FredAntiSpyware21

Ok!! Merci a toi Zonk!! Par curiosité , je vais essayer de trouver ce qui fait que Vista reconnait ou non un logiciel de sécurité par curiosité et voir si je peux "forcer" la reconnaissance!

Salut!! Oui oui, j'avais déja vérifié que le processus était actif!! Et les alertes du centre de sécurité sont désctivées de toute facon!! C'est juste que ca me gonfle de voir quand je vais dans le centre de sécurité cette ligne rouge , et d'autre part ,j'aimerais bien comprendre le pourquoi du comment du schmilblik

Bonjour!! J ai Malwarebytes AntiMalware en résidant depuis peu, et je viens de m'apercevoir que le centre de sécurité de Vista ansi que TuneUp utilities m'indiquent que je ne dispose pas de protection anti spyware.... D'autres utilisateurs de MBAM rencontrent ce phénomène ou c'est moi qui a un soucis ?? Merci d'avance , amicalement.

Voila , en effet , c est a propos du dual chanel que je voulais savoir !

Salut Wilou!! Ce n''est pas l'hostoire du gain qui me tracasse!! J'ai souvent lu sur des forums qu'il valait mieux installer les barettes de Ram par paire.... d'où ma question : une de 1 Go ou deux de 512 Mo ? (et pour quelle raison pour mourie moins bète ) Merci

Salut et meilleurs voeux!! Je possède un double coeur Amd avec 2 Go de Ram. Je souhaiterais monter a 3 Go. Pour l'instant , j ai 2 barettes de 1 Go chacune , il me reste 2 slots dispo. Vaut il mieux que j ajoute une barette d un Go ou 2 de 512 ?? (et si possible , savoir pour quelle raison ) Merci d'avance!!

Composants facultatifs tablet PC !! pas Tablet PC tout court!!

arfff, je viens de lire ton lien pierolefou.... Est ce que l'erreur apparait dans le journal d'événements ?? Si oui , quel en est le descriptif ?

Salut pierolefou , meilleurs voeux!! Lorsque tu es dans C:/Windows, clike droit sur system32 va dans propriété, ensuite onglet "sécurité". Ici , tu devrais pouvoir activer les droits pour modifier le dossier system32. J'ai pas lu les liens de Shila , j'espère que ce que je viens d'écrire n'est pas déja dit dans un de ces liens Sheilla* Oups , désolé d'avoir écorché son pseudo

Oups , mauvaise manipe !!donc: Démarrer/panneau de config/Programmes et fonctionnalités , ensuite sur la gauche tu vas dans : Activer ou désactiver des fonctionnalités de Windows, dans la boite de dialogue qui apparait , tu coches : Composants facultatifs pour Tablet PC . Voila , normalement , l outil de capture a réapparu a sa place

Salut gekbest! Va dans démarrer / tous les programes / accessoires , si tu ne vois pas Tablet PC , tu n auras pas l outil de capture! Remets Tablet PC

salut sheilla!! En fait , réinstaller le driver de ma CG , c'était la 1ere chose qui m'était venu a l'esprit et que j'avais effectué!! Bon , je sèche la , j'ai aucune idée d'ou peut venir le soucis , je crois que je vais prendre mon CD recovery , ca ira plus vite , sauf que ca m ennuie de pas avoir solutionné ce soucis par curiosité

oui , ca vient de tablet PC !! sans tablet pc , l outil de capture n'est pas dispo

merci sheila , mais j y avais pensé , je suis allé exactement sur le meme lien que tu viens de me proposer , j ai téléchargé , voulu le mettre dans systeme32 , et je me suis apercu qu il y était déja, qu il n avait pas disparu!

Bonjour ticlou et meilleurs voeux Donc en allant dans le détail du journal d'événements , il semblerait que le module défaillant soit NvCpl.dll , j 'ai ce soucis depuis ce matin après avoir désinstallé nTune (soft de paramétrage de nVidia) . Pensant que peut etre la désinstallation s'était mal effectuée , j'ai voulu de réinstaller , mais sans succès , Windows ne veut plus l'installer

C'était juste pour etre sur :P Merci pour tout Pear !! et meilleurs voeux pour cette année 2009

Bonjour et meilleurs voeux Je suis sous Vista , et depuis ce matin , a chaque démarrage de ma machine , j ai une alerte Microsoft disant : Prcessus hôte Windows (Rundll32) a cessé de fonctionner. Que faire ? merci par avance!

????

Rectification : C est bon , j ai retéléchargé combofix et Toolscleaner a pu le supprimer ensuite!! Comment je supprime ToolsCleaner maintenant ?? en mettant juste le fichier .exe a la corbeille ??

