gnnnee

Bonjour, Depuis longtemps le message "Exception Processing Message ...." apparait. Mon problème s'est aggravé dernièrement en voulant installer Real Player. Cette fenêtre apparait maintenant très souvent (ouverture de Winamp, Acrobat Reader) et a empêcher l'intallation-même de Real Player (télécharger sur le site officiel). Sur un autre forum de Zebulon, qqn a supposé que j'étais infecté. pff ! HIJACK THIS Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:01:21, on 30/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: H:\WINDOWS\System32\smss.exe H:\WINDOWS\system32\winlogon.exe H:\WINDOWS\system32\services.exe H:\WINDOWS\system32\lsass.exe H:\WINDOWS\system32\svchost.exe H:\WINDOWS\System32\svchost.exe H:\WINDOWS\system32\spoolsv.exe H:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe H:\WINDOWS\Explorer.EXE H:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe H:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe H:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe H:\WINDOWS\system32\RUNDLL32.EXE H:\WINDOWS\RTHDCPL.EXE H:\Programme\QuickTime\qttask.exe H:\Programme\Java\jre1.6.0_01\bin\jusched.exe H:\Programme\Winamp\winampa.exe H:\WINDOWS\V0330Mon.exe H:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe H:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe H:\WINDOWS\system32\ctfmon.exe H:\Programme\NVIDIA Corporation\nTune\nTuneService.exe H:\Programme\Windows Live\Messenger\MsnMsgr.Exe H:\WINDOWS\system32\nvsvc32.exe H:\Programme\Skype\Phone\Skype.exe H:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe H:\WINDOWS\System32\svchost.exe H:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE H:\Programme\Philips\SA28XX Device Manager\main.exe H:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe H:\Programme\Skype\Plugin Manager\skypePM.exe H:\Programme\Windows Live\Messenger\usnsvc.exe H:\Programme\Mozilla Thunderbird\thunderbird.exe H:\Programme\Mozilla Firefox\firefox.exe H:\Programme\Adobe\Acrobat 5.0\Reader\AcroRd32.exe h:\programme\avira\antivir personaledition classic\avcenter.exe H:\Programme\Avira\AntiVir PersonalEdition Classic\avscan.exe H:\Programme\Winamp\winamp.exe H:\Programme\Last.fm\LastFM.exe H:\Programme\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Programme\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - H:\Programme\BarreConfCMCIC\TAPBar.dll O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - H:\Programme\BarreConfCMCIC\TAPBar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NeroFilterCheck] H:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [NVIDIA nTune] "H:\Programme\NVIDIA Corporation\nTune\nTuneCmd.exe" clear O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Netcom] "H:\PROGRA~1\Netcom\Netcom.exe" O4 - HKLM\..\Run: [Eye On Network] H:\Programme\Eye On Network\Eye On Network.exe O4 - HKLM\..\Run: [QuickTime Task] "H:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "H:\Programme\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [NetStat Live] H:\Programme\AnalogX\NetStat Live\nsl.exe O4 - HKLM\..\Run: [WinampAgent] H:\Programme\Winamp\winampa.exe O4 - HKLM\..\Run: [V0330Mon.exe] H:\WINDOWS\V0330Mon.exe O4 - HKLM\..\Run: [avgnt] "H:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [TkBellExe] "H:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "H:\Programme\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [AlcoholAutomount] "H:\Programme\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [skype] "H:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Yahoo! Pager] "H:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Philips Gestionnaire de périphériques.lnk = H:\Programme\Philips\SA28XX Device Manager\main.exe O8 - Extra context menu item: Ouvrir avec GetRight - H:\Programme\GetRight\GRbrowse.htm O8 - Extra context menu item: Télecharger avec GetRight - H:\Programme\GetRight\GRdownload.htm O8 - Extra context menu item: Télécharger en utilisant Download &Express - H:\Programme\Download Express\Add_Url.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Programme\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Programme\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Programme\Messenger\msmsgs.exe O12 - Plugin for .spop: H:\Programme\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - H:\Programme\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://sylvainmorel.spaces.live.com//Photo...ad/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1176829598420 O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://static.ak.studivz.net/photouploader...geUploader4.cab O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://asp07.photoprintit.de/microsite/346...IPSUploader.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su/...15102/CTPID.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - H:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - H:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Boonty Games - BOONTY - H:\Programme\Gemeinsame Dateien\BOONTY Shared\Service\Boonty.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - H:\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - H:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - H:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - H:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: nTune Service (nTuneService) - NVIDIA - H:\Programme\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe -- End of file - 9137 bytes Merci d'avance !!! Sylvain

Dans mon cas, ce message apparait aussi à l'ouverture de Winamp par exemple, et depuis peu à l'ouverture d' Acrobat Reader. Si vous pouviez me traduire ceci : RAPPORT HIJACK THIS : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:07:19, on 30/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: H:\WINDOWS\System32\smss.exe H:\WINDOWS\system32\winlogon.exe H:\WINDOWS\system32\services.exe H:\WINDOWS\system32\lsass.exe H:\WINDOWS\system32\svchost.exe H:\WINDOWS\System32\svchost.exe H:\WINDOWS\system32\spoolsv.exe H:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe H:\WINDOWS\Explorer.EXE H:\WINDOWS\system32\RUNDLL32.EXE H:\WINDOWS\RTHDCPL.EXE H:\Programme\QuickTime\qttask.exe H:\Programme\Java\jre1.6.0_01\bin\jusched.exe H:\Programme\Winamp\winampa.exe H:\WINDOWS\V0330Mon.exe H:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe H:\WINDOWS\system32\ctfmon.exe H:\Programme\Windows Live\Messenger\MsnMsgr.Exe H:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe H:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe H:\Programme\Skype\Phone\Skype.exe H:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE H:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe H:\Programme\Philips\SA28XX Device Manager\main.exe H:\Programme\NVIDIA Corporation\nTune\nTuneService.exe H:\WINDOWS\system32\nvsvc32.exe H:\WINDOWS\System32\svchost.exe H:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe H:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe H:\Programme\Skype\Plugin Manager\skypePM.exe H:\Programme\Windows Live\Messenger\usnsvc.exe H:\DOKUME~1\Sylvain\LOKALE~1\Temp\rninst~2\RealPlayer11GOLD.exe H:\Programme\Mozilla Firefox\firefox.exe H:\Programme\Winamp\winamp.exe H:\Programme\Last.fm\LastFM.exe H:\Programme\Mozilla Thunderbird\thunderbird.exe H:\Programme\BitLord\BitLord.exe H:\Programme\Adobe\Acrobat 5.0\Reader\AcroRd32.exe H:\Programme\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Programme\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - H:\Programme\BarreConfCMCIC\TAPBar.dll O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - H:\Programme\BarreConfCMCIC\TAPBar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NeroFilterCheck] H:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [NVIDIA nTune] "H:\Programme\NVIDIA Corporation\nTune\nTuneCmd.exe" clear O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Netcom] "H:\PROGRA~1\Netcom\Netcom.exe" O4 - HKLM\..\Run: [Eye On Network] H:\Programme\Eye On Network\Eye On Network.exe O4 - HKLM\..\Run: [QuickTime Task] "H:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "H:\Programme\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [NetStat Live] H:\Programme\AnalogX\NetStat Live\nsl.exe O4 - HKLM\..\Run: [WinampAgent] H:\Programme\Winamp\winampa.exe O4 - HKLM\..\Run: [V0330Mon.exe] H:\WINDOWS\V0330Mon.exe O4 - HKLM\..\Run: [avgnt] "H:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [TkBellExe] "H:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "H:\Programme\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [AlcoholAutomount] "H:\Programme\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [skype] "H:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Yahoo! Pager] "H:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Philips Gestionnaire de périphériques.lnk = H:\Programme\Philips\SA28XX Device Manager\main.exe O8 - Extra context menu item: Ouvrir avec GetRight - H:\Programme\GetRight\GRbrowse.htm O8 - Extra context menu item: Télecharger avec GetRight - H:\Programme\GetRight\GRdownload.htm O8 - Extra context menu item: Télécharger en utilisant Download &Express - H:\Programme\Download Express\Add_Url.