768] R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992] R3 rtl8185;Realtek RTL8185 54M Wireless LAN Network Adapter Driver; C:\WINDOWS\System32\DRIVERS\rtl8185.sys [2007-02-02 306560] R3 sfman;Pilote du Gestionnaire SoundFont Creative (WDM); C:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480] R3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912] R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 VX1000;VX-1000; C:\WINDOWS\system32\DRIVERS\VX1000.sys [2009-06-26 1956096] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\System32\drivers\ctac32k.sys [2002-07-19 127948] S3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2002-07-19 837548] S3 ctljystk;Creative SBLive! Port de jeux; C:\WINDOWS\system32\DRIVERS\ctljystk.sys [2001-08-17 3712] S3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\System32\drivers\ctprxy2k.sys [2002-07-19 11068] S3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\drivers\ctsfm2k.sys [2002-07-19 213860] S3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\System32\drivers\emupia2k.sys [2002-07-19 156604] S3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2002-07-24 998004] S3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-03-17 113664] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664] S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016] S3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2002-07-19 195432] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112] S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808] S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-13 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-18 185089] R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-05-17 271720] R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-01-11 154216] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-06-14 152984] S3 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096] S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-06-28 3100060] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2009-09-26 149336] S3 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S4 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952] S4 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808] -----------------EOF----------------- info.txt logfile of random's system information tool 1.06 2010-01-30 22:05:30 ======Uninstall list====== -->"C:\Program Files\Creative\SBLive\Program\Ctzapxx.EXE" /X /U /S -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER -->MsiExec /X{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6} -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58582977-44D2-44A0-A09B-031CC2AE5938}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58582977-44D2-44A0-A09B-031CC2AE5938}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A4D2983-4662-4387-BE3D-4CFC2FA9C100}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A4D2983-4662-4387-BE3D-4CFC2FA9C100}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A731533B-B325-4D9C-91A4-D93C8E294C19}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A731533B-B325-4D9C-91A4-D93C8E294C19}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD851F7E-F887-405D-9E1C-488811113EF3}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD851F7E-F887-405D-9E1C-488811113EF3}\setup.exe" -l0x9 /remove -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 802.11g Wireless CardBus & PCI Adapter HW.15 V.1.00-->C:\Program Files\InstallShield Installation Information\{F266A90C-3F4A-4F65-9901-3DBBB0D77D80}\setup.exe -runfromtemp -l0x0409 Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe" REMOVE=TRUE MODIFY=FALSE Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 9.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A93000000001} Ad-Remover By C_XX-->"C:\Program Files\Ad-Remover\Uninstall ADR.exe" adsl TV-->C:\Program Files\adslTV\Uninstal.exe aMSN 0.97.2-->C:\Program Files\aMSN\uninstall.exe Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Applian FLV Player-->"C:\WINDOWS\Applian FLV Player\uninstall.exe" "/U:C:\Program Files\FLV Player\Uninstall\uninstall.xml" Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE AVS DVD Player version 2.4-->"C:\Program Files\AVS4YOU\AVSDVDPlayer\unins000.exe" AVS Update Manager 1.0-->"C:\Program Files\AVS4YOU\AVSUpdateManger\unins000.exe" AVS4YOU Software Navigator 1.3-->"C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe" BitTorrent-->C:\Program Files\BitTorrent\uninst.exe Brother MFL-Pro Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A912C12-A7DA-44D7-BD57-5CA85E2F33E1}\Setup.exe" -l0x40c Brunin03.dll -removeonly CamfrogWEB Advanced ActiveX Plugin (remove only)-->"C:\Program Files\CFWebAdvancedU\Uninstall.exe" CamfrogWEB Advanced ActiveX Plugin (www.bobtv.fr)-->"C:\Program Files\CFWebAdvancedU_BOBTV.FR\Uninstall.exe" CCleaner-->"C:\Program Files\CCleaner\uninst.exe" CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe" chat-land-->"C:\Program Files\chat-land\unins000.exe" C-Media High Definition Audio Driver-->C:\WINDOWS\system32\cmirmdrv.exe Code de la Route-->MsiExec.exe /X{A37A26D5-8444-4862-933B-478371D0299D} Conseiller de mise à niveau vers Windows 7-->MsiExec.exe /I{4983AA07-81D0-4605-BF92-49A343056DC8} ddali-->C:\WINDOWS\unin040c.exe -f"C:\Program Files\DDali\DeIsL1.isu" -c"C:\Program Files\DDali\_ISREG32.DLL" Defraggler-->"C:\Program Files\Defraggler\uninst.exe" Dietetik 5.3-->C:\WINDOWS\unin040c.exe -f"C:\Program Files\GLD\Dietetik 5.3\DeIsL1.isu" -c"C:\Program Files\GLD\Dietetik 5.3\_ISREG32.DLL" DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN eMule-->"C:\Program Files\eMule\Uninstall.exe" EVEREST Ultimate Edition v5.01-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe" Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F} Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1} GigaTribe 3.16-->"C:\Program Files\GigaTribe\unins000.exe" HD Tune 2.55-->"C:\Program Files\HD Tune\unins000.exe" HijackThis 2.0.2-->"C:\Documents and Settings\Fabrice\Bureau\Maintenance\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31} IsoBuster 2.5.5-->"C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe" Java 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF} Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} Kill Process 5.0.0.5 (désinstaller seulement)-->"C:\Program Files\Kill Process\uninstall.exe" Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Live Downloader 1-->"C:\Program Files\Live Downloader\unins000.exe" Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" ManyCam 2.4 (remove only)-->"C:\Program Files\ManyCam 2.4\uninstall.exe" Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe" Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe" Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe" Microsoft LifeCam-->MsiExec.exe /X{968D41C3-25BB-4632-A6DF-2E1C8F0143A4} Microsoft Money-->D:\Money 2005\MNYCoreFiles\Setup\uninst.exe /s:120 Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0} Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE} Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC} Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-040C-0000-0000000FF1CE} Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE} Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9} Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft User-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWudf01007$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Mise à jour pour Microsoft Windows (KB971513)-->"C:\WINDOWS\$NtUninstallKB971513$\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB971180)-->"C:\WINDOWS\ie8updates\KB971180-IE8\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB978506)-->"C:\WINDOWS\ie8updates\KB978506-IE8\spuninst\spuninst.exe" Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe Mozilla Firefox (3.5.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe Mozilla Thunderbird (2.0.0.23)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27} MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96} Nokia Connectivity Cable Driver-->MsiExec.exe /I{52D02A2B-03D2-4E34-A358-DC5D951FD296} Nokia Multimedia Common Components 2.4-->MsiExec.exe /I{6EB6C056-02BB-453E-8448-EC90B9794180} Nokia Music-->MsiExec.exe /I{DC432844-6914-4421-910C-F1B05B3A761C} Nokia PC Suite-->C:\Documents and Settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Nokia_PC_Suite_7_1_30_9_fre_web.exe Nokia PC Suite-->MsiExec.exe /I{3D39E775-DDDA-4327-B747-0BDC5F191331} NVIDIA Display Control Panel-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe DisplayControlPanel NVIDIA Drivers-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI NVIDIA nView Desktop Manager-->C:\Program Files\NVIDIA Corporation\nView\nViewSetup.exe -uninstall NVIDIA PhysX-->MsiExec.exe /X{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6} OpenOffice.org 3.1-->MsiExec.exe /I{B2E581DB-C4DD-432C-AC84-ED761AC056BC} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Package de pilotes Windows - Nokia Modem (06/01/2009 4.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_C08496D7A0050438DFE13C55799AE2D4157A8E7A\nokia_bluetooth.inf Package de pilotes Windows - Nokia Modem (06/01/2009 7.01.0.3)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_9C48E34C57B7D4AAE5FFF5FB9B476B538394FD30\nokbtmdm.inf Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf PC Connectivity Solution-->MsiExec.exe /I{0C973594-7DDF-4BD0-84ED-3517F7622037} Phyloboîte version 1.2.0.0 R2-->"C:\Program Files\phyloboite\unins000.exe" Phylogene V2.5.1-->"C:\INRP\Phylogene\unins000.exe" Phylogenia v.2.0-->C:\Program Files\Phylogenia v.2.0\Uninstal.exe play2p-->C:\Program Files\play2p\uninstall.exe PowerArchiver-->C:\Program Files\PowerArchiver\UNINST.EXE QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2} Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08} Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F} Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE} Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0} Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D} Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E} Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF} Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C} Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC} Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D} Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050} Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Sound Blaster AudioPCI 128-->C:\WINDOWS\uninst.exe -f"C:\Program Files\Creative\CTSND\DeIsL1.isu" Sound Blaster Live! Web 2K/XP-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3FCAADB8-EB1B-11D6-AB2D-0090271A23A2}\Setup.exe" -l0x9 StartupMonitor-->MsiExec.exe /I{76EFAC4F-1712-401F-B2AE-590B170C9BCE} System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe TeamViewer 5-->C:\Program Files\TeamViewer\Version5\uninstall.exe The KMPlayer (remove only)-->"C:\Program Files\The KMPlayer\uninstall.exe" TV Orange 0.94-->"C:\Program Files\TV Orange\unins000.exe" Tweak UI-->"C:\WINDOWS\system32\mshta.exe" "res://C:\WINDOWS\system32\TweakUI.exe/uninstall.hta" Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7} Update for Outlook 2007 Junk Email Filter (kb977839)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C568005C-5FC6-4C81-A664-BD136610A931} VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B} Viewpoint Media Player (Remove Only)-->C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe -u Visionneuse Journal Windows Microsoft-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7} WebcamMax-->"C:\Program Files\WebcamMax\uninst.exe" Winamp-->"C:\Program Files\Winamp\UninstWA.exe" Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA} Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818} Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1} Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" winpcap-nmap 4.02-->"C:\Program Files\WinPcap\uninstall.exe" WinZip 12.0-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7} XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe" Zeb-Utility 1.2-->C:\Program Files\Zeb-Utility\Uninstal.exe =====HijackThis Backups===== O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0..._instmodule.exe [2009-11-21] O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun [2009-11-21] O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-11-21] O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-11-21] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.cherche.us [2009-12-19] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.cherche.us [2009-12-19] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.cherche.us [2009-12-19] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.cherche.us [2009-12-19] R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.cherche.us/keyword/%s [2009-12-19] R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.cherche.us [2009-12-19] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cherche.us [2009-12-19] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.cherche.us/keyword/ [2009-12-19] O4 - HKLM\..