Rebonsor Pear! Justement , j avais déja malware's bytes, je parlais d un résident! A propos de ToolsCleaner, je l ai éxécuté en administrateur , il a tout détecté , mais il a pas pu supprimer ComboFix , il me dit : ERREUR DE SUPPRESSION! Il n'a pas généré de rapport non plus

Re Pear !! A priori , plus de soucis !! Kaspersky n' a rien détecté et trojan remover ne me trouve rien au scan de démarrage Petite question : en plus d'antivir , que peux tu me conseiller en Freeware afin d'optimiser la sécurité de ma machine ?? Ps : pour ce que je te demandais au début de mon précedent message , j ai trouvé la solution , en fait , c est une clé de registre a modifier après certains cas de désinstallation de Adaware! Merci Lavasoft.... inutile et en plus des ennuis a la désinstallation.... y a t-il un utilitaire pour supprimer les outils que tu m as fait installer ? Merci

Re Pear, Je signale qu en rebootant ma machine , je viens d'apercevoir brièvement un message. Il apparait une seconde entre l'écran ou la barre d'avancement de Vista avance et l'écran avec le logo de Vista , et il dit : Lsdelete program not found - skipping Autocheck. Voici le rapport combofix: Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1791.1174 [GMT 1:00] Lancé depuis: c:\users\Fred\Desktop\ComboFix.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\users\Fred\AppData\Roaming\inst.exe c:\windows\System32\NnmVxGgh.ini c:\windows\system32\NnmVxGgh.ini2 c:\windows\system32\spjycueu.ini c:\windows\Tasks\blxovuhv.job . ((((((((((((((((((((((((((((( Fichiers créés du 2008-11-28 au 2008-12-30 )))))))))))))))))))))))))))))))))))) . 2008-12-30 16:20 . 2008-12-30 16:20 220,618,028 --a------ c:\windows\MEMORY.DMP 2008-12-30 14:00 . 2008-12-30 17:14 <REP> d-------- C:\ToolBar SD 2008-12-30 11:34 . 2008-12-30 11:34 <REP> d-------- C:\rsit 2008-12-30 11:34 . 2008-12-30 11:40 <REP> d-------- c:\program files\trend micro 2008-12-30 09:55 . 2008-12-30 09:55 <REP> d-------- c:\users\All Users\DVD Shrink 2008-12-30 09:55 . 2008-12-30 09:55 <REP> d-------- c:\programdata\DVD Shrink 2008-12-29 20:02 . 2008-12-29 20:02 <REP> d-------- C:\ConversionOutput 2008-12-29 20:00 . 2008-12-29 20:01 <REP> d-------- c:\program files\ContentaConverter-BASIC 2008-12-29 17:07 . 2008-12-29 17:07 <REP> d-------- c:\program files\Avira 2008-12-29 16:54 . 2008-12-29 17:07 <REP> d-------- c:\users\All Users\Avira 2008-12-29 16:54 . 2008-12-29 17:07 <REP> d-------- c:\programdata\Avira 2008-12-29 07:53 . 2008-12-30 06:26 <REP> d-------- c:\users\Fred\Tracing 2008-12-28 06:34 . 2008-12-28 06:34 <REP> d-------- C:\VundoFix Backups 2008-12-28 01:49 . 2008-12-28 01:49 <REP> d-------- c:\users\All Users\SiteAdvisor 2008-12-28 01:49 . 2008-12-28 01:49 <REP> d-------- c:\programdata\SiteAdvisor 2008-12-28 01:49 . 2008-12-28 02:09 <REP> d-------- c:\program files\SiteAdvisor 2008-12-28 01:38 . 2008-12-28 02:19 <REP> d-------- c:\users\All Users\McAfee 2008-12-28 01:38 . 2008-12-28 02:19 <REP> d-------- c:\programdata\McAfee 2008-12-27 18:16 . 2006-05-25 14:52 162,304 --a------ c:\windows\System32\ztvunrar36.dll 2008-12-27 18:16 . 2003-02-02 19:06 153,088 --a------ c:\windows\System32\UNRAR3.dll 2008-12-27 18:16 . 2005-08-26 00:50 77,312 --a------ c:\windows\System32\ztvunace26.dll 2008-12-27 18:16 . 2002-03-06 00:00 75,264 --a------ c:\windows\System32\unacev2.dll 2008-12-27 18:16 . 2006-06-19 12:01 69,632 --a------ c:\windows\System32\ztvcabinet.dll 2008-12-27 18:15 . 2008-12-27 18:15 <REP> d-------- c:\users\Fred\AppData\Roaming\Simply Super Software 2008-12-27 18:15 . 2008-12-27 18:15 <REP> d-------- c:\users\All Users\Simply Super Software 2008-12-27 18:15 . 2008-12-27 18:15 <REP> d-------- c:\programdata\Simply Super Software 2008-12-27 18:15 . 2008-12-29 05:20 <REP> d-------- c:\program files\Trojan Remover 2008-12-26 17:00 . 2008-12-26 17:00 <REP> d-------- C:\My Videos 2008-12-26 16:59 . 2008-12-26 17:04 <REP> d-------- c:\users\All Users\Apowersoft 2008-12-26 16:59 . 2008-12-26 17:04 <REP> d-------- c:\programdata\Apowersoft 2008-12-26 16:58 . 2008-12-26 16:58 <REP> d-------- c:\windows\Application Data 2008-12-26 12:58 . 2008-12-28 10:18 <REP> d-------- c:\program files\Navilog1 2008-12-26 09:14 . 2008-12-28 10:32 3,718 --a------ c:\windows\System32\BIN_STRSBW.SPT 2008-12-25 21:30 . 2008-12-25 21:30 <REP> d-------- c:\users\Fred\AppData\Roaming\Lavasoft 2008-12-25 21:06 . 2008-12-26 16:52 <REP> d-------- c:\users\Fred\AppData\Roaming\Orbit 2008-12-25 21:06 . 2008-12-25 21:06 <REP> d-------- C:\Downloads 2008-12-25 20:25 . 2008-12-29 07:30 <REP> d-------- c:\users\Fred\AppData\Roaming\AngelCleaner 2008-12-25 19:31 . 