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Programme\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Programme\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Programme\Messenger\msmsgs.exe O12 - Plugin for .spop: H:\Programme\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - H:\Programme\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://sylvainmorel.spaces.live.com//Photo...ad/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1176829598420 O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://static.ak.studivz.net/photouploader...geUploader4.cab O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://asp07.photoprintit.de/microsite/346...IPSUploader.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su/...15102/CTPID.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - H:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - H:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Boonty Games - BOONTY - H:\Programme\Gemeinsame Dateien\BOONTY Shared\Service\Boonty.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - H:\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - H:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - H:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - H:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: nTune Service (nTuneService) - NVIDIA - H:\Programme\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe -- End of file - 8973 bytes MERCI MERCI

A priori, je vais opter pour la deuxième option. Mais je n'ai tout bien compris le passage sur la réinstallation des ports USB. Surtout que cette partie me concerne d'autant plus que je n'ai pas de lecteur de disquettes. Pouvez-vous être plus précis ? " réinstallé le lecteur de carte par dessus sans désinstalé et activés par la suite celui ci depusi la console plus de soucis. " Je vois plus ou moins de quoi il peut s'agir mais bon ... Merci en tous cas pour votre réponse rapide ! Sylvain

Bonjour à vous, Ce message apparait principalement lorsque je souhaite installer, voire démarrer un logiciel. Cette fois-ci, j'installais la dernière version de Real Player. Je n'ai pas pu terminer car ce message pop up sans cesse. Merci par avance Sylvain

Bonjour à vous ! Je dispose d'un compte Rapidshare Premium. Cela a bien fonctionné pendant un moment. Puis j'ai du faire qq changements et maintenant que je souhaite ré-installer Rapidshare Manager, voici le message qui s'affiche : "Exception has been thrown by a target of an invocation" Et là, je suis bien dans la mouiz ... cordialement, Sylvain

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:19:36, on 23/07/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: H:\WINDOWS\System32\smss.exe H:\WINDOWS\system32\winlogon.exe H:\WINDOWS\system32\services.exe H:\WINDOWS\system32\lsass.exe H:\WINDOWS\system32\svchost.exe H:\WINDOWS\System32\svchost.exe H:\WINDOWS\system32\spoolsv.exe H:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe H:\WINDOWS\Explorer.EXE H:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe H:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe H:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe H:\Programme\NVIDIA Corporation\nTune\nTuneService.exe H:\WINDOWS\system32\RUNDLL32.EXE H:\WINDOWS\RTHDCPL.EXE H:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe H:\Programme\QuickTime\qttask.exe H:\Programme\Java\jre1.6.0_01\bin\jusched.exe H:\Programme\Winamp\winampa.exe H:\WINDOWS\V0330Mon.exe H:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe H:\WINDOWS\system32\ctfmon.exe H:\Programme\Windows Live\Messenger\MsnMsgr.Exe H:\Programme\Internet Download Manager\IDMan.exe H:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe H:\Programme\Skype\Phone\Skype.exe H:\WINDOWS\system32\nvsvc32.exe H:\WINDOWS\System32\svchost.exe H:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe H:\Programme\Philips\SA28XX Device Manager\main.exe H:\Programme\MagicDisc\MagicDisc.exe H:\Programme\Skype\Plugin Manager\skypePM.exe H:\Programme\Eidos\L'Entraîneur 2008\CM2008.exe H:\Programme\Internet Download Manager\IEMonitor.exe H:\Programme\Windows Live\Messenger\usnsvc.exe H:\Programme\Mozilla Thunderbird\thunderbird.exe H:\PROGRA~1\MOZILL~2\FIREFOX.EXE H:\Programme\Winamp\winamp.exe H:\Programme\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - H:\Programme\Internet Download Manager\IDMIECC.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Programme\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - H:\Programme\BarreConfCMCIC\TAPBar.dll O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - H:\Programme\BarreConfCMCIC\TAPBar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NeroFilterCheck] H:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [NVIDIA nTune] "H:\Programme\NVIDIA Corporation\nTune\nTuneCmd.exe" clear O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [TkBellExe] "H:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Netcom] "H:\PROGRA~1\Netcom\Netcom.exe" O4 - HKLM\..\Run: [Eye On Network] H:\Programme\Eye On Network\Eye On Network.exe O4 - HKLM\..\Run: [QuickTime Task] "H:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "H:\Programme\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [NetStat Live] H:\Programme\AnalogX\NetStat Live\nsl.exe O4 - HKLM\..\Run: [WinampAgent] H:\Programme\Winamp\winampa.exe O4 - HKLM\..\Run: [V0330Mon.exe] H:\WINDOWS\V0330Mon.exe O4 - HKLM\..\Run: [avgnt] "H:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "H:\Programme\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [AlcoholAutomount] "H:\Programme\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [iDMan] H:\Programme\Internet Download Manager\IDMan.exe /onboot O4 - HKCU\..\Run: [skype] "H:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: MagicDisc.lnk = H:\Programme\MagicDisc\MagicDisc.exe O4 - Global Startup: Philips Gestionnaire de périphériques.lnk = H:\Programme\Philips\SA28XX Device Manager\main.exe O8 - Extra context menu item: Download all links with IDM - H:\Programme\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Download FLV video content with IDM - H:\Programme\Internet Download Manager\IEGetVL.htm O8 - Extra context menu item: Download with IDM - H:\Programme\Internet Download Manager\IEExt.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Programme\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Programme\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Programme\Messenger\msmsgs.exe O12 - Plugin for .spop: H:\Programme\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://sylvainmorel.spaces.live.com//Photo...ad/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1176829598420 O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://static.ak.studivz.net/photouploader...geUploader4.cab O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://asp07.photoprintit.de/microsite/346...IPSUploader.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su/...15102/CTPID.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - H:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - H:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Boonty Games - BOONTY - H:\Programme\Gemeinsame Dateien\BOONTY Shared\Service\Boonty.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - H:\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - H:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - H:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - H:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: nTune Service (nTuneService) - NVIDIA - H:\Programme\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe -- End of file - 8998 bytes

Bonjour et voilà ! rapport MBAM Malwarebytes' Anti-Malware 1.22 Version de la base de données: 977 Windows 5.1.2600 Service Pack 2 13:29:22 22/07/2008 mbam-log-7-22-2008 (13-29-22).txt Type de recherche: Examen rapide Eléments examinés: 39479 Temps écoulé: 12 minute(s), 41 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 7 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\Interface\{4937d5d1-2039-409a-bd83-fec9b39b2356} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{caf9d798-c659-4b9b-8e19-ee27c3d04ee7} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{15c7d7ad-a87a-4c0d-9d8b-637fcd3488ef} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\bhonew.bho (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\bhonew.bho.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{7d76d0eb-ae56-4df4-affc-20aff4344ac6} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7d76d0eb-ae56-4df4-affc-20aff4344ac6} (Trojan.FakeAlert) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{6ae02e1c-8859-4f57-9097-5a55a56a4caf} (Adware.BHO) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): H:\Programme\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.