\Run: [winternet] C:\Documents and Settings\Fabrice\winternet.exe [2009-12-19] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.cherche.us [2009-12-19] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.cherche.us [2009-12-19] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cherche.us [2009-12-19] O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-12-19] O4 - HKLM\..\Run: [WebcammaxMoniter] "C:\Program Files\WebcamMax\wcmmon.exe" -a [2010-01-06] O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/maconfi...fig_3_5_0_0.cab [2010-01-06] O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL [2010-01-06] O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-01-06] O8 - Extra context menu item: Recherche avec cherche.us - C:\Documents and Settings\Fabrice\scriptjava.html [2010-01-06] O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-01-06] O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) [2010-01-06] O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) [2010-01-11] O15 - Trusted Zone: *.chat-land.org [2010-01-21] O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE [2010-01-29] O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime [2010-01-29] O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000 [2010-01-29] O4 - HKCU\..\Run: [setDefaultMIDI] MIDIDef.exe [2010-01-29] O4 - S-1-5-21-789336058-329068152-725345543-1005 Startup: GigaTribe.lnk = C:\Program Files\GigaTribe\gigatribe.exe (User '?') [2010-01-29] O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-01-29] O4 - Startup: GigaTribe.lnk = C:\Program Files\GigaTribe\gigatribe.exe [2010-01-29] O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0..._instmodule.exe [2010-01-29] O4 - HKLM\..\Run: [DevconDefaultDB] C:\WINDOWS\READREG /PSCONV={NO} /NO_DEFPS [2010-01-29] O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} (CamfrogWEB Advanced Unicode Control) - http://bobtv.fr/download/cfweb_www.bobtv.f..._instmodule.exe [2010-01-29] O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) [2010-01-29] ======Security center information====== AV: AntiVir Desktop ======System event log====== Computer Name: SILMARIL-3RQ5TV Event Code: 4201 Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{A3409FF4-F625-4D06-AEB2-6865BCF01556} était connectée au réseau, et a lancé une opération normale sur la carte réseau. Record Number: 12774 Source Name: Tcpip Time Written: 20091230201701.000000+060 Event Type: Informations User: Computer Name: SILMARIL-3RQ5TV Event Code: 7036 Message: Le service Configuration automatique sans fil est entré dans l'état : en cours d'exécution. Record Number: 12773 Source Name: Service Control Manager Time Written: 20091230201643.000000+060 Event Type: Informations User: Computer Name: SILMARIL-3RQ5TV Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Configuration automatique sans fil. Record Number: 12772 Source Name: Service Control Manager Time Written: 20091230201643.000000+060 Event Type: Informations User: SILMARIL-3RQ5TV\Fabrice Computer Name: SILMARIL-3RQ5TV Event Code: 10005 Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service ServiceLayer avec les arguments "" pour démarrer le serveur : {ACF50018-41F8-476D-85FD-CD953DAE4A49} Record Number: 12771 Source Name: DCOM Time Written: 20091230201312.000000+060 Event Type: erreur User: SILMARIL-3RQ5TV\Fabrice Computer Name: SILMARIL-3RQ5TV Event Code: 10005 Message: DCOM a reçu l'erreur "%1058" lors de la mise en route du service ServiceLayer avec les arguments "" pour démarrer le serveur : {ACF50018-41F8-476D-85FD-CD953DAE4A49} Record Number: 12770 Source Name: DCOM Time Written: 20091230201309.000000+060 Event Type: erreur User: SILMARIL-3RQ5TV\Fabrice =====Application event log===== Computer Name: SILMARIL-3RQ5TV Event Code: 301 Message: Windows (1732) Windows: Le moteur de base de données commence la relecture du fichier journal C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS17E9C.log. Record Number: 3787 Source Name: ESENT Time Written: 20091226132318.000000+060 Event Type: Informations User: Computer Name: SILMARIL-3RQ5TV Event Code: 301 Message: Windows (1732) Windows: Le moteur de base de données commence la relecture du fichier journal C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS17E9B.log. Record Number: 3786 Source Name: ESENT Time Written: 20091226132316.000000+060 Event Type: Informations User: Computer Name: SILMARIL-3RQ5TV Event Code: 301 Message: Windows (1732) Windows: Le moteur de base de données commence la relecture du fichier journal C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS17E9A.log. Record Number: 3785 Source Name: ESENT Time Written: 20091226132315.000000+060 Event Type: Informations User: Computer Name: SILMARIL-3RQ5TV Event Code: 301 Message: Windows (1732) Windows: Le moteur de base de données commence la relecture du fichier journal C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS17E99.log. Record Number: 3784 Source Name: ESENT Time Written: 20091226132315.000000+060 Event Type: Informations User: Computer Name: SILMARIL-3RQ5TV Event Code: 301 Message: Windows (1732) Windows: Le moteur de base de données commence la relecture du fichier journal C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS17E98.log. Record Number: 3783 Source Name: ESENT Time Written: 20091226132313.000000+060 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=C:\Program Files\NVIDIA Corporation\PhysX\Common;C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\DivX Shared\;C:\Program Files\Smart Projects\IsoBuster;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 3 Stepping 4, GenuineIntel "PROCESSOR_REVISION"=0304 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "FP_NO_HOST_CHECK"=NO "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip -----------------EOF-----------------

Salut Appolo et merci de te pencher sur mon souci Voici le log que j ai obtenu , j'espère qu'il te sera utile. Merci d'avance . 21:29:18:765 1332 TDSS rootkit removing tool 2.2.2 Jan 13 2010 08:42:25 21:29:18:765 1332 ================================================================================ 21:29:18:765 1332 SystemInfo: 21:29:18:765 1332 OS Version: 5.1.2600 ServicePack: 3.0 21:29:18:765 1332 Product type: Workstation 21:29:18:765 1332 ComputerName: SILMARIL-3RQ5TV 21:29:18:765 1332 UserName: Fabrice 21:29:18:765 1332 Windows directory: C:\WINDOWS 21:29:18:765 1332 Processor architecture: Intel x86 21:29:18:765 1332 Number of processors: 2 21:29:18:765 1332 Page size: 0x1000 21:29:18:765 1332 Boot type: Normal boot 21:29:18:765 1332 ================================================================================ 21:29:18:781 1332 UnloadDriverW: NtUnloadDriver error 2 21:29:18:781 1332 ForceUnloadDriverW: UnloadDriverW(klmd21) error 2 21:29:18:781 1332 MyNtCreateFileW: NtCreateFile(\??\C:\WINDOWS\system32\drivers\klmd.sys) returned status 00000000 21:29:18:828 1332 UtilityInit: KLMD drop and load success 21:29:18:828 1332 KLMD_OpenDevice: Trying to open KLMD Device(KLMD201000) 21:29:18:828 1332 UtilityInit: KLMD open success 21:29:18:828 1332 UtilityInit: Initialize success 21:29:18:828 1332 21:29:18:828 1332 Scanning Services ... 21:29:18:828 1332 CreateRegParser: Registry parser init started 21:29:18:828 1332 DisableWow64Redirection: GetProcAddress(Wow64DisableWow64FsRedirection) error 127 21:29:18:828 1332 CreateRegParser: DisableWow64Redirection error 21:29:18:828 1332 wfopen_ex: Trying to open file C:\WINDOWS\system32\config\system 21:29:18:828 1332 MyNtCreateFileW: NtCreateFile(\??\C:\WINDOWS\system32\config\system) returned status C0000043 21:29:18:828 1332 wfopen_ex: MyNtCreateFileW error 32 (C0000043) 21:29:18:828 1332 wfopen_ex: Trying to KLMD file open 21:29:18:828 1332 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\config\system 21:29:18:828 1332 wfopen_ex: File opened ok (Flags 2) 21:29:18:828 1332 CreateRegParser: HIVE_ADAPTER(C:\WINDOWS\system32\config\system) init success: 264B20 21:29:18:843 1332 wfopen_ex: Trying to open file C:\WINDOWS\system32\config\software 21:29:18:843 1332 MyNtCreateFileW: NtCreateFile(\??\C:\WINDOWS\system32\config\software) returned status C0000043 21:29:18:843 1332 wfopen_ex: MyNtCreateFileW error 32 (C0000043) 21:29:18:843 1332 wfopen_ex: Trying to KLMD file open 21:29:18:843 1332 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\config\software 21:29:18:843 1332 wfopen_ex: File opened ok (Flags 2) 21:29:18:843 1332 CreateRegParser: HIVE_ADAPTER(C:\WINDOWS\system32\config\software) init success: 264BC8 21:29:18:843 1332 EnableWow64Redirection: GetProcAddress(Wow64RevertWow64FsRedirection) error 127 21:29:18:843 1332 CreateRegParser: EnableWow64Redirection error 21:29:18:843 1332 CreateRegParser: RegParser init completed 21:29:19:312 1332 GetAdvancedServicesInfo: Raw services enum returned 368 services 21:29:19:312 1332 fclose_ex: Trying to close file C:\WINDOWS\system32\config\system 21:29:19:312 1332 fclose_ex: Trying to close file C:\WINDOWS\system32\config\software 21:29:19:312 1332 21:29:19:312 1332 Scanning Kernel memory ... 21:29:19:312 1332 KLMD_GetSystemObjectAddressByNameW: Trying to get system object address by name \Driver\Disk 21:29:19:312 1332 DetectCureTDL3: \Driver\Disk PDRIVER_OBJECT: 86690A08 21:29:19:312 1332 DetectCureTDL3: KLMD_GetDeviceObjectList returned 7 DevObjects 21:29:19:312 1332 21:29:19:312 1332 DetectCureTDL3: DEVICE_OBJECT: 863E6BD0 21:29:19:312 1332 KLMD_GetLowerDeviceObject: Trying to get lower device object for 863E6BD0 21:29:19:312 1332 KLMD_ReadMem: Trying to ReadMemory 0x863E6BD0[0x38] 21:29:19:312 1332 DetectCureTDL3: DRIVER_OBJECT: 86690A08 21:29:19:312 1332 KLMD_ReadMem: Trying to ReadMemory 0x86690A08[0xA8] 21:29:19:312 1332 KLMD_ReadMem: Trying to ReadMemory 0xE15A7E90[0x18] 21:29:19:312 1332 DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk 21:29:19:312 1332 DetectCureTDL3: IrpHandler (0) addr: F7894BB0 21:29:19:312 1332 DetectCureTDL3: IrpHandler (1) addr: 804F6739 21:29:19:312 1332 DetectCureTDL3: IrpHandler (2) addr: F7894BB0 21:29:19:312 1332 DetectCureTDL3: IrpHandler (3) addr: F788ED1F 21:29:19:312 1332 DetectCureTDL3: IrpHandler (4) addr: F788ED1F 21:29:19:312 1332 DetectCureTDL3: IrpHandler (5) addr: 804F6739 21:29:19:312 1332 DetectCureTDL3: IrpHandler (6) addr: 804F6739 21:29:19:312 1332 DetectCureTDL3: IrpHandler (7) addr: 804F6739 21:29:19:312 1332 DetectCureTDL3: IrpHandler ( addr: 804F6739 21:29:19:312 1332 DetectCureTDL3: IrpHandler (9) addr: F788F2E2 21:29:19:312 1332 DetectCureTDL3: IrpHandler (10) addr: 804F6739 21:29:19:312 1332 DetectCureTDL3: IrpHandler (11) addr: 804F6739 21:29:19:312 1332 DetectCureTDL3: IrpHandler (12) addr: 804F6739 21:29:19:312 1332 DetectCureTDL3: IrpHandler (13) addr: 804F6739 21:29:19:312 1332 DetectCureTDL3: IrpHandler (14) addr: F788F3BB 21:29:19:312 1332 DetectCureTDL3: IrpHandler (15) addr: F7892F28 21:29:19:312 1332 DetectCureTDL3: IrpHandler (16) addr: F788F2E2 21:29:19:312 1332 DetectCureTDL3: IrpHandler (17) addr: 804F6739 21:29:19:312 1332 DetectCureTDL3: IrpHandler (18) addr: 804F6739 21:29:19:312 1332 DetectCureTDL3: IrpHandler (19) addr: 804F6739 21:29:19:312 1332 DetectCureTDL3: IrpHandler (20) addr: 804F6739 21:29:19:312 1332 DetectCureTDL3: IrpHandler (21) addr: 804F6739 21:29:19:312 1332 DetectCureTDL3: IrpHandler (22) addr: F7890C82 21:29:19:312 1332 DetectCureTDL3: IrpHandler (23) addr: F789599E 21:29:19:312 1332 DetectCureTDL3: IrpHandler (24) addr: 804F6739 21:29:19:312 1332 DetectCureTDL3: IrpHandler (25) addr: 804F6739 21:29:19:312 1332 DetectCureTDL3: IrpHandler (26) addr: 804F6739 21:29:19:312 1332 TDL3_FileDetect: Processing driver: Disk 21:29:19:312 1332 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\DRIVERS\disk.sys 21:29:19:312 1332 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\DRIVERS\disk.sys 21:29:19:343 