2008-12-25 19:31 <REP> d-------- c:\users\Fred\AppData\Roaming\Malwarebytes 2008-12-25 19:31 . 2008-12-25 19:31 <REP> d-------- c:\users\All Users\Malwarebytes 2008-12-25 19:31 . 2008-12-25 19:31 <REP> d-------- c:\programdata\Malwarebytes 2008-12-25 19:31 . 2008-12-25 19:31 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware 2008-12-25 19:31 . 2008-12-03 19:52 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys 2008-12-25 19:31 . 2008-12-03 19:52 15,504 --a------ c:\windows\System32\drivers\mbam.sys 2008-12-24 21:54 . 2008-12-24 21:54 <REP> d-------- c:\windows\System32\SpycatcherAgentSetupTemp 2008-12-24 21:51 . 2008-12-24 21:51 <REP> d-------- c:\windows\Downloaded Installations 2008-12-24 19:59 . 2008-12-24 20:00 <REP> d-------- c:\program files\Opera 2008-12-24 18:36 . 2008-12-24 18:36 <REP> d-------- c:\users\Fred\AppData\Roaming\invibes 2008-12-24 18:11 . 2008-12-24 18:11 <REP> d-------- c:\users\All Users\Apple Computer 2008-12-24 18:11 . 2008-12-24 18:11 <REP> d-------- c:\programdata\Apple Computer 2008-12-24 18:11 . 2008-12-24 18:11 <REP> d-------- c:\program files\QT Lite 2008-12-24 18:11 . 2008-12-24 18:23 <REP> d-------- c:\program files\IVCsoft 2008-12-24 18:11 . 2008-09-06 15:09 90,112 --a------ c:\windows\System32\QuickTimeVR.qtx 2008-12-24 18:11 . 2008-09-06 15:09 57,344 --a------ c:\windows\System32\QuickTime.qts 2008-12-24 17:29 . 2008-12-24 17:29 <REP> d-------- c:\users\Fred\AppData\Roaming\AVS4YOU 2008-12-24 17:00 . 2008-12-24 17:00 <REP> d-------- c:\users\Fred\AppData\Roaming\AVSMedia 2008-12-24 17:00 . 2008-12-24 17:00 <REP> d-------- c:\users\All Users\AVS4YOU 2008-12-24 17:00 . 2008-12-24 17:00 <REP> d-------- c:\programdata\AVS4YOU 2008-12-24 16:58 . 2008-12-24 17:49 <REP> d-------- c:\program files\Common Files\AVSMedia 2008-12-24 16:58 . 2007-05-31 08:44 740,442 --a------ c:\windows\System32\divx.dll 2008-12-24 16:58 . 2007-02-27 19:36 261,632 --a------ c:\windows\System32\mcdvd_32.dll 2008-12-24 16:58 . 2007-02-27 19:36 221,215 --a------ c:\windows\System32\divxdec.ax 2008-12-24 16:58 . 2007-02-27 19:36 156,910 --a------ c:\windows\WMSysPr8.prx 2008-12-24 16:58 . 2003-03-25 06:49 98,304 --a------ c:\windows\System32\L3CODECX.AX 2008-12-24 16:58 . 2007-02-27 19:36 82,944 --a------ c:\windows\System32\vct3216.acm 2008-12-24 16:58 . 2007-02-27 19:36 53,248 --a------ c:\windows\System32\xvid.ax 2008-12-24 16:58 . 2007-02-27 19:36 38,912 --a------ c:\windows\System32\alf2cd.acm 2008-12-24 16:58 . 2007-02-27 19:36 24,576 --a------ c:\windows\System32\msxml3a.dll 2008-12-24 16:58 . 2007-02-27 19:36 13,239 --a------ c:\windows\System32\Scg726.acm 2008-12-24 13:16 . 2008-12-26 17:03 187 --a------ c:\windows\wininit.ini 2008-12-24 11:20 . 2008-06-04 17:42 364,544 --a------ c:\windows\System32\PropertyGrid.ocx 2008-12-24 11:20 . 2008-12-24 08:02 274,432 --a------ c:\windows\System32\TubeFinder.exe 2008-12-24 11:20 . 2008-06-04 17:42 208,500 --a------ c:\windows\System32\ReyXpBasics.tlb 2008-12-24 11:20 . 2008-06-04 17:42 84,512 --a------ c:\windows\System32\PICCLP32.OCX 2008-12-24 11:20 . 2008-06-04 17:42 24,576 --a------ c:\windows\System32\ControlSubX.ocx 2008-12-24 11:20 . 2008-06-04 17:42 9,728 --a------ c:\windows\System32\PCCLPFR.DLL 2008-12-24 08:59 . 2008-12-24 08:59 0 --a------ c:\windows\nsreg.dat 2008-12-23 14:54 . 2008-12-30 17:10 <REP> d-------- c:\users\Fred\Logiciels 2008-12-21 10:05 . 2008-12-21 10:05 <REP> d-------- c:\program files\Microsoft Office Outlook Connector 2008-12-21 10:04 . 2008-12-21 10:05 <REP> d-------- c:\program files\Microsoft 2008-12-21 10:03 . 2008-12-21 10:03 <REP> d-------- c:\program files\Windows Live SkyDrive 2008-12-20 16:45 . 2008-12-20 16:45 0 --ah----- c:\windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf 2008-12-18 21:38 . 2008-12-18 21:38 460,824 --a------ C:\img2-001.raw 2008-12-18 09:46 . 2008-12-13 07:23 1,659,392 --a------ c:\windows\System32\mshtml.tlb 2008-12-17 11:39 . 2008-12-17 11:40 <REP> d-------- c:\program files\Microsoft LifeCam 2008-12-17 05:10 . 2008-12-17 05:10 <REP> d-------- c:\program files\IP Changer 2008-12-16 16:43 . 2008-12-16 16:45 <REP> d-------- c:\users\Fred\AppData\Roaming\PeerNetworking 2008-12-16 14:54 . 2008-12-18 11:52 <REP> d-------- c:\users\Fred\FTP 2008-12-13 21:42 . 2008-12-14 18:00 <REP> d-------- c:\users\Fred\AppData\Roaming\skypePM 2008-12-13 21:42 . 2008-12-13 21:42 56 --ah----- c:\windows\System32\ezsidmv.dat 2008-12-13 21:37 . 2008-12-17 05:47 <REP> d-------- c:\users\All Users\Skype 2008-12-13 21:37 . 2008-12-17 05:47 <REP> d-------- c:\programdata\Skype 2008-12-13 18:53 . 2008-12-13 18:53 <REP> d-------- c:\users\Fred\AppData\Roaming\vlc 2008-12-12 03:01 . 