bonsoir ! (non, je n'ai pas peur) TB.txt -----------\\ ToolBar S&D 1.0.6 XP/Vista [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ] [ USER : Sylvain ] [ "H:\Toolbar SD" ] [ Selection : 1 ] [ 21/07/2008 | 22:51:55,64 ] [ PC : SYLVAIN-VJS44CZ ] [ MAJ : 18-07-2008 | 20:45 ] -----------\\ Recherche de Fichiers / Dossiers ... H:\DOKUME~1\Sylvain\Cookies\[email protected][1].txt H:\DOKUME~1\Sylvain\LOKALE~1\TEMPOR~1\content.IE5\02RJYE9J\kdr_srch_bottombar[1].jpg H:\DOKUME~1\Sylvain\LOKALE~1\TEMPOR~1\content.IE5\02RJYE9J\kdr_srch_upper_left_corner[1].jpg H:\DOKUME~1\Sylvain\LOKALE~1\TEMPOR~1\content.IE5\M3LXHVIA\addyn%7C3[1].0%7C516%7C1279344%7C0%7C170%7CADTECH;loc=100;target=_blank;key=key1+key2+key3+key4;grp=[group];misc=12132110 88484 -----------\\ Extensions (Sylvain) - {0b38152b-1b20-484d-a11f-5e04a9b0661f} => winamptoolbar (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ca (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-cs (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-da (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-de (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-en-US (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-es-AR (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-es-ES (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-eu (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-fr (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ga-IE (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-hu (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-it (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ja-JP-mac (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ja (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ka (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ko (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-lt (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-mk (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-nb-NO (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-nl (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-pl (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-pt-BR (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-pt-PT (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-ru (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-sk (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-sl (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-sv-SE (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-tr (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-uk (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar-zh-CN (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => calendar (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ca (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-cs (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-da (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-de (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-en-US (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-es-AR (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-es-ES (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-eu (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-fr (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ga-IE (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-hu (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-it (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ja-JP-mac (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ja (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ka (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ko (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-lt (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-mk (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-nb-NO (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-nl (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-pl (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-pt-BR (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-pt-PT (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-ru (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-sk (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-sl (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-sv-SE (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-tr (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-uk (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning-zh-CN (Sylvain) - {e2fda1a4-762b-4020-b5ad-a41df1933103} => lightning -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="H:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://www.google.be/" "SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8" "Url"="http://go.microsoft.com/fwlink/?LinkId=68928" "Url"="http://go.microsoft.com/fwlink/?LinkId=68929" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" -----------\\ Fin du rapport a 22:53:25,82

Bonjour à vous, Lorsque j'ouvre un dossier depuis l'explorateur, une fenêtre internet s'ouvre automatiquement blabla bla etc ... Qu'est-ce qui m'arrive docteur ? Main.txt Deckard's System Scanner v20071014.68 Run by Sylvain on 2008-07-21 10:08:13 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 84: 2008-07-21 08:08:22 UTC - RP472 - Deckard's System Scanner Restore Point 83: 2008-07-20 14:55:55 UTC - RP471 - Systemprüfpunkt 82: 2008-07-19 12:05:41 UTC - RP470 - Installé Creative Software AutoUpdate 81: 2008-07-19 12:01:07 UTC - RP469 - Installé Creative WebCam 80: 2008-07-19 12:00:28 UTC - RP468 - Installé Creative System Information -- First Restore Point -- 1: 2008-04-22 08:58:27 UTC - RP389 - Systemprüfpunkt Backed up registry hives. Performed disk cleanup. Total Physical Memory: 447 MiB (512 MiB recommended). -- HijackThis (run as Sylvain.exe) --------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:10:16, on 21/07/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: H:\WINDOWS\System32\smss.exe H:\WINDOWS\system32\winlogon.exe H:\WINDOWS\system32\services.exe H:\WINDOWS\system32\lsass.exe H:\WINDOWS\system32\svchost.exe H:\WINDOWS\System32\svchost.exe H:\Programme\Alwil Software\Avast4\aswUpdSv.exe H:\Programme\Alwil Software\Avast4\ashServ.exe H:\WINDOWS\system32\spoolsv.exe H:\WINDOWS\Explorer.EXE H:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe H:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe H:\Programme\NVIDIA Corporation\nTune\nTuneService.exe H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe H:\WINDOWS\system32\RUNDLL32.EXE H:\WINDOWS\system32\nvsvc32.exe H:\WINDOWS\System32\svchost.exe H:\WINDOWS\RTHDCPL.EXE H:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe H:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe H:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe H:\Programme\QuickTime\qttask.exe H:\Programme\Musicmatch\Musicmatch Jukebox\mm_tray.exe H:\Programme\Musicmatch\Musicmatch Jukebox\mmtask.exe H:\Programme\Java\jre1.6.0_01\bin\jusched.exe H:\Programme\Winamp\winampa.exe H:\WINDOWS\V0330Mon.exe H:\WINDOWS\system32\ctfmon.exe H:\Programme\Windows Live\Messenger\MsnMsgr.Exe H:\Programme\Internet Download Manager\IDMan.exe H:\Programme\Skype\Phone\Skype.exe H:\Programme\Alwil Software\Avast4\ashMaiSv.exe H:\Programme\Alwil Software\Avast4\ashWebSv.exe H:\Programme\Philips\SA28XX Device Manager\main.exe H:\Programme\MagicDisc\MagicDisc.exe H:\Programme\Internet Download Manager\IEMonitor.exe H:\Programme\Windows Live\Messenger\usnsvc.exe H:\Dokumente und Einstellungen\Sylvain\Eigene Dateien\Downloads\Programs\dss.exe H:\PROGRA~1\TRENDM~1\HIJACK~1\Sylvain.