1332 TDL3_FileDetect: C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: Clean 21:29:19:343 1332 21:29:19:343 1332 DetectCureTDL3: DEVICE_OBJECT: 86327AB8 21:29:19:343 1332 KLMD_GetLowerDeviceObject: Trying to get lower device object for 86327AB8 21:29:19:343 1332 DetectCureTDL3: DEVICE_OBJECT: 865E2AE0 21:29:19:343 1332 KLMD_GetLowerDeviceObject: Trying to get lower device object for 865E2AE0 21:29:19:343 1332 KLMD_ReadMem: Trying to ReadMemory 0x865E2AE0[0x38] 21:29:19:343 1332 DetectCureTDL3: DRIVER_OBJECT: 86448030 21:29:19:343 1332 KLMD_ReadMem: Trying to ReadMemory 0x86448030[0xA8] 21:29:19:343 1332 KLMD_ReadMem: Trying to ReadMemory 0xE100F070[0x1E] 21:29:19:343 1332 DetectCureTDL3: DRIVER_OBJECT name: \Driver\USBSTOR, Driver Name: USBSTOR 21:29:19:343 1332 DetectCureTDL3: IrpHandler (0) addr: EED2A218 21:29:19:343 1332 DetectCureTDL3: IrpHandler (1) addr: 804F6739 21:29:19:343 1332 DetectCureTDL3: IrpHandler (2) addr: EED2A218 21:29:19:343 1332 DetectCureTDL3: IrpHandler (3) addr: EED2A23C 21:29:19:343 1332 DetectCureTDL3: IrpHandler (4) addr: EED2A23C 21:29:19:343 1332 DetectCureTDL3: IrpHandler (5) addr: 804F6739 21:29:19:343 1332 DetectCureTDL3: IrpHandler (6) addr: 804F6739 21:29:19:343 1332 DetectCureTDL3: IrpHandler (7) addr: 804F6739 21:29:19:343 1332 DetectCureTDL3: IrpHandler ( addr: 804F6739 21:29:19:343 1332 DetectCureTDL3: IrpHandler (9) addr: 804F6739 21:29:19:343 1332 DetectCureTDL3: IrpHandler (10) addr: 804F6739 21:29:19:343 1332 DetectCureTDL3: IrpHandler (11) addr: 804F6739 21:29:19:343 1332 DetectCureTDL3: IrpHandler (12) addr: 804F6739 21:29:19:343 1332 DetectCureTDL3: IrpHandler (13) addr: 804F6739 21:29:19:343 1332 DetectCureTDL3: IrpHandler (14) addr: EED2A180 21:29:19:343 1332 DetectCureTDL3: IrpHandler (15) addr: EED259E6 21:29:19:343 1332 DetectCureTDL3: IrpHandler (16) addr: 804F6739 21:29:19:343 1332 DetectCureTDL3: IrpHandler (17) addr: 804F6739 21:29:19:343 1332 DetectCureTDL3: IrpHandler (18) addr: 804F6739 21:29:19:343 1332 DetectCureTDL3: IrpHandler (19) addr: 804F6739 21:29:19:343 1332 DetectCureTDL3: IrpHandler (20) addr: 804F6739 21:29:19:343 1332 DetectCureTDL3: IrpHandler (21) addr: 804F6739 21:29:19:343 1332 DetectCureTDL3: IrpHandler (22) addr: EED295F0 21:29:19:343 1332 DetectCureTDL3: IrpHandler (23) addr: EED27A6E 21:29:19:343 1332 DetectCureTDL3: IrpHandler (24) addr: 804F6739 21:29:19:343 1332 DetectCureTDL3: IrpHandler (25) addr: 804F6739 21:29:19:343 1332 DetectCureTDL3: IrpHandler (26) addr: 804F6739 21:29:19:343 1332 KLMD_ReadMem: Trying to ReadMemory 0xEED26F26[0x400] 21:29:19:343 1332 TDL3_StartIoHookDetect: CheckParameters: 0, 00000000, 0 21:29:19:343 1332 TDL3_FileDetect: Processing driver: USBSTOR 21:29:19:343 1332 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 21:29:19:343 1332 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 21:29:19:390 1332 TDL3_FileDetect: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS - Verdict: Clean 21:29:19:390 1332 21:29:19:390 1332 DetectCureTDL3: DEVICE_OBJECT: 86682030 21:29:19:390 1332 KLMD_GetLowerDeviceObject: Trying to get lower device object for 86682030 21:29:19:390 1332 KLMD_ReadMem: Trying to ReadMemory 0x86682030[0x38] 21:29:19:390 1332 DetectCureTDL3: DRIVER_OBJECT: 86690A08 21:29:19:390 1332 KLMD_ReadMem: Trying to ReadMemory 0x86690A08[0xA8] 21:29:19:390 1332 KLMD_ReadMem: Trying to ReadMemory 0xE15A7E90[0x18] 21:29:19:390 1332 DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk 21:29:19:390 1332 DetectCureTDL3: IrpHandler (0) addr: F7894BB0 21:29:19:390 1332 DetectCureTDL3: IrpHandler (1) addr: 804F6739 21:29:19:390 1332 DetectCureTDL3: IrpHandler (2) addr: F7894BB0 21:29:19:390 1332 DetectCureTDL3: IrpHandler (3) addr: F788ED1F 21:29:19:390 1332 DetectCureTDL3: IrpHandler (4) addr: F788ED1F 21:29:19:390 1332 DetectCureTDL3: IrpHandler (5) addr: 804F6739 21:29:19:390 1332 DetectCureTDL3: IrpHandler (6) addr: 804F6739 21:29:19:390 1332 DetectCureTDL3: IrpHandler (7) addr: 804F6739 21:29:19:390 1332 DetectCureTDL3: IrpHandler ( addr: 804F6739 21:29:19:390 1332 DetectCureTDL3: IrpHandler (9) addr: F788F2E2 21:29:19:390 1332 DetectCureTDL3: IrpHandler (10) addr: 804F6739 21:29:19:390 1332 DetectCureTDL3: IrpHandler (11) addr: 804F6739 21:29:19:390 1332 DetectCureTDL3: IrpHandler (12) addr: 804F6739 21:29:19:390 1332 DetectCureTDL3: IrpHandler (13) addr: 804F6739 21:29:19:390 1332 DetectCureTDL3: IrpHandler (14) addr: F788F3BB 21:29:19:390 1332 DetectCureTDL3: IrpHandler (15) addr: F7892F28 21:29:19:390 1332 DetectCureTDL3: IrpHandler (16) addr: F788F2E2 21:29:19:390 1332 DetectCureTDL3: IrpHandler (17) addr: 804F6739 21:29:19:390 1332 DetectCureTDL3: IrpHandler (18) addr: 804F6739 21:29:19:390 1332 DetectCureTDL3: IrpHandler (19) addr: 804F6739 21:29:19:390 1332 DetectCureTDL3: IrpHandler (20) addr: 804F6739 21:29:19:390 1332 DetectCureTDL3: IrpHandler (21) addr: 804F6739 21:29:19:390 1332 DetectCureTDL3: IrpHandler (22) addr: F7890C82 21:29:19:390 1332 DetectCureTDL3: IrpHandler (23) addr: F789599E 21:29:19:390 1332 DetectCureTDL3: IrpHandler (24) addr: 804F6739 21:29:19:390 1332 DetectCureTDL3: IrpHandler (25) addr: 804F6739 21:29:19:390 1332 DetectCureTDL3: IrpHandler (26) addr: 804F6739 21:29:19:390 1332 TDL3_FileDetect: Processing driver: Disk 21:29:19:390 1332 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\DRIVERS\disk.sys 21:29:19:390 1332 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\DRIVERS\disk.sys 21:29:19:406 1332 TDL3_FileDetect: C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: Clean 21:29:19:406 1332 21:29:19:406 1332 DetectCureTDL3: DEVICE_OBJECT: 8675BC68 21:29:19:406 1332 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8675BC68 21:29:19:406 1332 KLMD_ReadMem: Trying to ReadMemory 0x8675BC68[0x38] 21:29:19:406 1332 DetectCureTDL3: DRIVER_OBJECT: 86690A08 21:29:19:406 1332 KLMD_ReadMem: Trying to ReadMemory 0x86690A08[0xA8] 21:29:19:406 1332 KLMD_ReadMem: Trying to ReadMemory 0xE15A7E90[0x18] 21:29:19:406 1332 DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk 21:29:19:406 1332 DetectCureTDL3: IrpHandler (0) addr: F7894BB0 21:29:19:406 1332 DetectCureTDL3: IrpHandler (1) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (2) addr: F7894BB0 21:29:19:406 1332 DetectCureTDL3: IrpHandler (3) addr: F788ED1F 21:29:19:406 1332 DetectCureTDL3: IrpHandler (4) addr: F788ED1F 21:29:19:406 1332 DetectCureTDL3: IrpHandler (5) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (6) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (7) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler ( addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (9) addr: F788F2E2 21:29:19:406 1332 DetectCureTDL3: IrpHandler (10) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (11) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (12) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (13) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (14) addr: F788F3BB 21:29:19:406 1332 DetectCureTDL3: IrpHandler (15) addr: F7892F28 21:29:19:406 1332 DetectCureTDL3: IrpHandler (16) addr: F788F2E2 21:29:19:406 1332 DetectCureTDL3: IrpHandler (17) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (18) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (19) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (20) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (21) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (22) addr: F7890C82 21:29:19:406 1332 DetectCureTDL3: IrpHandler (23) addr: F789599E 21:29:19:406 1332 DetectCureTDL3: IrpHandler (24) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (25) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (26) addr: 804F6739 21:29:19:406 1332 TDL3_FileDetect: Processing driver: Disk 21:29:19:406 1332 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\DRIVERS\disk.sys 21:29:19:406 1332 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\DRIVERS\disk.sys 21:29:19:406 1332 TDL3_FileDetect: C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: Clean 21:29:19:406 1332 21:29:19:406 1332 DetectCureTDL3: DEVICE_OBJECT: 8668A9F0 21:29:19:406 1332 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8668A9F0 21:29:19:406 1332 KLMD_ReadMem: Trying to ReadMemory 0x8668A9F0[0x38] 21:29:19:406 1332 DetectCureTDL3: DRIVER_OBJECT: 86690A08 21:29:19:406 1332 KLMD_ReadMem: Trying to ReadMemory 0x86690A08[0xA8] 21:29:19:406 1332 KLMD_ReadMem: Trying to ReadMemory 0xE15A7E90[0x18] 21:29:19:406 1332 DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk 21:29:19:406 1332 DetectCureTDL3: IrpHandler (0) addr: F7894BB0 21:29:19:406 1332 DetectCureTDL3: IrpHandler (1) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (2) addr: F7894BB0 21:29:19:406 1332 DetectCureTDL3: IrpHandler (3) addr: F788ED1F 21:29:19:406 1332 DetectCureTDL3: IrpHandler (4) addr: F788ED1F 21:29:19:406 1332 DetectCureTDL3: IrpHandler (5) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (6) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (7) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler ( addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (9) addr: F788F2E2 21:29:19:406 1332 DetectCureTDL3: IrpHandler (10) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (11) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (12) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (13) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (14) addr: F788F3BB 21:29:19:406 1332 DetectCureTDL3: IrpHandler (15) addr: F7892F28 21:29:19:406 1332 DetectCureTDL3: IrpHandler (16) addr: F788F2E2 21:29:19:406 1332 DetectCureTDL3: IrpHandler (17) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (18) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (19) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (20) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (21) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (22) addr: F7890C82 21:29:19:406 1332 DetectCureTDL3: IrpHandler (23) addr: F789599E 21:29:19:406 1332 DetectCureTDL3: IrpHandler (24) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (25) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (26) addr: 804F6739 21:29:19:406 1332 TDL3_FileDetect: Processing driver: Disk 21:29:19:406 1332 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\DRIVERS\disk.sys 21:29:19:406 1332 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\DRIVERS\disk.sys 21:29:19:406 1332 TDL3_FileDetect: C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: Clean 21:29:19:406 1332 21:29:19:406 1332 DetectCureTDL3: DEVICE_OBJECT: 86761AB8 21:29:19:406 1332 KLMD_GetLowerDeviceObject: Trying to get lower device object for 86761AB8 21:29:19:406 1332 DetectCureTDL3: DEVICE_OBJECT: 867689E8 21:29:19:406 1332 KLMD_GetLowerDeviceObject: Trying to get lower device object for 867689E8 21:29:19:406 1332 DetectCureTDL3: DEVICE_OBJECT: 86764B00 21:29:19:406 1332 KLMD_GetLowerDeviceObject: Trying to get lower device object for 86764B00 21:29:19:406 1332 KLMD_ReadMem: Trying to ReadMemory 0x86764B00[0x38] 21:29:19:406 1332 DetectCureTDL3: DRIVER_OBJECT: 8670BB60 21:29:19:406 1332 KLMD_ReadMem: Trying to ReadMemory 0x8670BB60[0xA8] 21:29:19:406 1332 KLMD_ReadMem: Trying to ReadMemory 0xE1578280[0x1A] 21:29:19:406 1332 DetectCureTDL3: DRIVER_OBJECT name: \Driver\atapi, Driver Name: atapi 21:29:19:406 1332 DetectCureTDL3: IrpHandler (0) addr: F77A06F2 21:29:19:406 1332 DetectCureTDL3: IrpHandler (1) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (2) addr: F77A06F2 21:29:19:406 1332 DetectCureTDL3: IrpHandler (3) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (4) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (5) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (6) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (7) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler ( addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (9) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (10) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (11) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (12) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (13) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (14) addr: F77A0712 21:29:19:406 1332 DetectCureTDL3: IrpHandler (15) addr: F779C852 21:29:19:406 1332 DetectCureTDL3: IrpHandler (16) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (17) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (18) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (19) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (20) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (21) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (22) addr: F77A073C 21:29:19:406 1332 DetectCureTDL3: IrpHandler (23) addr: F77A7336 21:29:19:406 1332 DetectCureTDL3: IrpHandler (24) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (25) addr: 804F6739 21:29:19:406 1332 DetectCureTDL3: IrpHandler (26) addr: 804F6739 21:29:19:406 1332 KLMD_ReadMem: Trying to ReadMemory 0x8669F6EC[0x400] 21:29:19:406 1332 TDL3_StartIoHookDetect: CheckParameters: 9, FFDF0308, 1 21:29:19:406 1332 Driver "atapi" StartIo handler infected by TDSS rootkit ... 