2008-10-22 02:22 2,048 --a------ c:\windows\System32\tzres.dll 2008-12-12 02:10 . 2008-11-01 02:21 4,240,384 --a------ c:\windows\System32\GameUXLegacyGDFs.dll 2008-12-12 02:10 . 2008-10-21 06:25 296,960 --a------ c:\windows\System32\gdi32.dll 2008-12-12 02:10 . 2008-11-01 04:44 28,672 --a------ c:\windows\System32\Apphlpdm.dll 2008-12-12 02:09 . 2008-10-29 07:29 2,927,104 --a------ c:\windows\explorer.exe 2008-12-12 02:09 . 2008-06-23 02:59 2,868,736 --a------ c:\windows\System32\mf.dll 2008-12-12 02:09 . 2008-06-23 02:59 996,352 --a------ c:\windows\System32\WMNetMgr.dll 2008-12-12 02:09 . 2008-06-23 02:58 94,720 --a------ c:\windows\System32\logagent.exe 2008-12-03 18:40 . 2005-09-23 07:29 626,688 --a------ c:\windows\System32\msvcr80.dll 2008-12-02 22:37 . 2008-12-02 22:37 49,480 --a------ c:\windows\System32\sirenacm.dll 2008-12-02 17:35 . 2008-12-02 17:35 <REP> d-------- c:\users\All Users\Grisoft 2008-12-02 17:35 . 2008-12-02 17:35 <REP> d-------- c:\programdata\Grisoft 2008-12-02 11:29 . 2008-12-02 11:29 <REP> d-------- c:\users\Fred\AppData\Roaming\vghd 2008-12-02 11:29 . 2008-12-02 11:29 152,904 --a------ c:\windows\System32\vghd.scr 2008-11-26 17:32 . 2008-11-26 17:32 <REP> d-------- c:\users\All Users\Messenger Plus! 2008-11-26 17:32 . 2008-11-26 17:32 <REP> d-------- c:\programdata\Messenger Plus! 2008-11-26 16:36 . 2008-11-26 16:37 <REP> d-------- c:\users\All Users\tpfmon 2008-11-26 16:36 . 2008-11-26 16:37 <REP> d-------- c:\programdata\tpfmon 2008-11-26 04:32 . 2008-10-21 06:25 1,645,568 --a------ c:\windows\System32\connect.dll 2008-11-26 04:32 . 2008-08-28 04:40 712,704 --a------ c:\windows\System32\WindowsCodecs.dll 2008-11-26 04:32 . 2008-08-28 04:40 425,472 --a------ c:\windows\System32\PhotoMetadataHandler.dll 2008-11-26 04:32 . 2008-08-28 04:40 347,136 --a------ c:\windows\System32\WindowsCodecsExt.dll 2008-11-26 04:32 . 2008-10-22 04:57 241,152 --a------ c:\windows\System32\PortableDeviceApi.dll 2008-11-20 09:13 . 2008-11-20 09:13 <REP> dr-h----- c:\users\Fred\AppData\Roaming\SecuROM 2008-11-17 16:01 . 2008-11-17 16:01 <REP> d-------- c:\program files\Common Files\Windows Live 2008-11-17 13:40 . 2008-11-17 13:40 <REP> d-------- c:\users\Fred\AppData\Roaming\Jasc Software Inc 2008-11-17 13:40 . 2008-11-17 13:41 <REP> d-------- c:\program files\Common Files\Jasc Software Inc 2008-11-16 15:30 . 2008-11-16 15:30 107,888 --a------ c:\windows\System32\CmdLineExt.dll 2008-11-16 15:10 . 2008-11-16 15:10 <REP> d-------- c:\program files\SEGA 2008-11-15 04:58 . 2008-10-16 22:13 1,809,944 --a------ c:\windows\System32\wuaueng.dll 2008-11-15 04:58 . 2008-10-16 21:56 1,524,736 --a------ c:\windows\System32\wucltux.dll 2008-11-15 04:58 . 2008-10-16 22:12 561,688 --a------ c:\windows\System32\wuapi.dll 2008-11-15 04:58 . 2008-10-16 14:08 162,064 --a------ c:\windows\System32\wuwebv.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-30 15:45 --------- d---a-w c:\programdata\TEMP 2008-12-30 15:04 --------- d-----w c:\programdata\Lavasoft 2008-12-30 15:04 --------- d-----w c:\program files\Common Files\Wise Installation Wizard 2008-12-30 08:09 --------- d-----w c:\program files\K-Lite Codec Pack 2008-12-28 09:31 --------- d-----w c:\program files\MP3Gain 2008-12-28 01:21 --------- d-----w c:\programdata\Kaspersky Lab Setup Files 2008-12-28 00:22 81,984 ----a-w c:\windows\System32\bdod.bin 2008-12-27 06:53 --------- d-----w c:\program files\CCleaner 2008-12-26 21:31 --------- d-----w c:\program files\a-squared Free 2008-12-26 16:26 --------- d-----w c:\program files\Messenger Plus! Live 2008-12-26 08:45 --------- d-----w c:\program files\Lphant 2008-12-24 17:22 --------- d-----w c:\program files\VSO 2008-12-24 17:21 47,360 ----a-w c:\users\Fred\AppData\Roaming\pcouffin.sys 2008-12-24 17:21 --------- d-----w c:\users\Fred\AppData\Roaming\Vso 2008-12-17 10:30 --------- d-----w c:\programdata\Logishrd 2008-12-17 04:50 --------- d-----w c:\users\Fred\AppData\Roaming\FileZilla 2008-12-17 03:28 --------- d-----w c:\program files\IncrediMail 2008-12-12 02:12 --------- d-----w c:\program files\Windows Mail 2008-12-03 12:08 --------- d-----w c:\program files\Java 2008-12-03 08:39 --------- d-----w c:\program files\Windows Live Safety Center 2008-12-02 19:41 --------- d--h--w c:\program files\InstallShield Installation Information 2008-12-02 12:25 --------- d-----w c:\program files\IceOp 2008-11-26 15:19 --------- d-----w c:\program files\Windows Live 2008-11-26 15:14 --------- d-----w c:\programdata\WLInstaller 2008-11-17 12:40 --------- d-----w c:\program files\Jasc Software Inc 2008-11-11 14:19 --------- d-----w c:\programdata\Nero 2008-11-11 14:19 --------- d-----w c:\program files\Nero 2008-11-11 10:21 --------- d-----w c:\program files\Zeallsoft 2008-11-11 10:17 --------- d-----w c:\program files\MSBuild 2008-11-11 09:49 --------- d-----w c:\users\Fred\AppData\Roaming\Camfrog 2008-11-11 09:46 717,296 ----a-w c:\windows\system32\drivers\sptd.sys 2008-11-10 19:16 --------- d-----w c:\programdata\NVIDIA 2008-11-10 15:16 --------- d-----w c:\programdata\ma-config.com 2008-11-10 15:16 --------- d-----w c:\program files\ma-config.com 2008-11-10 14:21 --------- d-----w c:\program files\Video Snapshots Genius 2008-11-10 04:43 410,984 ----a-w c:\windows\System32\deploytk.dll 2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll 2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll 2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll 2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll 2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll 2008-10-09 08:31 319,456 ----a-w c:\windows\DIFxAPI.dll 2008-10-07 12:33 797,216 ----a-w c:\windows\System32\nvcplui.exe 2008-10-07 12:33 704,512 ----a-w c:\windows\System32\nvsvsr.dll 2008-10-07 12:33 122,880 ----a-w c:\windows\System32\nvcod134.dll 2008-10-07 12:33 1,486,848 ----a-w c:\windows\System32\nvcuda.dll 2008-10-07 12:33 1,269,760 ----a-w c:\windows\System32\nvsvs.dll 2008-10-07 12:33 1,108,512 ----a-w c:\windows\System32\nvcpluir.dll 2008-09-30 15:43 1,286,152 ----a-w c:\windows\System32\msxml4.dll 2008-09-24 15:58 862,240 ----a-w c:\windows\System32\RtkPgExt.dll 2008-09-24 15:58 44,064 ----a-w c:\windows\System32\RtkCoInst.dll 2008-09-24 15:58 285,216 ----a-w c:\windows\System32\RtkApoApi.dll 2008-09-24 15:58 2,345,504 ----a-w c:\windows\System32\RtkAPO.dll 2008-09-18 05:09 3,601,464 ----a-w c:\windows\System32\ntkrnlpa.exe 2008-09-18 05:09 3,549,240 ----a-w c:\windows\System32\ntoskrnl.exe 2008-09-18 04:56 147,456 ----a-w c:\windows\System32\Faultrep.dll 2008-09-18 04:56 125,952 ----a-w c:\windows\System32\wersvc.dll 2008-09-18 02:16 2,032,640 ----a-w c:\windows\System32\win32k.sys 2008-09-10 15:41 47,104 ----a-w c:\windows\System32\ctppld.dll 2008-09-10 15:39 497,152 ----a-w c:\windows\System32\CTAPO32.dll 2007-07-21 10:37 174 --sha-w c:\program files\desktop.ini . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240] "IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2008-10-16 243072] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2008-05-28 570664] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-10 136600] "VX1000"="c:\windows\vVX1000.exe" [2007-04-10 709992] "LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912] "TrojanScanner"="c:\program files\Trojan Remover\Trjscan.exe" [2008-12-10 1230728] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "FilterAdministratorToken"= 1 (0x1) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "MSVideo1"= CSvidcap.dll "msacm.l3fhg"= mp3fhg.acm "VIDC.X264"= x264vfw.dll "VIDC.HFYU"= huffyuv.dll "vidc.i263"= i263_32.drv "vidc.i420"= i420vfw.dll "msacm.divxa32"= divxa32.acm [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "ManyCam"="c:\program files\ManyCam 2.3\ManyCam.exe" "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" -autorun "WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe "Camfrog"="c:\program files\Camfrog\Camfrog Video Chat\CamfrogNet.exe" 1 c:\program files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe "SpybotSD TeaTimer"=c:\program files\Spybot - Search & Destroy\TeaTimer.exe "Windows Defender User Interface"=c:\program files\Windows Defender\MSASCui.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "AppleSyncNotifier"=c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "RtHDVCpl"=c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe "NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit "NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2674573279-3624949104-4294528065-1000] "EnableNotificationsRef"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{D3EEE455-D3AF-425A-B51A-58166D5C2329}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp "{FF96A514-E4FD-4146-B1A1-0A988DBA668F}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp "{11A3BD60-E18D-4D5F-946E-508EF3FE84D3}"= Disabled:UDP:c:\users\Fred\AppData\Local\Temp\ImInstaller\incredimail_installer.exe:IncrediMail Installer "{93045A81-DEE0-4B60-A1E5-F1293C034E90}"= Disabled:TCP:c:\users\Fred\AppData\Local\Temp\ImInstaller\incredimail_installer.exe:IncrediMail Installer "TCP Query User{2BCF63FE-AC3C-479F-8B41-E83D434B5D14}c:\\program files\\camfrog\\camfrog video chat\\camfrog video chat.exe"= UDP:c:\program files\camfrog\camfrog video chat\camfrog video chat.exe:Camfrog Client Module "UDP Query User{7C8AA0B5-A0AC-4730-AEF0-78C6103C65E5}c:\\program