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - H:\Programme\Internet Download Manager\IDMIECC.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - H:\Programme\Winamp Toolbar\winamptb.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Programme\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: search toolbar - {7D76D0EB-AE56-4DF4-AFFC-20AFF4344AC6} - H:\WINDOWS\system32\tbrsrch.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - H:\Programme\BarreConfCMCIC\TAPBar.dll O2 - BHO: TBSB05587 - {BA94E628-6A42-40E4-9B65-E729711DD3FE} - H:\Programme\YooBarre\yoobarre.dll O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - H:\Programme\BarreConfCMCIC\TAPBar.dll O3 - Toolbar: YooBarre - {6AE02E1C-8859-4F57-9097-5A55A56A4CAF} - H:\Programme\YooBarre\yoobarre.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - H:\Programme\Winamp Toolbar\winamptb.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NeroFilterCheck] H:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [avast!] H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NVIDIA nTune] "H:\Programme\NVIDIA Corporation\nTune\nTuneCmd.exe" clear O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [TkBellExe] "H:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Netcom] "H:\PROGRA~1\Netcom\Netcom.exe" O4 - HKLM\..\Run: [Eye On Network] H:\Programme\Eye On Network\Eye On Network.exe O4 - HKLM\..\Run: [QuickTime Task] "H:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [MMTray] "H:\Programme\Musicmatch\Musicmatch Jukebox\mm_tray.exe" O4 - HKLM\..\Run: [mmtask] "H:\Programme\Musicmatch\Musicmatch Jukebox\mmtask.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "H:\Programme\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [NetStat Live] H:\Programme\AnalogX\NetStat Live\nsl.exe O4 - HKLM\..\Run: [WinampAgent] H:\Programme\Winamp\winampa.exe O4 - HKLM\..\Run: [V0330Mon.exe] H:\WINDOWS\V0330Mon.exe O4 - HKCU\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "H:\Programme\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [AlcoholAutomount] "H:\Programme\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [iDMan] H:\Programme\Internet Download Manager\IDMan.exe /onboot O4 - HKCU\..\Run: [skype] "H:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: MagicDisc.lnk = H:\Programme\MagicDisc\MagicDisc.exe O4 - Global Startup: Philips Gestionnaire de périphériques.lnk = H:\Programme\Philips\SA28XX Device Manager\main.exe O8 - Extra context menu item: &Winamp Search - H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: Download all links with IDM - H:\Programme\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Download FLV video content with IDM - H:\Programme\Internet Download Manager\IEGetVL.htm O8 - Extra context menu item: Download with IDM - H:\Programme\Internet Download Manager\IEExt.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Programme\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Programme\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Programme\Messenger\msmsgs.exe O12 - Plugin for .spop: H:\Programme\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://sylvainmorel.spaces.live.com//Photo...ad/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1176829598420 O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://static.ak.studivz.net/photouploader...geUploader4.cab O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://asp07.photoprintit.de/microsite/346...IPSUploader.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su/...15102/CTPID.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - H:\Programme\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - H:\Programme\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - H:\Programme\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - H:\Programme\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Boonty Games - BOONTY - H:\Programme\Gemeinsame Dateien\BOONTY Shared\Service\Boonty.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - H:\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - H:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - H:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - H:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: nTune Service (nTuneService) - NVIDIA - H:\Programme\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe -- End of file - 9892 bytes -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R1 BIOS - h:\windows\system32\drivers\bios.sys <Not Verified; BIOSTAR Group; BIOSTAR I/O driver fle> R2 CdaC15BA - h:\windows\system32\drivers\cdac15ba.sys <Not Verified; Macrovision Europe Ltd; Security Windows NT> R2 MDC8021X (AEGIS Protocol (IEEE 802.1x) v2.3.1.9) - h:\windows\system32\drivers\mdc8021x.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 2.3.1.9> R3 mcdbus (Driver for MagicISO SCSI Host Controller) - h:\windows\system32\drivers\mcdbus.sys <Not Verified; MagicISO, Inc.; MagicISO SCSI Host Controller> S3 SMCUSBT (EZ ConnectTM g 108Mbps Wireless USB Adapter Service) - h:\windows\system32\drivers\smcusbt1.sys (file missing) S3 vaxscsi - h:\windows\system32\drivers\vaxscsi.sys (file missing) -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 ForcewareWebInterface (Forceware Web Interface) - "h:\programme\nvidia corporation\networkaccessmanager\apache group\apache2\bin\apache.exe" -k runservice <Not Verified; Apache Software Foundation; Apache HTTP Server> R2 nTuneService (nTune Service) - h:\programme\nvidia corporation\ntune\ntuneservice.exe /startservice <Not Verified; NVIDIA; NVIDIA nTune> S3 Boonty Games - "h:\programme\gemeinsame dateien\boonty shared\service\boonty.exe" <Not Verified; BOONTY; Boonty Games> S3 FirebirdServerMAGIXInstance (Firebird Server - MAGIX Instance) - h:\magix\common\database\bin\fbserver.exe <Not Verified; MAGIX®; Firebird SQL Server - MAGIX Edition> -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Files created between 2008-06-21 and 2008-07-21 ----------------------------- 2008-07-21 10:00:51 0 d-------- H:\Programme\Trend Micro 2008-07-19 23:44:21 17920 --a------ H:\WINDOWS\system32\tbrsrch.dll 2008-07-19 22:05:52 17920 --a------ H:\WINDOWS\system32\tbsch.dll 2008-07-19 22:05:41 17920 --a------ H:\WINDOWS\system32\tbrsch.dll 2008-07-19 22:05:19 17920 --a------ H:\WINDOWS\system32\toolbarsrch.dll 2008-07-19 21:16:03 0 d--h----- H:\Programme\Zero G Registry 2008-07-19 21:16:03 0 d-------- H:\Programme\Sports Interactive 2008-07-19 14:04:01 53248 -----n--- H:\WINDOWS\Ctregrun.exe <Not Verified; Creative Technology Ltd; Creative Product Registration> 2008-07-19 14:01:15 0 d-------- H:\WINDOWS\CtDrvInstall 2008-07-19 14:00:14 308224 --a------ H:\WINDOWS\IsUn040c.