21:29:19:406 1332 TDL3_StartIoHookCure: Number of patches 1 21:29:19:406 1332 KLMD_WriteMem: Trying to WriteMemory 0x8669F7F5[0x6] 21:29:19:406 1332 cured 21:29:19:406 1332 TDL3_FileDetect: Processing driver: atapi 21:29:19:406 1332 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\DRIVERS\atapi.sys 21:29:19:406 1332 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\DRIVERS\atapi.sys 21:29:19:406 1332 TDL3_FileDetect: C:\WINDOWS\system32\DRIVERS\atapi.sys - Verdict: Clean 21:29:19:406 1332 21:29:19:406 1332 DetectCureTDL3: DEVICE_OBJECT: 8668CAB8 21:29:19:406 1332 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8668CAB8 21:29:19:406 1332 DetectCureTDL3: DEVICE_OBJECT: 8676A948 21:29:19:406 1332 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8676A948 21:29:19:406 1332 DetectCureTDL3: DEVICE_OBJECT: 86766940 21:29:19:406 1332 KLMD_GetLowerDeviceObject: Trying to get lower device object for 86766940 21:29:19:406 1332 KLMD_ReadMem: Trying to ReadMemory 0x86766940[0x38] 21:29:19:406 1332 DetectCureTDL3: DRIVER_OBJECT: 86769310 21:29:19:406 1332 KLMD_ReadMem: Trying to ReadMemory 0x86769310[0xA8] 21:29:19:406 1332 KLMD_ReadMem: Trying to ReadMemory 0x86698D98[0x38] 21:29:19:406 1332 KLMD_ReadMem: Trying to ReadMemory 0x8670BB60[0xA8] 21:29:19:406 1332 KLMD_ReadMem: Trying to ReadMemory 0xE1578280[0x1A] 21:29:19:406 1332 DetectCureTDL3: DRIVER_OBJECT name: \Driver\atapi, Driver Name: atapi 21:29:19:406 1332 DetectCureTDL3: IrpHandler (0) addr: 8669F841 21:29:19:406 1332 DetectCureTDL3: IrpHandler (1) addr: 8669F841 21:29:19:406 1332 DetectCureTDL3: IrpHandler (2) addr: 8669F841 21:29:19:406 1332 DetectCureTDL3: IrpHandler (3) addr: 8669F841 21:29:19:406 1332 DetectCureTDL3: IrpHandler (4) addr: 8669F841 21:29:19:406 1332 DetectCureTDL3: IrpHandler (5) addr: 8669F841 21:29:19:406 1332 DetectCureTDL3: IrpHandler (6) addr: 8669F841 21:29:19:406 1332 DetectCureTDL3: IrpHandler (7) addr: 8669F841 21:29:19:406 1332 DetectCureTDL3: IrpHandler ( addr: 8669F841 21:29:19:406 1332 DetectCureTDL3: IrpHandler (9) addr: 8669F841 21:29:19:406 1332 DetectCureTDL3: IrpHandler (10) addr: 8669F841 21:29:19:406 1332 DetectCureTDL3: IrpHandler (11) addr: 8669F841 21:29:19:406 1332 DetectCureTDL3: IrpHandler (12) addr: 8669F841 21:29:19:406 1332 DetectCureTDL3: IrpHandler (13) addr: 8669F841 21:29:19:406 1332 DetectCureTDL3: IrpHandler (14) addr: 8669F841 21:29:19:406 1332 DetectCureTDL3: IrpHandler (15) addr: 8669F841 21:29:19:406 1332 DetectCureTDL3: IrpHandler (16) addr: 8669F841 21:29:19:406 1332 DetectCureTDL3: IrpHandler (17) addr: 8669F841 21:29:19:406 1332 DetectCureTDL3: IrpHandler (18) addr: 8669F841 21:29:19:406 1332 DetectCureTDL3: IrpHandler (19) addr: 8669F841 21:29:19:406 1332 DetectCureTDL3: IrpHandler (20) addr: 8669F841 21:29:19:406 1332 DetectCureTDL3: IrpHandler (21) addr: 8669F841 21:29:19:406 1332 DetectCureTDL3: IrpHandler (22) addr: 8669F841 21:29:19:406 1332 DetectCureTDL3: IrpHandler (23) addr: 8669F841 21:29:19:406 1332 DetectCureTDL3: IrpHandler (24) addr: 8669F841 21:29:19:406 1332 DetectCureTDL3: IrpHandler (25) addr: 8669F841 21:29:19:406 1332 DetectCureTDL3: IrpHandler (26) addr: 8669F841 21:29:19:406 1332 DetectCureTDL3: All IRP handlers pointed to one addr: 8669F841 21:29:19:406 1332 KLMD_ReadMem: Trying to ReadMemory 0x8669F841[0x400] 21:29:19:406 1332 TDL3_IrpHookDetect: CheckParameters: 4, FFDF0308, 333, 121, 3, 109 21:29:19:406 1332 Driver "atapi" Irp handler infected by TDSS rootkit ... 21:29:19:406 1332 KLMD_WriteMem: Trying to WriteMemory 0x8669F8BA[0xD] 21:29:19:406 1332 cured 21:29:19:406 1332 KLMD_ReadMem: Trying to ReadMemory 0x8669F6EC[0x400] 21:29:19:406 1332 TDL3_StartIoHookDetect: CheckParameters: 9, FFDF0308, 0 21:29:19:406 1332 TDL3_FileDetect: Processing driver: atapi 21:29:19:406 1332 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\DRIVERS\atapi.sys 21:29:19:406 1332 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\DRIVERS\atapi.sys 21:29:19:421 1332 TDL3_FileDetect: C:\WINDOWS\system32\DRIVERS\atapi.sys - Verdict: Infected 21:29:19:421 1332 File C:\WINDOWS\system32\DRIVERS\atapi.sys infected by TDSS rootkit ... 21:29:19:421 1332 TDL3_FileCure: Processing driver file: C:\WINDOWS\system32\DRIVERS\atapi.sys 21:29:19:421 1332 ProcessDirEnumEx: FindFirstFile(C:\WINDOWS\system32\DriverStore\FileRepository\*) error 3 21:29:19:437 1332 CABFileCallback: Processing cab-file: C:\WINDOWS\Driver Cache\i386\driver.cab 21:29:19:500 1332 CABFileCallback: Processing cab-file: C:\WINDOWS\Driver Cache\i386\sp1.cab 21:29:19:515 1332 CABFileCallback: Processing cab-file: C:\WINDOWS\Driver Cache\i386\sp2.cab 21:29:19:546 1332 CABFileCallback: Processing cab-file: C:\WINDOWS\Driver Cache\i386\sp3.cab 21:29:19:562 1332 CabinetCallback: Backup candidate found: atapi.sys:96512, extracting.. 21:29:19:625 1332 CabinetCallback: File extracted successfully: C:\DOCUME~1\Fabrice\LOCALS~1\Temp\bck33.tmp 21:29:19:625 1332 ValidateDriverFile: Stage 1 passed 21:29:19:625 1332 ValidateDriverFile: Stage 2 passed 21:29:19:703 1332 DigitalSignVerifyByHandle: Embedded DS result: 800B0100 21:29:19:953 1332 DigitalSignVerifyByHandle: Cat DS result: 00000000 21:29:19:968 1332 ValidateDriverFile: Stage 3 passed 21:29:19:968 1332 CabinetCallback: File validated successfully, restore information prepared 21:29:19:968 1332 FindDriverFileBackup: Backup copy found in cab-file 21:29:19:968 1332 TDL3_FileCure: Backup copy found, using it.. 21:29:19:968 1332 TDL3_FileCure: Dumping cured buffer to file C:\WINDOWS\system32\drivers\tsk34.tmp 21:29:20:031 1332 TDL3_FileCure: New / Old Image paths: (system32\drivers\tsk34.tmp, system32\drivers\atapi.sys) 21:29:20:031 1332 TDL3_FileCure: KLMD jobs schedule success 21:29:20:031 1332 will be cured on next reboot 21:29:20:031 1332 UtilityBootReinit: Reboot required for cure complete.. 21:29:20:031 1332 MyNtCreateFileW: NtCreateFile(\??\C:\WINDOWS\system32\drivers\klmdb.sys) returned status 00000000 21:29:20:046 1332 UtilityBootReinit: KLMD drop success 21:29:20:046 1332 KLMD_ApplyPendList: Pending buffer(258A_343D, 608) dropped successfully 21:29:20:046 1332 UtilityBootReinit: Cure on reboot scheduled successfully 21:29:20:046 1332 21:29:20:046 1332 Completed 21:29:20:046 1332 21:29:20:046 1332 Results: 21:29:20:046 1332 Memory objects infected / cured / cured on reboot: 2 / 2 / 0 21:29:20:046 1332 Registry objects infected / cured / cured on reboot: 0 / 0 / 0 21:29:20:046 1332 File objects infected / cured / cured on reboot: 1 / 0 / 1 21:29:20:046 1332 21:29:20:046 1332 UnloadDriverW: NtUnloadDriver error 1 21:29:20:046 1332 KLMD_Unload: UnloadDriverW(klmd21) error 1 21:29:20:046 1332 MyNtCreateFileW: NtCreateFile(\??\C:\WINDOWS\system32\drivers\klmd.sys) returned status 00000000 21:29:20:046 1332 UtilityDeinit: KLMD(ARK) unloaded successfully

Bonjour à tous ! Je transfère un post que j'ai mis ds la rubrique software et apparemment un zebulonien m'a dit que j'étais infesté et que je devais venir par ici, donc, je remets mon post original ainsi que les logs que j'ai faits avec RSIT.exe Si qq'un peut me donner un coup de main pour me dire par quoi je suis infesté et comment m'en débarrasser, ce sera vraiment très sympa de votre part ! Lien vers ancien post : http://forum.zebulon.fr/defaillance-dcom-t173160.html Voilà, j'ai un souci depuis quelques semaines. J'ai un message d'erreur système qui s'affiche de façon totalement aléatoire m'indiquant : "Arrêt du système - Le service Lanceur de processus serveur DCOM s'est terminé de manière inattendue. " Ensuite j'ai le compte à rebours de 60 secondes et le système redémarre. Alors bien évidemment ceci m'a fait penser à Blast ou Sasser MAIS : - J'ai XP sp3 (donc faille corrigée en principe dès le SP2) - Ce n'est pas le service RPC qui est défaillant mais bien DCOM - J'ai scanné tout le PC : Antivir, Scan en ligne, Ad-Aware, tous mis à jour et ils ne trouvent strictement rien . Alors pour éviter le reboot, je connaissais deja l'action "Executer - shutdown -a" mais cela ne résout en rien le problème puisque l'erreur peut revenir J'ai modifié dans les services la réponse en cas de défaillance, c'est à dire qu'au lieu de rebooter le système, j'ai indiquer de redémarrer le service (ca m'évite le shutdown) Seulement voilà, ca m'énerve d'avoir cette erreur, d'autant plus quej'ai d'autres symptomes qui sont arrivés plus ou moins en même temps, à savoir : - Des onglets pas des popuup !) publicitaires s'ouvrent avec Firefox (ce qui ne m'arrivait jamais avant) - MSN impossible de se connecter après l'erreur DCOM (mais bon cela est peut être normal..?) Enfin voilà, si quelqu'un avait une nouvelle piste à étudier, je suis preneur parce que là je sèche carrément. merci d'avance ! Les logs RSIT.exe : Voila les 2 fichiers log : Le 1er c est les fichier info.txt, le second c est le fichier log.txt Merci de votre aide ! info.txt logfile of random's system information tool 1.06 2010-01-30 12:44:34 ======Uninstall list====== -->"C:\Program Files\Creative\SBLive\Program\Ctzapxx.EXE" /X /U /S -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58582977-44D2-44A0-A09B-031CC2AE5938}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58582977-44D2-44A0-A09B-031CC2AE5938}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A4D2983-4662-4387-BE3D-4CFC2FA9C100}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A4D2983-4662-4387-BE3D-4CFC2FA9C100}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A731533B-B325-4D9C-91A4-D93C8E294C19}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A731533B-B325-4D9C-91A4-D93C8E294C19}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD851F7E-F887-405D-9E1C-488811113EF3}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD851F7E-F887-405D-9E1C-488811113EF3}\setup.exe" -l0x9 /remove -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 802.11g Wireless CardBus & PCI Adapter HW.15 V.1.00-->C:\Program Files\InstallShield Installation Information\{F266A90C-3F4A-4F65-9901-3DBBB0D77D80}\setup.exe -runfromtemp -l0x0409 Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe" REMOVE=TRUE MODIFY=FALSE Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 9.