files\\camfrog\\camfrog video chat\\camfrog video chat.exe"= TCP:c:\program files\camfrog\camfrog video chat\camfrog video chat.exe:Camfrog Client Module "TCP Query User{28AE0947-DE13-4C5E-AB1D-508C47409CF9}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{6FFA9E6F-74CE-4AE3-93B1-EE50CEE61E08}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "TCP Query User{3B2DCE68-83CC-4598-9A57-64525AE683A9}c:\\program files\\sopcast\\adv\\sopadver.exe"= UDP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver "UDP Query User{0CD0EC23-32C2-42AD-B609-B17ECFF24B69}c:\\program files\\sopcast\\adv\\sopadver.exe"= TCP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver "{94A1CB8E-C1DF-44D1-9153-4571CB59FD85}"= UDP:c:\program files\ma-config.com\maconfservice.exe:maconfservice "{C25A6B13-82F8-4AC4-88BA-2600C21C9AFD}"= TCP:c:\program files\ma-config.com\maconfservice.exe:maconfservice "{583E1B77-4242-4A97-B9CD-2B47013A5719}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "{9CAFE18E-C332-4BA9-9EBD-FAB85B6D1893}"= Disabled:UDP:c:\users\Fred\AppData\Local\Temp\ImInstaller\FreeEcardMovies_Installer.exe:IncrediMail Installer "{F6B08295-2EAC-45B5-8A5D-EAEBB0E3D7E1}"= Disabled:TCP:c:\users\Fred\AppData\Local\Temp\ImInstaller\FreeEcardMovies_Installer.exe:IncrediMail Installer "{3DE07CAD-E082-4D32-9839-A9A0C277CBF5}"= Disabled:UDP:c:\program files\IncrediMail\bin\ImpCnt.exe:IncrediMail "{6F675ADD-29A9-428A-86CA-8BAB4B958A27}"= Disabled:TCP:c:\program files\IncrediMail\bin\ImpCnt.exe:IncrediMail "{4669B0BD-1631-4A12-B4C4-857518925B92}"= UDP:c:\program files\Microsoft LifeCam\LifeCam.exe:LifeCam.exe "{D41EF91E-0ED4-4F53-8563-8AEDF9965027}"= TCP:c:\program files\Microsoft LifeCam\LifeCam.exe:LifeCam.exe "{C15CE7CD-F84D-48F2-9342-8C18888C1A59}"= UDP:c:\program files\Microsoft LifeCam\LifeExp.exe:LifeExp.exe "{D13F9EA8-2D46-4CB2-96A8-01FCDDA63EBC}"= TCP:c:\program files\Microsoft LifeCam\LifeExp.exe:LifeExp.exe "{7154105B-0388-4C18-90E2-5CAC5B3B6C33}"= UDP:c:\program files\Lphant\eLePhantClient.exe:Lphant "{FE2BCA97-22A0-49D6-A18B-E3B6C1A833CA}"= TCP:c:\program files\Lphant\eLePhantClient.exe:Lphant "{76C1E9E7-3702-4C7C-A436-3A4873280225}"= Disabled:UDP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail "{CF2665D8-DE24-45F2-B84D-2C43856F2DCD}"= Disabled:TCP:c:\program files\IncrediMail\bin\IncMail.exe:IncrediMail "{B9BEDE65-2032-4CA1-9983-88DBCAAA625D}"= Disabled:UDP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail "{44F016BB-A393-4B61-9C09-1E10F09BB966}"= Disabled:TCP:c:\program files\IncrediMail\bin\ImApp.exe:IncrediMail [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2008-11-12 809296] R3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrusb.sys [2007-07-21 449536] R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys [2008-01-14 21632] R3 TotRec7;Total Recorder WDM audio driver;c:\windows\system32\drivers\TotRec7.sys [2008-10-27 127496] S3 maconfservice;Ma-Config Service;"c:\program files\ma-config.com\maconfservice.exe" [2008-11-02 195752] S3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB32.sys [2006-11-02 1083520] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bdx REG_MULTI_SZ scan HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Contenu du dossier 'Tâches planifiées' 2008-12-30 c:\windows\Tasks\Maintenance en 1 clic.job - c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:23] . - - - - ORPHELINS SUPPRIMES - - - - MSConfigStartUp-MSServer - c:\windows\system32\ljJYRIBT.dll ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-30 17:22:56 Windows 6.0.6001 Service Pack 1 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'Explorer.exe'(3708) c:\program files\IncrediMail\bin\B4ImApp.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\System32\nvvsvc.exe c:\windows\System32\audiodg.exe c:\windows\System32\rundll32.exe c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe c:\program files\a-squared Free\a2service.exe c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Diskeeper Corporation\Diskeeper\DkService.exe c:\program files\Hotspot Shield\bin\openvpnas.exe c:\program files\Microsoft LifeCam\MSCamS32.exe c:\windows\System32\IoctlSvc.exe c:\windows\System32\WUDFHost.exe c:\windows\System32\conime.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\IncrediMail\bin\ImApp.exe c:\windows\System32\wbem\unsecapp.exe c:\windows\System32\dllhost.exe . ************************************************************************** . Heure de fin: 2008-12-30 17:33:53 - La machine a redémarré ComboFix-quarantined-files.txt 2008-12-30 16:33:48 Avant-CF: 87 578 763 264 octets libres Après-CF: 87,282,581,504 octets libres 336 --- E O F --- 2008-12-30 06:44:05