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller> 2008-07-19 13:59:07 0 d-------- H:\Programme\Creative 2008-07-15 11:37:04 0 d-------- H:\Programme\Musicalis 2008-07-15 11:35:44 0 d-------- H:\WINDOWS\A5W_DATA 2008-06-28 19:23:51 0 d-------- H:\Programme\Internet Download Manager -- Find3M Report --------------------------------------------------------------- 2008-07-21 10:08:31 0 d-------- H:\Dokumente und Einstellungen\Sylvain\Anwendungsdaten\DMCache 2008-07-21 09:52:46 0 d-------- H:\Dokumente und Einstellungen\Sylvain\Anwendungsdaten\Skype 2008-07-21 09:48:39 0 d-------- H:\Programme\Mozilla Thunderbird 2008-07-21 08:11:40 0 d-------- H:\Dokumente und Einstellungen\Sylvain\Anwendungsdaten\skypePM 2008-07-20 00:03:03 0 d-------- H:\Dokumente und Einstellungen\Sylvain\Anwendungsdaten\Sports Interactive 2008-07-19 22:18:43 0 d-------- H:\Programme\Windows Live Safety Center 2008-07-19 14:15:37 0 d-------- H:\Dokumente und Einstellungen\Sylvain\Anwendungsdaten\Creative 2008-07-19 14:05:37 0 d--h----- H:\Programme\InstallShield Installation Information 2008-07-17 19:19:46 0 d-------- H:\Dokumente und Einstellungen\Sylvain\Anwendungsdaten\OpenOffice.org2 2008-07-15 18:40:04 0 d-------- H:\Dokumente und Einstellungen\Sylvain\Anwendungsdaten\Winamp 2008-07-01 15:42:11 0 d-------- H:\Dokumente und Einstellungen\Sylvain\Anwendungsdaten\IDM 2008-06-30 10:02:26 0 d-------- H:\Programme\Winamp 2008-06-28 18:53:35 405214 --a------ H:\WINDOWS\system32\perfh007.dat 2008-06-28 18:53:35 70712 --a------ H:\WINDOWS\system32\perfc007.dat 2008-06-15 18:01:50 0 d-------- H:\Dokumente und Einstellungen\Sylvain\Anwendungsdaten\dvdcss 2008-06-06 08:56:37 0 d-------- H:\Programme\Winamp Toolbar 2008-06-06 07:40:02 0 d-------- H:\Programme\Windows Live 2008-06-06 07:38:48 0 d--hs--c- H:\Programme\Gemeinsame Dateien\WindowsLiveInstaller 2008-06-06 07:38:05 0 d-------- H:\Programme\Gemeinsame Dateien 2008-06-03 18:45:13 0 d-------- H:\Dokumente und Einstellungen\Sylvain\Anwendungsdaten\Mp3tag 2008-06-03 18:39:32 0 d-------- H:\Programme\Mp3tag 2008-06-01 20:41:07 0 d-------- H:\Dokumente und Einstellungen\Sylvain\Anwendungsdaten\JAM Software 2008-06-01 20:40:58 0 d-------- H:\Programme\JAM Software 2008-05-31 13:24:57 0 d-------- H:\Programme\Microsoft Silverlight 2008-05-30 09:36:15 0 d-------- H:\Programme\Soulseek 2008-05-21 11:05:20 0 d-------- H:\Programme\Philips 2008-05-21 11:03:47 0 d-------- H:\Dokumente und Einstellungen\Sylvain\Anwendungsdaten\InstallShield -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}] 20/03/2008 00:36 1267040 --a------ H:\Programme\Winamp Toolbar\winamptb.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7D76D0EB-AE56-4DF4-AFFC-20AFF4344AC6}] 19/07/2008 23:44 17920 --a------ H:\WINDOWS\system32\tbrsrch.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BA94E628-6A42-40E4-9B65-E729711DD3FE}] 16/05/2007 17:12 1208320 --a------ H:\Programme\YooBarre\yoobarre.dll [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= H:\Programme\Winamp Toolbar\winamptb.dll [20/03/2008 00:36 1267040] [-HKEY_CLASSES_ROOT\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="H:\WINDOWS\system32\NvCpl.dll" [12/07/2006 07:19] "nwiz"="nwiz.exe" [12/07/2006 07:19 H:\WINDOWS\system32\nwiz.exe] "NeroFilterCheck"="H:\WINDOWS\system32\NeroCheck.exe" [09/07/2001 11:50] "avast!"="H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [16/05/2008 01:19] "@"="" [] "NVIDIA nTune"="H:\Programme\NVIDIA Corporation\nTune\nTuneCmd.exe" [15/05/2006 17:12] "NvMediaCenter"="H:\WINDOWS\system32\NvMcTray.dll" [12/07/2006 07:19] "RTHDCPL"="RTHDCPL.EXE" [28/06/2006 14:54 H:\WINDOWS\RTHDCPL.exe] "Alcmtr"="ALCMTR.EXE" [03/05/2005 18:43 H:\WINDOWS\Alcmtr.exe] "TkBellExe"="H:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" [18/04/2007 19:23] "Netcom"="H:\PROGRA~1\Netcom\Netcom.exe" [] "Eye On Network"="H:\Programme\Eye On Network\Eye On Network.exe" [] "QuickTime Task"="H:\Programme\QuickTime\qttask.exe" [27/04/2007 09:41] "MMTray"="H:\Programme\Musicmatch\Musicmatch Jukebox\mm_tray.exe" [17/01/2006 13:12] "mmtask"="H:\Programme\Musicmatch\Musicmatch Jukebox\mmtask.exe" [17/01/2006 13:12] "SunJavaUpdateSched"="H:\Programme\Java\jre1.6.0_01\bin\jusched.exe" [14/03/2007 03:43] "KernelFaultCheck"="H:\WINDOWS\system32\dumprep 0 -k" [] "NetStat Live"="H:\Programme\AnalogX\NetStat Live\nsl.exe" [] "WinampAgent"="H:\Programme\Winamp\winampa.exe" [01/04/2008 20:49] "V0330Mon.exe"="H:\WINDOWS\V0330Mon.exe" [30/04/2007 03:03] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="H:\WINDOWS\system32\ctfmon.exe" [04/08/2004 09:57] "MsnMsgr"="H:\Programme\Windows Live\Messenger\MsnMsgr.exe" [18/10/2007 11:34] "PowerBar"="" [] "AlcoholAutomount"="H:\Programme\Alcohol Soft\Alcohol 120\axcmd.exe" [] "IDMan"="H:\Programme\Internet Download Manager\IDMan.exe" [28/06/2008 19:25] "Skype"="H:\Programme\Skype\Phone\Skype.exe" [01/02/2008 17:22] H:\Dokumente und Einstellungen\Sylvain\Startmen\Programme\Autostart\ MagicDisc.lnk - H:\Programme\MagicDisc\MagicDisc.exe [02/02/2008 17:51:50] H:\Dokumente und Einstellungen\All Users\Startmen\Programme\Autostart\ Philips Gestionnaire de p‚riph‚riques.lnk - H:\Programme\Philips\SA28XX Device Manager\main.exe [21/05/2008 11:05:21] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6b1e52a7-3daa-11dc-b27e-00e04d049696}] AutoRun\command- K:\autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{741211a2-ea7c-11dc-b3f5-00e04d049696}] AutoRun\command- L:\ClickMe.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bdc6dc4d-5a48-11dc-b2ad-00e04d049696}] AutoRun\command- J:\autorun.exe -- End of Deckard's System Scanner: finished at 2008-07-21 10:10:56 ------------ EXTRA.TXT Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Home Edition (build 2600) SP 2.0 Architecture: X86; Language: German CPU 0: AMD Processor model unknown Percentage of Memory in Use: 59% Physical Memory (total/avail): 446.48 MiB / 179.39 MiB Pagefile Memory (total/avail): 1054.91 MiB / 649.38 MiB Virtual Memory (total/avail): 2047.88 MiB / 1929.91 MiB C: is Removable (No Media) D: is Removable (No Media) E: is Removable (No Media) F: is Removable (No Media) G: is CDROM (No Media) H: is Fixed (NTFS) - 74.52 GiB total, 23.18 GiB free. J: is CDROM (CDFS) K: is CDROM (UDF) L: is Fixed (FAT32) - 232.83 GiB total, 45.43 GiB free. \\.\PHYSICALDRIVE0 - SAMSUNG HD080HJ - 74.53 GiB - 1 partition \PARTITION0 (bootable) - Installierbares Dateisystem - 74.52 GiB - H: \\.\PHYSICALDRIVE3 - Generic USB CF Reader USB Device \\.\PHYSICALDRIVE5 - Generic USB MS Reader USB Device \\.\PHYSICALDRIVE2 - Generic USB SD Reader USB Device \\.\PHYSICALDRIVE4 - Generic USB SM Reader USB Device \\.