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A93000000001} Ad-Remover By C_XX-->"C:\Program Files\Ad-Remover\Uninstall ADR.exe" adsl TV-->C:\Program Files\adslTV\Uninstal.exe aMSN 0.97.2-->C:\Program Files\aMSN\uninstall.exe Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Applian FLV Player-->"C:\WINDOWS\Applian FLV Player\uninstall.exe" "/U:C:\Program Files\FLV Player\Uninstall\uninstall.xml" Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE AVS DVD Player version 2.4-->"C:\Program Files\AVS4YOU\AVSDVDPlayer\unins000.exe" AVS Update Manager 1.0-->"C:\Program Files\AVS4YOU\AVSUpdateManger\unins000.exe" AVS4YOU Software Navigator 1.3-->"C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe" BitTorrent-->C:\Program Files\BitTorrent\uninst.exe Brother MFL-Pro Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A912C12-A7DA-44D7-BD57-5CA85E2F33E1}\Setup.exe" -l0x40c Brunin03.dll -removeonly CamfrogWEB Advanced ActiveX Plugin (remove only)-->"C:\Program Files\CFWebAdvancedU\Uninstall.exe" CamfrogWEB Advanced ActiveX Plugin (www.bobtv.fr)-->"C:\Program Files\CFWebAdvancedU_BOBTV.FR\Uninstall.exe" CCleaner-->"C:\Program Files\CCleaner\uninst.exe" CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe" chat-land-->"C:\Program Files\chat-land\unins000.exe" C-Media High Definition Audio Driver-->C:\WINDOWS\system32\cmirmdrv.exe Code de la Route-->MsiExec.exe /X{A37A26D5-8444-4862-933B-478371D0299D} Conseiller de mise à niveau vers Windows 7-->MsiExec.exe /I{4983AA07-81D0-4605-BF92-49A343056DC8} ddali-->C:\WINDOWS\unin040c.exe -f"C:\Program Files\DDali\DeIsL1.isu" -c"C:\Program Files\DDali\_ISREG32.DLL" Defraggler-->"C:\Program Files\Defraggler\uninst.exe" Dietetik 5.3-->C:\WINDOWS\unin040c.exe -f"C:\Program Files\GLD\Dietetik 5.3\DeIsL1.isu" -c"C:\Program Files\GLD\Dietetik 5.3\_ISREG32.DLL" DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN eMule-->"C:\Program Files\eMule\Uninstall.exe" EVEREST Ultimate Edition v5.01-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe" Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F} Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1} GigaTribe 3.16-->"C:\Program Files\GigaTribe\unins000.exe" HD Tune 2.55-->"C:\Program Files\HD Tune\unins000.exe" HijackThis 2.0.2-->"C:\Documents and Settings\Fabrice\Bureau\Maintenance\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31} IsoBuster 2.5.5-->"C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe" Java™ 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF} Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} Kill Process 5.0.0.5 (désinstaller seulement)-->"C:\Program Files\Kill Process\uninstall.exe" Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Live Downloader 1-->"C:\Program Files\Live Downloader\unins000.exe" Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" ManyCam 2.4 (remove only)-->"C:\Program Files\ManyCam 2.4\uninstall.exe" Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe" Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe" Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe" Microsoft LifeCam-->MsiExec.exe /X{968D41C3-25BB-4632-A6DF-2E1C8F0143A4} Microsoft Money-->D:\Money 2005\MNYCoreFiles\Setup\uninst.exe /s:120 Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0} Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE} Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC} Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-040C-0000-0000000FF1CE} Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE} Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9} Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft User-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWudf01007$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Mise à jour pour Microsoft Windows (KB971513)-->"C:\WINDOWS\$NtUninstallKB971513$\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB971180)-->"C:\WINDOWS\ie8updates\KB971180-IE8\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB978506)-->"C:\WINDOWS\ie8updates\KB978506-IE8\spuninst\spuninst.exe" Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe Mozilla Firefox (3.5.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe Mozilla Thunderbird (2.0.0.23)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27} MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96} Nokia Connectivity Cable Driver-->MsiExec.exe /I{52D02A2B-03D2-4E34-A358-DC5D951FD296} Nokia Multimedia Common Components 2.4-->MsiExec.exe /I{6EB6C056-02BB-453E-8448-EC90B9794180} Nokia Music-->MsiExec.exe /I{DC432844-6914-4421-910C-F1B05B3A761C} Nokia PC Suite-->C:\Documents and Settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Nokia_PC_Suite_7_1_30_9_fre_web.exe Nokia PC Suite-->MsiExec.exe /I{3D39E775-DDDA-4327-B747-0BDC5F191331} NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI OpenOffice.org 3.1-->MsiExec.exe /I{B2E581DB-C4DD-432C-AC84-ED761AC056BC} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Package de pilotes Windows - Nokia Modem (06/01/2009 4.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_C08496D7A0050438DFE13C55799AE2D4157A8E7A\nokia_bluetooth.inf Package de pilotes Windows - Nokia Modem (06/01/2009 7.01.0.3)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_9C48E34C57B7D4AAE5FFF5FB9B476B538394FD30\nokbtmdm.inf Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf PC Connectivity Solution-->MsiExec.exe /I{0C973594-7DDF-4BD0-84ED-3517F7622037} Phyloboîte version 1.2.0.0 R2-->"C:\Program Files\phyloboite\unins000.exe" Phylogene V2.5.1-->"C:\INRP\Phylogene\unins000.exe" Phylogenia v.2.0-->C:\Program Files\Phylogenia v.2.0\Uninstal.exe play2p-->C:\Program Files\play2p\uninstall.exe PowerArchiver-->C:\Program Files\PowerArchiver\UNINST.EXE QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2} Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08} Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F} Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE} Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0} Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D} Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E} Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF} Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C} Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC} Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D} Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050} Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Sound Blaster AudioPCI 128-->C:\WINDOWS\uninst.exe -f"C:\Program Files\Creative\CTSND\DeIsL1.isu" Sound Blaster Live! Web 2K/XP-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3FCAADB8-EB1B-11D6-AB2D-0090271A23A2}\Setup.exe" -l0x9 StartupMonitor-->MsiExec.exe /I{76EFAC4F-1712-401F-B2AE-590B170C9BCE} System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe TeamViewer 5-->C:\Program Files\TeamViewer\Version5\uninstall.exe The KMPlayer (remove only)-->"C:\Program Files\The KMPlayer\uninstall.exe" TV Orange 0.94-->"C:\Program Files\TV Orange\unins000.exe" Tweak UI-->"C:\WINDOWS\system32\mshta.exe" "res://C:\WINDOWS\system32\TweakUI.exe/uninstall.hta" Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7} Update for Outlook 2007 Junk Email Filter (kb977839)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C568005C-5FC6-4C81-A664-BD136610A931} VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B} Viewpoint Media Player (Remove Only)-->C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe -u Visionneuse Journal Windows Microsoft-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7} WebcamMax-->"C:\Program Files\WebcamMax\uninst.exe" Winamp-->"C:\Program Files\Winamp\UninstWA.exe" Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA} Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818} Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1} Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" winpcap-nmap 4.02-->"C:\Program Files\WinPcap\uninstall.exe" WinZip 12.0-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7} XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe" Zeb-Utility 1.2-->C:\Program Files\Zeb-Utility\Uninstal.exe =====HijackThis Backups===== O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0..._instmodule.exe [2009-11-21] O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun [2009-11-21] O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-11-21] O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-11-21] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.cherche.us [2009-12-19] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.cherche.us [2009-12-19] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.cherche.us [2009-12-19] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.cherche.us [2009-12-19] R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.cherche.us/keyword/%s [2009-12-19] R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.cherche.us [2009-12-19] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cherche.us [2009-12-19] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.cherche.us/keyword/ [2009-12-19] O4 - HKLM\..\Run: [winternet] C:\Documents and Settings\Fabrice\winternet.exe [2009-12-19] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.cherche.us [2009-12-19] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.cherche.us [2009-12-19] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cherche.us [2009-12-19] O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-12-19] O4 - HKLM\..\Run: [WebcammaxMoniter] "C:\Program Files\WebcamMax\wcmmon.exe" -a [2010-01-06] O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/maconfi...fig_3_5_0_0.cab [2010-01-06] O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL [2010-01-06] O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-01-06] O8 - Extra context menu item: Recherche avec cherche.us - C:\Documents and Settings\Fabrice\scriptjava.html [2010-01-06] O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-01-06] O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) [2010-01-06] O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) [2010-01-11] O15 - Trusted Zone: *.chat-land.org [2010-01-21] O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE [2010-01-29] O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime [2010-01-29] O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000 [2010-01-29] O4 - HKCU\..\Run: [setDefaultMIDI] MIDIDef.exe [2010-01-29] O4 - S-1-5-21-789336058-329068152-725345543-1005 Startup: GigaTribe.lnk = C:\Program Files\GigaTribe\gigatribe.exe (User '?') [2010-01-29] O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-01-29] O4 - Startup: GigaTribe.lnk = C:\Program Files\GigaTribe\gigatribe.exe [2010-01-29] O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0..._instmodule.exe [2010-01-29] O4 - HKLM\..\Run: [DevconDefaultDB] C:\WINDOWS\READREG /PSCONV={NO} /NO_DEFPS [2010-01-29] O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} (CamfrogWEB Advanced Unicode Control) - http://bobtv.fr/download/cfweb_www.bobtv.f..._instmodule.exe [2010-01-29] O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) [2010-01-29] ======Security center information====== AV: AntiVir Desktop ======System event log====== Computer Name: SILMARIL-3RQ5TV Event Code: 7036 Message: Le service Windows Installer est entré dans l'état : arrêté. Record Number: 12644 Source Name: Service Control Manager Time Written: 20091229105002.000000+060 Event Type: Informations User: Computer Name: SILMARIL-3RQ5TV Event Code: 7036 Message: Le service Windows Installer est entré dans l'état : en cours d'exécution. Record Number: 12643 Source Name: Service Control Manager Time Written: 20091229104938.000000+060 Event Type: Informations User: Computer Name: SILMARIL-3RQ5TV Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Windows Installer. Record Number: 12642 Source Name: Service Control Manager Time Written: 20091229104938.000000+060 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: SILMARIL-3RQ5TV Event Code: 7034 Message: Le service Client Virtualization Handler s'est terminé de façon inattendue pour la 1ème fois. Record Number: 12641 Source Name: Service Control Manager Time Written: 20091229104809.000000+060 Event Type: erreur User: Computer Name: SILMARIL-3RQ5TV Event Code: 7036 Message: Le service Hôte de périphérique universel Plug-and-Play est entré dans l'état : en cours d'exécution. Record Number: 12640 Source Name: Service Control Manager Time Written: 20091229101852.000000+060 Event Type: Informations User: =====Application event log===== Computer Name: SILMARIL-3RQ5TV Event Code: 301 Message: Windows (1732) Windows: Le moteur de base de données commence la relecture du fichier journal C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS17E8A.log. Record Number: 3769 Source Name: ESENT Time Written: 20091226132253.000000+060 Event Type: Informations User: Computer Name: SILMARIL-3RQ5TV Event Code: 301 Message: Windows (1732) Windows: Le moteur de base de données commence la relecture du fichier journal C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS17E89.log. Record Number: 3768 Source Name: ESENT Time Written: 20091226132252.000000+060 Event Type: Informations User: Computer Name: SILMARIL-3RQ5TV Event Code: 301 Message: Windows (1732) Windows: Le moteur de base de données commence la relecture du fichier journal C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS17E88.log. Record Number: 3767 Source Name: ESENT Time Written: 20091226132250.000000+060 Event Type: Informations User: Computer Name: SILMARIL-3RQ5TV Event Code: 301 Message: Windows (1732) Windows: Le moteur de base de données commence la relecture du fichier journal C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS17E87.log. Record Number: 3766 Source Name: ESENT Time Written: 20091226132249.000000+060 Event Type: Informations User: Computer Name: SILMARIL-3RQ5TV Event Code: 301 Message: Windows (1732) Windows: Le moteur de base de données commence la relecture du fichier journal C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS17E86.log. Record Number: 3765 Source Name: ESENT Time Written: 20091226132247.000000+060 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\DivX Shared\;C:\Program Files\Smart Projects\IsoBuster;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 3 Stepping 4, GenuineIntel "PROCESSOR_REVISION"=0304 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "FP_NO_HOST_CHECK"=NO "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip -----------------EOF----------------- Logfile of random's system information tool 1.06 (written by random/random) Run by Fabrice at 2010-01-30 12:44:09 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 37 GB (63%) free of 59 GB Total RAM: 1023 MB (55% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:44:30, on 30/01/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\devldr32.