Re Pear !! Voici les rapports que tu m as demandés ( à noter qu au redémarrage après avoir Toolbar S&D, le scan au démarrage de Trojan remover ne m a rien détecté, ca m a conforté ) : -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1 X86-based PC ( Multiprocessor Free : AMD Athlon 64 X2 Dual Core Processor 4200+ ) BIOS : )Phoenix - Award WorkstationBIOS v6.00PG USER : Fred ( Administrator ) BOOT : Fail-safe boot C:\ (Local Disk) - NTFS - Total:149 Go (Free:83 Go) D:\ (CD or DVD) E:\ (USB) F:\ (USB) G:\ (USB) H:\ (USB) I:\ (CD or DVD) J:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [1] ( 30/12/2008|14:06 ) [ UAC => 0 ] -----------\\ Recherche de Fichiers / Dossiers ... C:\Program Files\Dealio C:\Program Files\Dealio\kb127 -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://mystart.incredimail.com/french/"'>http://mystart.incredimail.com/french/" "Url"="http://go.microsoft.com/fwlink/?LinkId=75720"'>http://go.microsoft.com/fwlink/?LinkId=75720" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" --------------------\\ Recherche d'autres infections C:\Windows\system32\NnmVxGgh.ini C:\Windows\system32\NnmVxGgh.ini2 ==> VUNDO <== --------------------\\ Cracks & Keygens .. C:\Users\Fred\AppData\Local\Opera\Opera\profile\bt_metadata\Trojan Remover v6.7.5 + keygen + patch.dat C:\Users\Fred\Logiciels\BitDefender.Total.Security.2008.v11.0.16.FR.Incl-Crack.[emule-island.com].rar C:\Users\Fred\Logiciels\Trojan Remover v6.7.5 + keygen + patch C:\Users\Fred\Logiciels\Trojan Remover v6.7.5 + keygen + patch\instruction.txt C:\Users\Fred\Logiciels\Trojan Remover v6.7.5 + keygen + patch\Keygen + Patch C:\Users\Fred\Logiciels\Trojan Remover v6.7.5 + keygen + patch\trjsetup675.exe C:\Users\Fred\Logiciels\Trojan Remover v6.7.5 + keygen + patch\Keygen + Patch\Keygen.exe C:\Users\Fred\Logiciels\Trojan Remover v6.7.5 + keygen + patch\Keygen + Patch\Patch.exe [ UAC => 1 ] 1 - "C:\ToolBar SD\TB_1.txt" - 30/12/2008|14:06 - Option : [1] et: -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1 X86-based PC ( Multiprocessor Free : AMD Athlon 64 X2 Dual Core Processor 4200+ ) BIOS : )Phoenix - Award WorkstationBIOS v6.00PG USER : Fred ( Administrator ) BOOT : Fail-safe boot C:\ (Local Disk) - NTFS - Total:149 Go (Free:83 Go) D:\ (CD or DVD) E:\ (USB) F:\ (USB) G:\ (USB) H:\ (USB) I:\ (CD or DVD) J:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [2] ( 30/12/2008|14:12 ) [ UAC => 1 ] -----------\\ SUPPRESSION Supprime! - C:\Program Files\Dealio\kb127 Supprime! - C:\Program Files\Dealio -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://mystart.incredimail.com/french/" "Url"="http://go.microsoft.com/fwlink/?LinkId=75720" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" --------------------\\ Recherche d'autres infections C:\Windows\system32\NnmVxGgh.ini C:\Windows\system32\NnmVxGgh.ini2 ==> VUNDO <== --------------------\\ Cracks & Keygens .. C:\Users\Fred\AppData\Local\Opera\Opera\profile\bt_metadata\Trojan Remover v6.7.5 + keygen + patch.dat C:\Users\Fred\Logiciels\BitDefender.Total.Security.2008.v11.0.16.FR.Incl-Crack.[emule-island.com].rar C:\Users\Fred\Logiciels\Trojan Remover v6.7.5 + keygen + patch C:\Users\Fred\Logiciels\Trojan Remover v6.7.5 + keygen + patch\instruction.txt C:\Users\Fred\Logiciels\Trojan Remover v6.7.5 + keygen + patch\Keygen + Patch C:\Users\Fred\Logiciels\Trojan Remover v6.7.5 + keygen + patch\trjsetup675.exe C:\Users\Fred\Logiciels\Trojan Remover v6.7.5 + keygen + patch\Keygen + Patch\Keygen.exe C:\Users\Fred\Logiciels\Trojan Remover v6.7.5 + keygen + patch\Keygen + Patch\Patch.exe [ UAC => 1 ] 1 - "C:\ToolBar SD\TB_1.txt" - 30/12/2008|14:06 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - 30/12/2008|14:12 - Option : [2] Pour MBAM : Malwarebytes' Anti-Malware 1.31 Version de la base de données: 1577 Windows 6.0.6001 Service Pack 1 30/12/2008 15:22:37 mbam-log-2008-12-30 (15-22-37).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 135617 Temps écoulé: 59 minute(s), 25 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) Voila !! Reste plus que la ligne de MSServer dans le démarrage de MsConfig (merci encore du temps que tu prends pour m'aider)