\PHYSICALDRIVE1 - WD 2500JB External USB Device - 232.88 GiB - 1 partition \PARTITION0 - Unknown - 232.88 GiB - L: -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is enabled. FW: ActiveArmor Firewall v1.0 (NVIDIA Corporation) Disabled AV: avast! antivirus 4.8.1201 [VPS 080720-0] v4.8.1201 (ALWIL Software) [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "H:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"="H:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "H:\\Programme\\Windows Live\\Messenger\\livecall.exe"="H:\\Programme\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "H:\\Programme\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"="H:\\Programme\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe:*:Enabled:Apache HTTP Server" "H:\\Programme\\Soulseek\\slsk.exe"="H:\\Programme\\Soulseek\\slsk.exe:*:Enabled:SoulSeek" "H:\\Programme\\VGas\\wyld3D6.exe"="H:\\Programme\\VGas\\wyld3D6.exe:*:Enabled:wyld3D6" "H:\\Programme\\BitLord\\BitLord.exe"="H:\\Programme\\BitLord\\BitLord.exe:*:Enabled:BitLord" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "H:\\Programme\\Soulseek-Test\\slsk.exe"="H:\\Programme\\Soulseek-Test\\slsk.exe:*:Disabled:SoulSeek" "H:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"="H:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "H:\\Programme\\Windows Live\\Messenger\\livecall.exe"="H:\\Programme\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "H:\\Programme\\Winamp Remote\\bin\\Orb.exe"="H:\\Programme\\Winamp Remote\\bin\\Orb.exe:*:Enabled:Orb" "H:\\Programme\\Winamp Remote\\bin\\OrbTray.exe"="H:\\Programme\\Winamp Remote\\bin\\OrbTray.exe:*:Enabled:OrbTray" "H:\\Programme\\Winamp Remote\\bin\\OrbStreamerClient.exe"="H:\\Programme\\Winamp Remote\\bin\\OrbStreamerClient.exe:*:Enabled:Orb Stream Client" "H:\\Programme\\Sports Interactive\\Football Manager 2008\\fm.exe"="H:\\Programme\\Sports Interactive\\Football Manager 2008\\fm.exe:*:Enabled:Football Manager 2008" "H:\\Programme\\Skype\\Phone\\Skype.exe"="H:\\Programme\\Skype\\Phone\\Skype.exe:*:Enabled:Skype" -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=H:\Dokumente und Einstellungen\All Users APPDATA=H:\Dokumente und Einstellungen\Sylvain\Anwendungsdaten CLASSPATH=.;H:\Programme\QuickTime\QTSystem\QTJava.zip CLIENTNAME=Console CommonProgramFiles=H:\Programme\Gemeinsame Dateien COMPUTERNAME=SYLVAIN-VJS44CZ ComSpec=H:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=H: HOMEPATH=\Dokumente und Einstellungen\Sylvain LOGONSERVER=\\SYLVAIN-VJS44CZ NUMBER_OF_PROCESSORS=1 OS=Windows_NT Path=H:\WINDOWS\system32;H:\WINDOWS;H:\WINDOWS\System32\Wbem;H:\Programme\QuickTime\QTSystem\ PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 15 Model 127 Stepping 1, AuthenticAMD PROCESSOR_LEVEL=15 PROCESSOR_REVISION=7f01 ProgramFiles=H:\Programme PROMPT=$P$G QTJAVA=H:\Programme\QuickTime\QTSystem\QTJava.zip SESSIONNAME=Console SystemDrive=H: SystemRoot=H:\WINDOWS TEMP=H:\DOKUME~1\Sylvain\LOKALE~1\Temp TMP=H:\DOKUME~1\Sylvain\LOKALE~1\Temp USERDOMAIN=SYLVAIN-VJS44CZ USERNAME=Sylvain USERPROFILE=H:\Dokumente und Einstellungen\Sylvain windir=H:\WINDOWS -- User Profiles --------------------------------------------------------------- Sylvain (admin) -- Add/Remove Programs --------------------------------------------------------- --> H:\Programme\Gemeinsame Dateien\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 --> RunDll32 H:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "H:\Programme\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c --> RunDll32 H:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "H:\Programme\InstallShield Installation Information\{6BE926E5-66F4-4166-A5E5-E14D7A165BBD}\setup.exe" -l0x40c --> RunDll32 H:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "H:\Programme\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c --> RunDll32 H:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "H:\Programme\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x40c --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 H:\WINDOWS\INF\PCHealth.inf Adobe Acrobat 5.0 --> H:\WINDOWS\ISUNINST.EXE -f"H:\Programme\Gemeinsame Dateien\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"H:\Programme\Gemeinsame Dateien\Adobe\Acrobat 5.0\NT\Uninst.dll" Adobe Flash Player 9 ActiveX --> H:\WINDOWS\System32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock Adobe Flash Player Plugin --> H:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Archiveur WinRAR --> H:\Programme\WinRAR\uninstall.exe Assistant de connexion Windows Live --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986} avast! Antivirus --> H:\Programme\Alwil Software\Avast4\aswRunDll.exe "H:\Programme\Alwil Software\Avast4\Setup\setiface.dll",RunSetup AviSynth 2.5 --> "H:\Programme\AviSynth 2.5\Uninstall.exe" Barre de confiance CM-CIC --> "H:\Programme\BarreConfCMCIC\Setup.exe" -u BitLord 1.1 --> H:\Programme\BitLord\uninst.exe Creative Live! Cam Center --> RunDll32 H:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "H:\Programme\InstallShield Installation Information\{6BE926E5-66F4-4166-A5E5-E14D7A165BBD}\setup.exe" -l0x40c /remove Creative Software AutoUpdate --> RunDll32 H:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "H:\Programme\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c /remove Creative System Information --> RunDll32 H:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "H:\Programme\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c /remove Creative WebCam Vista/Live! Cam Chat Driver (1.11.01.00) --> H:\WINDOWS\CtDrvIns.exe -uninstall -script VF0330.uns -unsext NT -plugin V0330Pin.dll -pluginres CtCamPin.crl DivX Codec --> H:\Programme\DivX\DivXCodecUninstall.exe /CODEC DivXMachine 2.2 - 219 Pack4 --> "H:\Programme\DivXMachine II\unins000.exe" DM_Install --> H:\Programme\InstallShield Installation Information\{AFD12747-7CDA-49A5-BC5F-18B90FAD6822}\setup.exe -runfromtemp -l0x040c -removeonly DVD Solution --> H:\Programme\Uninstall_CDS.exe FairUse Wizard 2 --> "H:\Programme\FairUse Wizard 2\UnInstall_14333.exe" FastStone Image Viewer 3.2 --> H:\Programme\FastStone Image Viewer\uninst.exe ffvfw MPEG-4 Video Codec (uninstall only) --> "H:\Programme\ffvfw\uninstall.exe" Firebird SQL Server - MAGIX Edition (F) --> H:\MAGIX\Common\Database\uninstall.exe Football Manager 2008 --> "H:\Programme\Sports Interactive\Football Manager 2008\Uninstall_Football Manager 2008\Uninstall Football Manager 2008.exe" High Definition Audio Driver Package - KB888111 --> "H:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" HijackThis 2.0.2 --> "H:\Programme\Trend Micro\HijackThis\HijackThis.exe" /uninstall Hotfix für Windows XP (KB914440) --> "H:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe" Hotfix für Windows XP (KB935448) --> "H:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe" Hotfix for Windows Media Format 11 SDK (KB929399) --> "H:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" IKEA HomePlanner Kitchen --> MsiExec.exe /I{F7107906-5D75-438A-BB33-010818834487} Internet Download Manager --> H:\Programme\Internet Download Manager\Uninstall.exe J'apprends la guitare --> MsiExec.exe /I{16A81684-F7EE-11D6-B1B8-0050BAE10642} Java SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010} MagicDisc 2.5.77 --> H:\PROGRA~1\MAGICD~1\UNWISE.EXE H:\PROGRA~1\MAGICD~1\INSTALL.LOG Manuel d'utilisation de Creative WebCam Vista (Français) --> H:\WINDOWS\IsUn040c.exe -f"H:\Programme\Creative\Creative WebCam Vista\Manuel d'utilisation de Creative WebCam Vista\French\CTManual.isu" Microsoft Compression Client Pack 1.0 for Windows XP --> "H:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "H:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Move Networks Media Player for Internet Explorer --> H:\Dokumente und Einstellungen\Sylvain\Anwendungsdaten\Move Networks\ie_bin\Uninst.exe Mozilla Firefox (2.0.0.16) --> H:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe Mozilla Thunderbird (2.0.0.14) --> H:\Programme\Mozilla