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\WINDOWS\vVX1000.exe C:\Program Files\Brother\Brmfcmon\BrMfimon.exe C:\WINDOWS\StartupMonitor.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe D:\Downloads Firefox\RSIT.exe C:\Documents and Settings\Fabrice\Bureau\Maintenance\Fabrice.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe" O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe" O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{A3409FF4-F625-4D06-AEB2-6865BCF01556}: NameServer = 192.168.1.1 O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 4651 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\User_Feed_Synchronization-{FDF23347-F772-48BD-ACD0-6A319E123431}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-14 35840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-14 73728] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-03-28 13684736] "nwiz"=nwiz.exe /install [] "Raccourci vers la page des propriétés de High Definition Audio"=C:\WINDOWS\system32\HDAudPropShortcut.exe [2004-03-17 61952] "Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd [] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "itype"=c:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-01-07 1496968] "BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2006-06-28 622592] "LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2007-05-17 279912] "VX1000"=C:\WINDOWS\vVX1000.exe [2009-06-26 757248] "Jet Detection"=C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe [2001-11-29 28672] "Run StartupMonitor"=C:\WINDOWS\StartupMonitor.exe [2000-05-20 86016] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-03-28 86016] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule" "C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox" "C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe" "C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe" "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "D:\Downloads Firefox\Pack617Winks\installer\mcoinstall.exe"="D:\Downloads Firefox\Pack617Winks\installer\mcoinstall.exe:*:Enabled:mcoinstall" "C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv" "C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console" "C:\Program Files\play2p\play2p.exe"="C:\Program Files\play2p\play2p.exe:*:Disabled:play2p" "C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Disabled:RealPlayer" "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Disabled:Skype Extras Manager" "C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Disabled:Teamviewer Remote Control Application" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Disabled:Windows Live Call" "C:\WINDOWS\system32\mcoinstall.exe"="C:\WINDOWS\system32\mcoinstall.exe:*:Disabled:mcoinstall" "D:\Downloads Firefox\mcoview.exe"="D:\Downloads Firefox\mcoview.exe:*:Disabled:mcoview" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Disabled:Windows Live FolderShare" "C:\Program Files\aMSN\bin\wish.exe"="C:\Program Files\aMSN\bin\wish.exe:*:Disabled:Wish Application" "E:\receptions GT\Emulateur DS + jeux[www.torrent411.com]\desmume_sse2.exe"="E:\receptions GT\Emulateur DS + jeux[www.torrent411.com]\desmume_sse2.exe:*:Disabled:desmume_sse2" "C:\Program Files\GigaTribe\gigatribe.exe"="C:\Program Files\GigaTribe\gigatribe.exe:*:Enabled:GigaTribe" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{01fe0511-4bcb-11de-a6bf-00110965e099}] shell\AutoRun\command - H:\start.exe shell\FramaKey\command - H:\start.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0e2b695b-44b6-11de-9163-00110965e099}] shell\AutoRun\command - nano/bananna.exe shell\explore\command - nano/bananna.exe shell\open\command - nano/bananna.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e4ad2ad6-8856-11de-a702-00110965e099}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL NoLimit.exe ======List of files/folders created in the last 1 months====== 2010-01-30 12:36:06 ----D---- C:\rsit 2010-01-30 08:45:32 ----A---- C:\WINDOWS\imsins.BAK 2010-01-30 08:45:25 ----HDC---- C:\WINDOWS\$NtUninstallKB971513$ 2010-01-29 23:46:58 ----D---- C:\WINDOWS\NV1643460.TMP 2010-01-27 15:41:55 ----D---- C:\Program Files\DDali 2010-01-27 15:41:55 ----A---- C:\WINDOWS\system32\Vbrun300.dll 2010-01-27 15:35:00 ----D---- C:\Program Files\GLD 2010-01-27 15:34:47 ----A---- C:\WINDOWS\unin040c.exe 2010-01-21 01:31:28 ----D---- C:\Documents and Settings\Fabrice\Application Data\QuickScan 2010-01-18 22:59:40 ----D---- C:\Program Files\MSECache 2010-01-13 14:09:47 ----A---- C:\WINDOWS\system32\TweakUI.exe 2010-01-12 18:34:38 ----D---- C:\Documents and Settings\Fabrice\Application Data\Malwarebytes 2010-01-12 18:34:26 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2010-01-12 18:34:25 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-01-12 08:03:33 ----D---- C:\Program Files\Ad-Remover 2010-01-12 08:00:53 ----A---- C:\TB.txt 2010-01-06 15:17:35 ----D---- C:\WINDOWS\system32\NtmsData 2010-01-04 11:06:27 ----D---- C:\WINDOWS\SxsCaPendDel ======List of files/folders modified in the last 1 months====== 2010-01-30 12:43:56 ----SD---- C:\WINDOWS\Tasks 2010-01-30 12:43:46 ----D---- C:\WINDOWS\Temp 2010-01-30 12:42:06 ----D---- C:\WINDOWS\system32\CatRoot2 2010-01-30 12:41:47 ----A---- C:\WINDOWS\RTacDbg.txt 2010-01-30 12:41:46 ----D---- C:\WINDOWS 2010-01-30 12:39:33 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-01-30 11:48:19 ----D---- C:\Program Files\Mozilla Thunderbird 2010-01-30 09:30:37 ----D---- C:\Program Files\Mozilla Firefox 2010-01-30 08:51:01 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-01-30 08:51:01 ----D---- C:\WINDOWS\system32 2010-01-30 08:51:01 ----D---- C:\WINDOWS\system 2010-01-30 08:49:24 ----D---- C:\WINDOWS\security 2010-01-30 08:46:08 ----HD---- C:\WINDOWS\inf 2010-01-30 08:46:07 ----D---- C:\Program Files\Internet Explorer 2010-01-30 08:45:44 ----HD---- C:\WINDOWS\$hf_mig$ 2010-01-30 08:45:02 ----D---- C:\WINDOWS\system32\drivers 2010-01-30 08:44:00 ----D---- C:\WINDOWS\Prefetch 2010-01-30 00:19:43 ----D---- C:\WINDOWS\Help 2010-01-30 00:19:40 ----D---- C:\WINDOWS\nview 2010-01-29 20:29:22 ----D---- C:\WINDOWS\system32\LogFiles 2010-01-29 20:29:21 ----D---- C:\WINDOWS\Debug 2010-01-29 20:09:42 ----D---- C:\Program Files\CFWebAdvancedU 2010-01-27 17:24:25 ----A---- C:\WINDOWS\system32\lsdelete.exe 2010-01-27 15:41:55 ----RD---- C:\Program Files 2010-01-27 15:35:00 ----D---- C:\Program Files\Common Files 2010-01-22 07:15:24 ----D---- C:\Documents and Settings\Fabrice\Application Data\BitTorrent 2010-01-21 12:45:00 ----SHD---- C:\System Volume Information 2010-01-21 12:45:00 ----D---- C:\WINDOWS\system32\Restore 2010-01-20 13:05:19 ----D---- C:\Program Files\Microsoft Silverlight 2010-01-20 08:52:30 ----SHD---- C:\WINDOWS\Installer 2010-01-20 08:52:30 ----SHD---- C:\Config.Msi 2010-01-13 18:00:22 ----D---- C:\Program Files\Fichiers communs\Adobe 2010-01-13 18:00:20 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2010-01-13 09:01:06 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2010-01-13 06:51:16 ----D---- C:\WINDOWS\AppPatch 2010-01-09 21:14:09 ----D---- C:\WINDOWS\Registration 2010-01-08 16:28:16 ----A---- C:\Program Files\Fabrice.txt 2010-01-06 15:21:56 ----SD---- C:\WINDOWS\Downloaded Program Files 2010-01-05 23:30:51 ----D---- C:\WINDOWS\Minidump 2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe 2010-01-04 11:05:52 ----D---- C:\Program Files\Microsoft Office 2010-01-04 11:05:52 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2010-01-04 11:05:50 ----D---- C:\WINDOWS\system32\wbem 2010-01-04 11:04:55 ----D---- C:\Documents and Settings\Fabrice\Application Data\SoftGrid Client 2010-01-02 20:40:12 ----D---- C:\Documents and Settings\Fabrice\Application Data\CamfrogWEB ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgntdd;avgntdd; C:\WINDOWS\SYSTEM32\DRIVERS\avgntdd.sys [2009-02-13 45416] R1 avipbb;avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 ssmdrv;ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [2009-07-13 28520] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\WINDOWS\System32\DRIVERS\AegisP.sys [2009-05-19 21035] R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-06-08 279712] R2 CAMTHWDM;WebcamMax, WDM Video Capture; C:\WINDOWS\system32\DRIVERS\CAMTHWDM.sys [2009-08-07 1053056] R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-05-20 25888] R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2009-07-06 34064] R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys [] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 cmudax;C-Media High Definition Audio Interface; C:\WINDOWS\system32\drivers\cmudax.sys [2005-05-12 1287296] R3 emu10k;Creative SB Live! (WDM); C:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904] R3 emu10k1;Pilote du Gestionnaire d'interface Creative (WDM); C:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 KMWDFILTER;HIDUASDesc; C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408] R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\WINDOWS\system32\DRIVERS\ManyCam.sys [2008-01-14 21632] R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2002-08-30 12288] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2009-03-28 6280416] R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992] R3 rtl8185;Realtek RTL8185 54M Wireless LAN Network Adapter Driver; C:\WINDOWS\System32\DRIVERS\rtl8185.sys [2007-02-02 306560] R3 sfman;Pilote du Gestionnaire SoundFont Creative (WDM); C:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480] R3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912] R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 VX1000;VX-1000; C:\WINDOWS\system32\DRIVERS\VX1000.sys [2009-06-26 1956096] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\System32\drivers\ctac32k.sys [2002-07-19 127948] S3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2002-07-19 837548] S3 ctljystk;Creative SBLive! Port de jeux; C:\WINDOWS\system32\DRIVERS\ctljystk.sys [2001-08-17 3712] S3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\System32\drivers\ctprxy2k.sys [2002-07-19 11068] S3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\drivers\ctsfm2k.sys [2002-07-19 213860] S3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\System32\drivers\emupia2k.sys [2002-07-19 156604] S3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2002-07-24 998004] S3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-03-17 113664] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664] S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016] S3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2002-07-19 195432] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112] S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808] S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-13 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-18 185089] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-01-27 1181328] R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-05-17 271720] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-03-28 163908] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-06-14 152984] S3 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096] S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-06-28 3100060] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2009-09-26 149336] S3 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S4 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952] S4 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808] -----------------EOF-----------------

lol wé c tout bete ! @+

Merci Angélique de ta réponse, je ne sais pas comment transférer le post sur le section sécurité ....

Merci !!!!