Thunderbird\uninstall\helper.exe Mp3tag v2.40 --> H:\Programme\Mp3tag\Mp3tagUninstall.EXE Multimedia Launcher --> RunDll32 H:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "H:\Programme\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall Musicmatch® Jukebox --> RunDll32 H:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "H:\Programme\InstallShield Installation Information\{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}\setup.exe" -l0x40c -uninst Nero OEM --> H:\Programme\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL NVIDIA Drivers --> H:\WINDOWS\system32\nvuide.exe UninstallGUI NVIDIA ForceWare Network Access Manager --> H:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{1F6423DE-7959-4178-80E0-023C7EAA5347} /l1036 NVIDIA nTune --> H:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF} /l1036 OpenOffice.org 2.2 --> MsiExec.exe /I{7FD7F10E-0666-4C9F-A0A8-422EA5E31C4C} QuickTime --> MsiExec.exe /I{08094E03-AFE4-4853-9D31-6D0743DF5328} RapidShare Manager --> rundll32.exe dfshim.dll,ShArpMaintain RapidShareManager.application, Culture=neutral, PublicKeyToken=beb8bcbf36015e49, processorArchitecture=msil RealPlayer --> H:\Programme\Gemeinsame Dateien\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 Realtek High Definition Audio Driver --> RunDll32 H:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "H:\Programme\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly Sicherheitsupdate für Windows XP (KB893756) --> "H:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB896358) --> "H:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB896423) --> "H:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB896428) --> "H:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB899587) --> "H:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB899591) --> "H:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB900725) --> "H:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB901017) --> "H:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB901190) --> "H:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB901214) --> "H:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB902400) --> "H:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB904706) --> "H:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB905414) --> "H:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB905749) --> "H:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB908519) --> "H:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB911562) --> "H:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB911927) --> "H:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB913580) --> "H:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB914388) --> "H:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB914389) --> "H:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB917344) --> "H:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB917422) --> "H:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB917953) --> "H:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB918118) --> "H:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB918439) --> "H:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB919007) --> "H:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB920213) --> "H:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB920670) --> "H:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB920683) --> "H:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB920685) --> "H:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB921503) --> "H:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB922819) --> "H:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB923191) --> "H:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB923414) --> "H:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB923689) --> "H:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB923694) --> "H:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB923980) --> "H:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB924191) --> "H:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB924270) --> "H:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB924496) --> "H:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB924667) --> "H:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB925902) --> "H:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB926255) --> "H:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB926436) --> "H:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB927779) --> "H:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB927802) --> "H:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB928090) --> "H:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB928255) --> "H:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB928843) --> "H:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB929123) --> "H:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB929969) --> "H:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB930178) --> "H:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB931261) --> "H:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB931768) --> "H:\WINDOWS\$NtUninstallKB931768$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB931784) --> "H:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB932168) --> "H:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB933566) --> "H:\WINDOWS\$NtUninstallKB933566$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB933729) --> "H:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB935839) --> "H:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB935840) --> "H:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB936021) --> "H:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB937143) --> "H:\WINDOWS\$NtUninstallKB937143$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB938127) --> "H:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB938829) --> "H:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB939653) --> "H:\WINDOWS\$NtUninstallKB939653$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB941202) --> "H:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB941568) --> "H:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB941569) --> "H:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB941644) --> "H:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB941693) --> "H:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB942615) --> "H:\WINDOWS\$NtUninstallKB942615$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB943055) --> "H:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB943460) --> "H:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB943485) --> "H:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB944653) --> "H:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB945553) --> "H:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB946026) --> "H:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB948590) --> "H:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB948881) --> "H:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB950749) --> "H:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB950760) --> "H:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB950762) --> "H:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB951376-v2) --> "H:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB951376) --> "H:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB951698) --> "H:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB951748) --> "H:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Skype™ 