Ok, j ai du rebooter et ca a marché ! Voila les 2 fichiers log : Le 1er c est les fichier info.txt, le second c est le fichier log.txt Merci de votre aide ! info.txt logfile of random's system information tool 1.06 2010-01-30 12:44:34 ======Uninstall list====== -->"C:\Program Files\Creative\SBLive\Program\Ctzapxx.EXE" /X /U /S -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58582977-44D2-44A0-A09B-031CC2AE5938}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58582977-44D2-44A0-A09B-031CC2AE5938}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A4D2983-4662-4387-BE3D-4CFC2FA9C100}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A4D2983-4662-4387-BE3D-4CFC2FA9C100}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A731533B-B325-4D9C-91A4-D93C8E294C19}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A731533B-B325-4D9C-91A4-D93C8E294C19}\setup.exe" -l0x9 /remove -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD851F7E-F887-405D-9E1C-488811113EF3}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD851F7E-F887-405D-9E1C-488811113EF3}\setup.exe" -l0x9 /remove -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 802.11g Wireless CardBus & PCI Adapter HW.15 V.1.00-->C:\Program Files\InstallShield Installation Information\{F266A90C-3F4A-4F65-9901-3DBBB0D77D80}\setup.exe -runfromtemp -l0x0409 Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe" REMOVE=TRUE MODIFY=FALSE Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 9.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A93000000001} Ad-Remover By C_XX-->"C:\Program Files\Ad-Remover\Uninstall ADR.exe" adsl TV-->C:\Program Files\adslTV\Uninstal.exe aMSN 0.97.2-->C:\Program Files\aMSN\uninstall.exe Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Applian FLV Player-->"C:\WINDOWS\Applian FLV Player\uninstall.exe" "/U:C:\Program Files\FLV Player\Uninstall\uninstall.xml" Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE AVS DVD Player version 2.4-->"C:\Program Files\AVS4YOU\AVSDVDPlayer\unins000.exe" AVS Update Manager 1.0-->"C:\Program Files\AVS4YOU\AVSUpdateManger\unins000.exe" AVS4YOU Software Navigator 1.3-->"C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe" BitTorrent-->C:\Program Files\BitTorrent\uninst.exe Brother MFL-Pro Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A912C12-A7DA-44D7-BD57-5CA85E2F33E1}\Setup.exe" -l0x40c Brunin03.dll -removeonly CamfrogWEB Advanced ActiveX Plugin (remove only)-->"C:\Program Files\CFWebAdvancedU\Uninstall.exe" CamfrogWEB Advanced ActiveX Plugin (www.bobtv.fr)-->"C:\Program Files\CFWebAdvancedU_BOBTV.FR\Uninstall.exe" CCleaner-->"C:\Program Files\CCleaner\uninst.exe" CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe" chat-land-->"C:\Program Files\chat-land\unins000.exe" C-Media High Definition Audio Driver-->C:\WINDOWS\system32\cmirmdrv.exe Code de la Route-->MsiExec.exe /X{A37A26D5-8444-4862-933B-478371D0299D} Conseiller de mise à niveau vers Windows 7-->MsiExec.exe /I{4983AA07-81D0-4605-BF92-49A343056DC8} ddali-->C:\WINDOWS\unin040c.exe -f"C:\Program Files\DDali\DeIsL1.isu" -c"C:\Program Files\DDali\_ISREG32.DLL" Defraggler-->"C:\Program Files\Defraggler\uninst.exe" Dietetik 5.3-->C:\WINDOWS\unin040c.exe -f"C:\Program Files\GLD\Dietetik 5.3\DeIsL1.isu" -c"C:\Program Files\GLD\Dietetik 5.3\_ISREG32.DLL" DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN eMule-->"C:\Program Files\eMule\Uninstall.exe" EVEREST Ultimate Edition v5.01-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe" Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F} Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1} GigaTribe 3.16-->"C:\Program Files\GigaTribe\unins000.exe" HD Tune 2.55-->"C:\Program Files\HD Tune\unins000.exe" HijackThis 2.0.2-->"C:\Documents and Settings\Fabrice\Bureau\Maintenance\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31} IsoBuster 2.5.5-->"C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe" Java 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF} Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} Kill Process 5.0.0.5 (désinstaller seulement)-->"C:\Program Files\Kill Process\uninstall.exe" Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Live Downloader 1-->"C:\Program Files\Live Downloader\unins000.exe" Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" ManyCam 2.4 (remove only)-->"C:\Program Files\ManyCam 2.4\uninstall.exe" Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe" Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe" Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe" Microsoft LifeCam-->MsiExec.exe /X{968D41C3-25BB-4632-A6DF-2E1C8F0143A4} Microsoft Money-->D:\Money 2005\MNYCoreFiles\Setup\uninst.exe /s:120 Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0} Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE} Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC} Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-040C-0000-0000000FF1CE} Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE} Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9} Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft User-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWudf01007$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Mise à jour pour Microsoft Windows (KB971513)-->"C:\WINDOWS\$NtUninstallKB971513$\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB971180)-->"C:\WINDOWS\ie8updates\KB971180-IE8\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB978506)-->"C:\WINDOWS\ie8updates\KB978506-IE8\spuninst\spuninst.exe" Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe Mozilla Firefox (3.5.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe Mozilla Thunderbird (2.0.0.23)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27} MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96} Nokia Connectivity Cable Driver-->MsiExec.exe /I{52D02A2B-03D2-4E34-A358-DC5D951FD296} Nokia Multimedia Common Components 2.4-->MsiExec.exe /I{6EB6C056-02BB-453E-8448-EC90B9794180} Nokia Music-->MsiExec.exe /I{DC432844-6914-4421-910C-F1B05B3A761C} Nokia PC Suite-->C:\Documents and Settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Nokia_PC_Suite_7_1_30_9_fre_web.exe Nokia PC Suite-->MsiExec.exe /I{3D39E775-DDDA-4327-B747-0BDC5F191331} NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI OpenOffice.org 3.1-->MsiExec.exe /I{B2E581DB-C4DD-432C-AC84-ED761AC056BC} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Package de pilotes Windows - Nokia Modem (06/01/2009 4.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_C08496D7A0050438DFE13C55799AE2D4157A8E7A\nokia_bluetooth.inf Package de pilotes Windows - Nokia Modem (06/01/2009 7.01.0.3)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_9C48E34C57B7D4AAE5FFF5FB9B476B538394FD30\nokbtmdm.inf Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf PC Connectivity Solution-->MsiExec.exe /I{0C973594-7DDF-4BD0-84ED-3517F7622037} Phyloboîte version 1.2.0.0 R2-->"C:\Program Files\phyloboite\unins000.exe" Phylogene V2.5.1-->"C:\INRP\Phylogene\unins000.exe" Phylogenia v.2.0-->C:\Program Files\Phylogenia v.2.0\Uninstal.exe play2p-->C:\Program Files\play2p\uninstall.exe PowerArchiver-->C:\Program Files\PowerArchiver\UNINST.EXE QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2} Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08} Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F} Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE} Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0} Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D} Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E} Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF} Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C} Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC} Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D} Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050} Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Sound Blaster AudioPCI 128-->C:\WINDOWS\uninst.exe -f"C:\Program Files\Creative\CTSND\DeIsL1.isu" Sound Blaster Live! Web 2K/XP-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3FCAADB8-EB1B-11D6-AB2D-0090271A23A2}\Setup.exe" -l0x9 StartupMonitor-->MsiExec.exe /I{76EFAC4F-1712-401F-B2AE-590B170C9BCE} System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe TeamViewer 5-->C:\Program Files\TeamViewer\Version5\uninstall.exe The KMPlayer (remove only)-->"C:\Program Files\The KMPlayer\uninstall.exe" TV Orange 0.94-->"C:\Program Files\TV Orange\unins000.exe" Tweak UI-->"C:\WINDOWS\system32\mshta.exe" "res://C:\WINDOWS\system32\TweakUI.exe/uninstall.hta" Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7} Update for Outlook 2007 Junk Email Filter (kb977839)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C568005C-5FC6-4C81-A664-BD136610A931} VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B} Viewpoint Media Player (Remove Only)-->C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe -u Visionneuse Journal Windows Microsoft-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7} WebcamMax-->"C:\Program Files\WebcamMax\uninst.exe" Winamp-->"C:\Program Files\Winamp\UninstWA.exe" Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA} Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818} Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1} Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" winpcap-nmap 4.02-->"C:\Program Files\WinPcap\uninstall.exe" WinZip 12.0-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7} XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe" Zeb-Utility 1.2-->C:\Program Files\Zeb-Utility\Uninstal.exe =====HijackThis Backups===== O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0..._instmodule.exe [2009-11-21] O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun [2009-11-21] O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-11-21] O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-11-21] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.cherche.us [2009-12-19] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.cherche.us [2009-12-19] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.cherche.us [2009-12-19] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.cherche.us [2009-12-19] R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.cherche.us/keyword/%s [2009-12-19] R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.cherche.us [2009-12-19] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cherche.us [2009-12-19] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.cherche.us/keyword/ [2009-12-19] O4 - HKLM\..\Run: [winternet] C:\Documents and Settings\Fabrice\winternet.exe [2009-12-19] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.cherche.us [2009-12-19] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.cherche.us [2009-12-19] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cherche.us [2009-12-19] O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-12-19] O4 - HKLM\..\Run: [WebcammaxMoniter] "C:\Program Files\WebcamMax\wcmmon.exe" -a [2010-01-06] O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/maconfi...fig_3_5_0_0.cab [2010-01-06] O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL [2010-01-06] O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-01-06] O8 - Extra context menu item: Recherche avec cherche.us - C:\Documents and Settings\Fabrice\scriptjava.html [2010-01-06] O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-01-06] O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) [2010-01-06] O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) [2010-01-11] O15 - Trusted Zone: *.chat-land.org [2010-01-21] O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE [2010-01-29] O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime [2010-01-29] O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000 [2010-01-29] O4 - HKCU\..\Run: [setDefaultMIDI] MIDIDef.exe [2010-01-29] O4 - S-1-5-21-789336058-329068152-725345543-1005 Startup: GigaTribe.lnk = C:\Program Files\GigaTribe\gigatribe.exe (User '?') [2010-01-29] O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-01-29] O4 - Startup: GigaTribe.lnk = C:\Program Files\GigaTribe\gigatribe.exe [2010-01-29] O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0..._instmodule.exe [2010-01-29] O4 - HKLM\..\Run: [DevconDefaultDB] C:\WINDOWS\READREG /PSCONV={NO} /NO_DEFPS [2010-01-29] O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} (CamfrogWEB Advanced Unicode Control) - http://bobtv.fr/download/cfweb_www.bobtv.f..._instmodule.exe [2010-01-29] O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) [2010-01-29] ======Security center information====== AV: AntiVir Desktop ======System event log====== Computer Name: SILMARIL-3RQ5TV Event Code: 7036 Message: Le service Windows Installer est entré dans l'état : arrêté. Record Number: 12644 Source Name: Service Control Manager Time Written: 20091229105002.000000+060 Event Type: Informations User: Computer Name: SILMARIL-3RQ5TV Event Code: 7036 Message: Le service Windows Installer est entré dans l'état : en cours d'exécution. Record Number: 12643 Source Name: Service Control Manager Time Written: 20091229104938.000000+060 Event Type: Informations User: Computer Name: SILMARIL-3RQ5TV Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Windows Installer. Record Number: 12642 Source Name: Service Control Manager Time Written: 20091229104938.000000+060 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: SILMARIL-3RQ5TV Event Code: 7034 Message: Le service Client Virtualization Handler s'est terminé de façon inattendue pour la 1ème fois. Record Number: 12641 Source Name: Service Control Manager Time Written: 20091229104809.000000+060 Event Type: erreur User: Computer Name: SILMARIL-3RQ5TV Event Code: 7036 Message: Le service Hôte de périphérique universel Plug-and-Play est entré dans l'état : en cours d'exécution. Record Number: 12640 Source Name: Service Control Manager Time Written: 20091229101852.000000+060 Event Type: Informations User: =====Application event log===== Computer Name: SILMARIL-3RQ5TV Event Code: 301 Message: Windows (1732) Windows: Le moteur de base de données commence la relecture du fichier journal C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS17E8A.log. Record Number: 3769 Source Name: ESENT Time Written: 20091226132253.000000+060 Event Type: Informations User: Computer Name: SILMARIL-3RQ5TV Event Code: 301 Message: Windows (1732) Windows: Le moteur de base de données commence la relecture du fichier journal C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS17E89.log. Record Number: 3768 Source Name: ESENT Time Written: 20091226132252.000000+060 Event Type: Informations User: Computer Name: SILMARIL-3RQ5TV Event Code: 301 Message: Windows (1732) Windows: Le moteur de base de données commence la relecture du fichier journal C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS17E88.log. Record Number: 3767 Source Name: ESENT Time Written: 20091226132250.000000+060 Event Type: Informations User: Computer Name: SILMARIL-3RQ5TV Event Code: 301 Message: Windows (1732) Windows: Le moteur de base de données commence la relecture du fichier journal C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS17E87.log. Record Number: 3766 Source Name: ESENT Time Written: 20091226132249.000000+060 Event Type: Informations User: Computer Name: SILMARIL-3RQ5TV Event Code: 301 Message: Windows (1732) Windows: Le moteur de base de données commence la relecture du fichier journal C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS17E86.log. Record Number: 3765 Source Name: ESENT Time Written: 20091226132247.000000+060 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\DivX Shared\;C:\Program Files\Smart Projects\IsoBuster;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 3 Stepping 4, GenuineIntel "PROCESSOR_REVISION"=0304 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "FP_NO_HOST_CHECK"=NO "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip -----------------EOF----------------- Logfile of random's system information tool 1.06 (written by random/random) Run by Fabrice at 2010-01-30 12:44:09 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 37 GB (63%) free of 59 GB Total RAM: 1023 MB (55% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:44:30, on 30/01/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\devldr32.