3.6 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82} Smart Guardian --> H:\WINDOWS\IsUninst.exe -f"H:\Programme\ITE\Smart Guardian\Uninst.isu" SoulSeek Client 156c --> "H:\Programme\Soulseek\uninstall.exe" SoulSeek Client 157 test 8 --> "H:\Programme\Soulseek-Test\uninstall.exe" TreeSize Personal 5.0 --> "H:\Programme\JAM Software\TreeSize Personal\unins000.exe" Update für Windows XP (KB894391) --> "H:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe" Update für Windows XP (KB898461) --> "H:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Update für Windows XP (KB900485) --> "H:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe" Update für Windows XP (KB904942) --> "H:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe" Update für Windows XP (KB908531) --> "H:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe" Update für Windows XP (KB910437) --> "H:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe" Update für Windows XP (KB911280) --> "H:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe" Update für Windows XP (KB916595) --> "H:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe" Update für Windows XP (KB920872) --> "H:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe" Update für Windows XP (KB922582) --> "H:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe" Update für Windows XP (KB927891) --> "H:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe" Update für Windows XP (KB930916) --> "H:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe" Update für Windows XP (KB931836) --> "H:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe" Update für Windows XP (KB932823-v3) --> "H:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe" Update für Windows XP (KB933360) --> "H:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe" Update für Windows XP (KB938828) --> "H:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe" Update für Windows XP (KB942763) --> "H:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe" Update für Windows XP (KB942840) --> "H:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe" Update für Windows XP (KB946627) --> "H:\WINDOWS\$NtUninstallKB946627$\spuninst\spuninst.exe" VideoLAN VLC media player 0.8.6c --> H:\Programme\VideoLAN\VLC\uninstall.exe Winamp --> "H:\Programme\Winamp\UninstWA.exe" Winamp Toolbar for Firefox --> "H:\Dokumente und Einstellungen\Sylvain\Anwendungsdaten\Mozilla\Firefox\Profiles\yiscs0s2.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\uninstall.exe" Winamp Toolbar for Internet Explorer --> "H:\Programme\Winamp Toolbar\uninstall.exe" Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0) --> H:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u H:\WINDOWS\System32\DRVSTORE\amdk8_46A23DA005A38EDACA9A5DA30EC2FEBF00D83D18\amdk8.inf Windows Live installer --> MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Messenger --> MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} Windows Live OneCare safety scanner --> RunDll32.exe "H:\Programme\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT Windows Media Format 11 runtime --> "H:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows XP-Hotfix - KB873339 --> H:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe Windows XP-Hotfix - KB885835 --> H:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe Windows XP-Hotfix - KB885836 --> H:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe Windows XP-Hotfix - KB886185 --> H:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe Windows XP-Hotfix - KB887472 --> H:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe Windows XP-Hotfix - KB888302 --> H:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe Windows XP-Hotfix - KB890859 --> "H:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe" Windows XP-Hotfix - KB891781 --> H:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe WinZip 11.1 --> MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5} YooBarre --> regsvr32 /u /s "H:\Programme\YooBarre\yoobarre.dll" -- Application Event Log ------------------------------------------------------- Event Record #/Type5279 / Success Event Submitted/Written: 07/21/2008 09:46:39 AM Event ID/Source: 12001 / usnjsvc Event Description: The Messenger Sharing USN Journal Reader service started successfully. Event Record #/Type5268 / Success Event Submitted/Written: 07/21/2008 08:12:13 AM Event ID/Source: 12001 / usnjsvc Event Description: The Messenger Sharing USN Journal Reader service started successfully. Event Record #/Type5250 / Success Event Submitted/Written: 07/20/2008 04:30:55 PM Event ID/Source: 12001 / usnjsvc Event Description: The Messenger Sharing USN Journal Reader service started successfully. Event Record #/Type5243 / Success Event Submitted/Written: 07/20/2008 09:31:05 AM Event ID/Source: 12001 / usnjsvc Event Description: The Messenger Sharing USN Journal Reader service started successfully. Event Record #/Type5225 / Success Event Submitted/Written: 07/19/2008 10:11:26 PM Event ID/Source: 12001 / usnjsvc Event Description: The Messenger Sharing USN Journal Reader service started successfully. -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type32746 / Warning Event Submitted/Written: 07/19/2008 11:54:06 PM Event ID/Source: 4226 / Tcpip Event Description: TCP/IP hat das Sicherheitslimit erreicht, das für die Anzahl gleichzeitiger TCP-Verbindungsversuche festgelegt wurde. Event Record #/Type32713 / Warning Event Submitted/Written: 07/19/2008 07:46:07 PM Event ID/Source: 1003 / Dhcp Event Description: Der Computer konnte die Netzwerkadresse, die durch den DHCP-Server für die Netzwerkkarte mit der Netzwerkadresse 00E04D049696 zugeteilt wurde, nicht erneuern. Der folgende Fehler ist aufgetreten: %%1223. Es wird weiterhin im Hintergrund versucht, eine Adresse vom Netzwerkadressserver (DHCP) zu erhalten. Event Record #/Type32566 / Warning Event Submitted/Written: 07/18/2008 11:19:00 PM Event ID/Source: 36 / W32Time Event Description: Der Zeitdienst konnte die Systemzeit seit 49152 Sekunden nicht synchronisieren, da kein Zeitanbieter einen gültigen Zeitstempel anbieten konnte. Die Systemuhr ist nicht synchronisiert. Event Record #/Type32540 / Error Event Submitted/Written: 07/18/2008 09:40:07 AM Event ID/Source: 7034 / Service Control Manager Event Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Event Record #/Type32333 / Warning Event Submitted/Written: 07/15/2008 05:08:20 PM Event ID/Source: 1003 / Dhcp Event Description: Der Computer konnte die Netzwerkadresse, die durch den DHCP-Server für die Netzwerkkarte mit der Netzwerkadresse 00E04D049696 zugeteilt wurde, nicht erneuern. Der folgende Fehler ist aufgetreten: %%1223. Es wird weiterhin im Hintergrund versucht, eine Adresse vom Netzwerkadressserver (DHCP) zu erhalten. -- End of Deckard's System Scanner: finished at 2008-07-21 10:10:56 ------------ Merci d'avance Cordialement, Sylvain