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\WINDOWS\vVX1000.exe C:\Program Files\Brother\Brmfcmon\BrMfimon.exe C:\WINDOWS\StartupMonitor.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe D:\Downloads Firefox\RSIT.exe C:\Documents and Settings\Fabrice\Bureau\Maintenance\Fabrice.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe" O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe" O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{A3409FF4-F625-4D06-AEB2-6865BCF01556}: NameServer = 192.168.1.1 O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 4651 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\User_Feed_Synchronization-{FDF23347-F772-48BD-ACD0-6A319E123431}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-14 35840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-14 73728] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-03-28 13684736] "nwiz"=nwiz.exe /install [] "Raccourci vers la page des propriétés de High Definition Audio"=C:\WINDOWS\system32\HDAudPropShortcut.exe [2004-03-17 61952] "Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd [] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "itype"=c:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-01-07 1496968] "BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2006-06-28 622592] "LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2007-05-17 279912] "VX1000"=C:\WINDOWS\vVX1000.exe [2009-06-26 757248] "Jet Detection"=C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe [2001-11-29 28672] "Run StartupMonitor"=C:\WINDOWS\StartupMonitor.exe [2000-05-20 86016] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-03-28 86016] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule" "C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox" "C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe" "C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe" "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "D:\Downloads Firefox\Pack617Winks\installer\mcoinstall.exe"="D:\Downloads Firefox\Pack617Winks\installer\mcoinstall.exe:*:Enabled:mcoinstall" "C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv" "C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console" "C:\Program Files\play2p\play2p.exe"="C:\Program Files\play2p\play2p.exe:*:Disabled:play2p" "C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Disabled:RealPlayer" "C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Disabled:Skype Extras Manager" "C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Disabled:Teamviewer Remote Control Application" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Disabled:Windows Live Call" "C:\WINDOWS\system32\mcoinstall.exe"="C:\WINDOWS\system32\mcoinstall.exe:*:Disabled:mcoinstall" "D:\Downloads Firefox\mcoview.exe"="D:\Downloads Firefox\mcoview.exe:*:Disabled:mcoview" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Disabled:Windows Live FolderShare" "C:\Program Files\aMSN\bin\wish.exe"="C:\Program Files\aMSN\bin\wish.exe:*:Disabled:Wish Application" "E:\receptions GT\Emulateur DS + jeux[www.torrent411.com]\desmume_sse2.exe"="E:\receptions GT\Emulateur DS + jeux[www.torrent411.com]\desmume_sse2.exe:*:Disabled:desmume_sse2" "C:\Program Files\GigaTribe\gigatribe.exe"="C:\Program Files\GigaTribe\gigatribe.exe:*:Enabled:GigaTribe" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{01fe0511-4bcb-11de-a6bf-00110965e099}] shell\AutoRun\command - H:\start.exe shell\FramaKey\command - H:\start.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0e2b695b-44b6-11de-9163-00110965e099}] shell\AutoRun\command - nano/bananna.exe shell\explore\command - nano/bananna.exe shell\open\command - nano/bananna.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e4ad2ad6-8856-11de-a702-00110965e099}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL NoLimit.exe ======List of files/folders created in the last 1 months====== 2010-01-30 12:36:06 ----D---- C:\rsit 2010-01-30 08:45:32 ----A---- C:\WINDOWS\imsins.BAK 2010-01-30 08:45:25 ----HDC---- C:\WINDOWS\$NtUninstallKB971513$ 2010-01-29 23:46:58 ----D---- C:\WINDOWS\NV1643460.TMP 2010-01-27 15:41:55 ----D---- C:\Program Files\DDali 2010-01-27 15:41:55 ----A---- C:\WINDOWS\system32\Vbrun300.dll 2010-01-27 15:35:00 ----D---- C:\Program Files\GLD 2010-01-27 15:34:47 ----A---- C:\WINDOWS\unin040c.exe 2010-01-21 01:31:28 ----D---- C:\Documents and Settings\Fabrice\Application Data\QuickScan 2010-01-18 22:59:40 ----D---- C:\Program Files\MSECache 2010-01-13 14:09:47 ----A---- C:\WINDOWS\system32\TweakUI.exe 2010-01-12 18:34:38 ----D---- C:\Documents and Settings\Fabrice\Application Data\Malwarebytes 2010-01-12 18:34:26 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2010-01-12 18:34:25 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-01-12 08:03:33 ----D---- C:\Program Files\Ad-Remover 2010-01-12 08:00:53 ----A---- C:\TB.txt 2010-01-06 15:17:35 ----D---- C:\WINDOWS\system32\NtmsData 2010-01-04 11:06:27 ----D---- C:\WINDOWS\SxsCaPendDel ======List of files/folders modified in the last 1 months====== 2010-01-30 12:43:56 ----SD---- C:\WINDOWS\Tasks 2010-01-30 12:43:46 ----D---- C:\WINDOWS\Temp 2010-01-30 12:42:06 ----D---- C:\WINDOWS\system32\CatRoot2 2010-01-30 12:41:47 ----A---- C:\WINDOWS\RTacDbg.txt 2010-01-30 12:41:46 ----D---- C:\WINDOWS 2010-01-30 12:39:33 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-01-30 11:48:19 ----D---- C:\Program Files\Mozilla Thunderbird 2010-01-30 09:30:37 ----D---- C:\Program Files\Mozilla Firefox 2010-01-30 08:51:01 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-01-30 08:51:01 ----D---- C:\WINDOWS\system32 2010-01-30 08:51:01 ----D---- C:\WINDOWS\system 2010-01-30 08:49:24 ----D---- C:\WINDOWS\security 2010-01-30 08:46:08 ----HD---- C:\WINDOWS\inf 2010-01-30 08:46:07 ----D---- C:\Program Files\Internet Explorer 2010-01-30 08:45:44 ----HD---- C:\WINDOWS\$hf_mig$ 2010-01-30 08:45:02 ----D---- C:\WINDOWS\system32\drivers 2010-01-30 08:44:00 ----D---- C:\WINDOWS\Prefetch 2010-01-30 00:19:43 ----D---- C:\WINDOWS\Help 2010-01-30 00:19:40 ----D---- C:\WINDOWS\nview 2010-01-29 20:29:22 ----D---- C:\WINDOWS\system32\LogFiles 2010-01-29 20:29:21 ----D---- C:\WINDOWS\Debug 2010-01-29 20:09:42 ----D---- C:\Program Files\CFWebAdvancedU 2010-01-27 17:24:25 ----A---- C:\WINDOWS\system32\lsdelete.exe 2010-01-27 15:41:55 ----RD---- C:\Program Files 2010-01-27 15:35:00 ----D---- C:\Program Files\Common Files 2010-01-22 07:15:24 ----D---- C:\Documents and Settings\Fabrice\Application Data\BitTorrent 2010-01-21 12:45:00 ----SHD---- C:\System Volume Information 2010-01-21 12:45:00 ----D---- C:\WINDOWS\system32\Restore 2010-01-20 13:05:19 ----D---- C:\Program Files\Microsoft Silverlight 2010-01-20 08:52:30 ----SHD---- C:\WINDOWS\Installer 2010-01-20 08:52:30 ----SHD---- C:\Config.Msi 2010-01-13 18:00:22 ----D---- C:\Program Files\Fichiers communs\Adobe 2010-01-13 18:00:20 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2010-01-13 09:01:06 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2010-01-13 06:51:16 ----D---- C:\WINDOWS\AppPatch 2010-01-09 21:14:09 ----D---- C:\WINDOWS\Registration 2010-01-08 16:28:16 ----A---- C:\Program Files\Fabrice.txt 2010-01-06 15:21:56 ----SD---- C:\WINDOWS\Downloaded Program Files 2010-01-05 23:30:51 ----D---- C:\WINDOWS\Minidump 2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe 2010-01-04 11:05:52 ----D---- C:\Program Files\Microsoft Office 2010-01-04 11:05:52 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2010-01-04 11:05:50 ----D---- C:\WINDOWS\system32\wbem 2010-01-04 11:04:55 ----D---- C:\Documents and Settings\Fabrice\Application Data\SoftGrid Client 2010-01-02 20:40:12 ----D---- C:\Documents and Settings\Fabrice\Application Data\CamfrogWEB ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgntdd;avgntdd; C:\WINDOWS\SYSTEM32\DRIVERS\avgntdd.sys [2009-02-13 45416] R1 avipbb;avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 ssmdrv;ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [2009-07-13 28520] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\WINDOWS\System32\DRIVERS\AegisP.sys [2009-05-19 21035] R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-06-08 279712] R2 CAMTHWDM;WebcamMax, WDM Video Capture; C:\WINDOWS\system32\DRIVERS\CAMTHWDM.sys [2009-08-07 1053056] R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-05-20 25888] R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2009-07-06 34064] R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys [] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 cmudax;C-Media High Definition Audio Interface; C:\WINDOWS\system32\drivers\cmudax.sys [2005-05-12 1287296] R3 emu10k;Creative SB Live! (WDM); C:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904] R3 emu10k1;Pilote du Gestionnaire d'interface Creative (WDM); C:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 KMWDFILTER;HIDUASDesc; C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408] R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\WINDOWS\system32\DRIVERS\ManyCam.sys [2008-01-14 21632] R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2002-08-30 12288] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2009-03-28 6280416] R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992] R3 rtl8185;Realtek RTL8185 54M Wireless LAN Network Adapter Driver; C:\WINDOWS\System32\DRIVERS\rtl8185.sys [2007-02-02 306560] R3 sfman;Pilote du Gestionnaire SoundFont Creative (WDM); C:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480] R3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912] R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 VX1000;VX-1000; C:\WINDOWS\system32\DRIVERS\VX1000.sys [2009-06-26 1956096] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\System32\drivers\ctac32k.sys [2002-07-19 127948] S3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2002-07-19 837548] S3 ctljystk;Creative SBLive! Port de jeux; C:\WINDOWS\system32\DRIVERS\ctljystk.sys [2001-08-17 3712] S3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\System32\drivers\ctprxy2k.sys [2002-07-19 11068] S3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\drivers\ctsfm2k.sys [2002-07-19 213860] S3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\System32\drivers\emupia2k.sys [2002-07-19 156604] S3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2002-07-24 998004] S3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-03-17 113664] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664] S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016] S3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2002-07-19 195432] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112] S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808] S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-13 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-18 185089] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-01-27 1181328] R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-05-17 271720] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-03-28 163908] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-06-14 152984] S3 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096] S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-06-28 3100060] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2009-09-26 149336] S3 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S4 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952] S4 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808] -----------------EOF-----------------

Eh petit problème, quand je double clique sur "continuer", j'ai un message d'erreur : "Autolt Error - Line -1 : Error : Variable used withour being declared" ????

Merci Tibonhomme, Je vais faire ce que m'indiques et je post le log ensuite.

Bonjour à tous ! Voilà, j'ai un souci depuis quelques semaines. J'ai un message d'erreur système qui s'affiche de façon totalement aléatoire m'indiquant : "Arrêt du système - Le service Lanceur de processus serveur DCOM s'est terminé de manière inattendue. " Ensuite j'ai le compte à rebours de 60 secondes et le système redémarre. Alors bien évidemment ceci m'a fait penser à Blast ou Sasser MAIS : - J'ai XP sp3 (donc faille corrigée en principe dès le SP2) - Ce n'est pas le service RPC qui est défaillant mais bien DCOM - J'ai scanné tout le PC : Antivir, Scan en ligne, Ad-Aware, tous mis à jour et ils ne trouvent strictement rien . Alors pour éviter le reboot, je connaissais deja l'action "Executer - shutdown -a" mais cela ne résout en rien le problème puisque l'erreur peut revenir J'ai modifié dans les services la réponse en cas de défaillance, c'est à dire qu'au lieu de rebooter le système, j'ai indiquer de redémarrer le service (ca m'évite le shutdown) Seulement voilà, ca m'énerve d'avoir cette erreur, d'autant plus quej'ai d'autres symptomes qui sont arrivés plus ou moins en même temps, à savoir : - Des onglets pas des popuup !) publicitaires s'ouvrent avec Firefox (ce qui ne m'arrivait jamais avant) - MSN impossible de se connecter après l'erreur DCOM (mais bon cela est peut être normal..?) Enfin voilà, si quelqu'un avait une nouvelle piste à étudier, je suis preneur parce que là je sèche carrément. merci d'avance !

Bon, j ai avancé. Concernant le ventilo , en fait c était juste une etiquette qui s etait decollée et qui frottait sur les pales du ventilo .... Ouf Par contre, je suis toujours intéressé par vos réponses concernant mon DD. @+

Salut GritnatZ ! Bon alors ma SoubndBlaster est deja en unité par défaut. Dans le Bios, j ai rien qui correspond au chipset intégré et pour ce qui est de reinstaller les pilotes de la SB, j ai essayé mais quand je mets le CD, le setup me dit qu'il n'y a pas de périphériques Soundblaster, alors qu'elle émet et qu elle est reconnue dans le gestionnaire de périphérique ..... ???? bizarre non ? @+

Bon, j en ai eu marre et j ai desinstallé et reinstallé la carte son. Bizarrement tout refonctionne meme si j ai mes enceintes centre et AR qui emettent pas .... Bon pour le moment ça ira .... J ai pas la solution a mon probleme, et même si j aime pas ça, je v faire avec.... Au cas où vs auriez d autres iodées, je suis toujours preneur ..... @+

Je me permets de "upper" le sujet car je trouve tjrs pas de réponses ! J'ai donc tjrs pas de son dans youtube, dailmymotion, .... pour toutes les autres applications le son fonctionne nickel ! EDIT Bon, je crois que j'ai une piste. J ai une carte son Sound Blaster Live! et sur ma CM j ai aussi un chipset son intégré. Je pense qu'il doit y avoit un souci a ce niveau. JE vais essayer d etre clair : Actuellement, j ai ma prise jack qui va vers mon ampli DVD et mes enceintes 5.1 qui est connectée à la Sound Blaster etcomme je disais j ai du son partout sauf sur youtube, dailymotion, .... J ai débrancher la jack de la SoundBlaster et je l ai rebranchée sur la prise noire de mon chipset intégré. Là, je retrouve le son sur Youtube par ex, par contre je n'ai plus de son quand j'écoute mes mp3 ou mes divX par contre si je rebranche la jack sur la prise verte de la soundblaster, j ai a nouveau les mes musiques mais je n'ai plus de son sur youtube... Alors ? je sais que tout ça apparait bien brouillon, mais je sens que je m approche d'une piste non ?? Qu en pensez vous ??? Ca semble plus être un probleme matériel que software non ? @+

Re ! Bon apparemment pas bcp de pistes pour ce mystérieux problème. J'ai réfléchi à ce que j'avais pu faire pour que ça ne marche plus. La seule chose que je vois c est que j ai mis le plugion de flash player à jour ds firefox. Est ce que ca pourrait venir de là ? A un moment j ai pensé qu il lisait plus les wav et flv mais si je vais directement ds Windows/medias, là où y a les sons, je peux les lire avec realplayer donc ça vient pas de là....???? Ca me gave de plus pouvoir utiliser ni dailymotion, ni youtube. J ai essayé de téléchargé un clip de youtube avec le plugin de real, j obtiens donc un fichier flv. J ai l image pmais tjrs pas le son... SVP help me !! @+