Bonjour Pear et merci de prendre le temps de t'interesser mon soucis. Voici les deux rapports demandés: Logfile of random's system information tool 1.05 (written by random/random) Run by Fred at 2008-12-30 11:40:25 Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1 System drive C: has 84 GB (55%) free of 153 GB Total RAM: 1791 MB (48% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:40:30, on 30/12/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.18241) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\Windows\vVX1000.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Windows\system32\taskeng.exe C:\Program Files\IncrediMail\bin\ImApp.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\conime.exe C:\Program Files\Opera\opera.exe C:\Users\Fred\Desktop\RSIT.exe C:\Program Files\trend micro\Fred.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/french/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [VX1000] C:\Windows\vVX1000.exe O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [Windows Defender User Interface] C:\Program Files\Windows Defender\MSASCui.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...ion_3_0_3_5.cab O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Unknown owner - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (file missing) O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files\FileZilla Server\FileZilla Server.exe (file missing) O23 - Service: Fix-It Task Manager - Unknown owner - C:\PROGRA~1\AVANQU~1\Fix-It\mxtask.exe (file missing) O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe -- End of file - 7094 bytes ======Scheduled tasks folder====== C:\Windows\tasks\blxovuhv.job C:\Windows\tasks\Maintenance en 1 clic.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] Click-to-Call BHO - C:\Program Files\Windows Live\Messenger\wlchtc.dll [2008-12-02 73040] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2008-05-28 570664] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600] "VX1000"=C:\Windows\vVX1000.exe [2007-04-10 709992] "LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2007-05-17 279912] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497] "TrojanScanner"=C:\Program Files\Trojan Remover\Trjscan.exe [2008-12-10 1230728] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240] "IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2008-10-16 243072] "Windows Defender User Interface"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSServer] C:\Windows\system32\ljJYRIBT.dll [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "authentication packages"=msv1_0 C:\Windows\system32\hgGxVmnN [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "EnableLUA"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 2 months====== 2008-12-30 11:34:25 ----D---- C:\Program Files\trend micro 2008-12-30 11:34:24 ----D---- C:\rsit 2008-12-30 09:55:16 ----D---- C:\ProgramData\DVD Shrink 2008-12-30 09:09:38 ----A---- C:\Windows\system32\pncrt.dll 2008-12-30 09:09:21 ----A---- C:\Windows\system32\x264vfw.dll 2008-12-30 09:09:21 ----A---- C:\Windows\system32\vp7vfw.dll 2008-12-30 09:09:21 ----A---- C:\Windows\system32\vp6vfw.dll 2008-12-30 09:09:21 ----A---- C:\Windows\system32\Iacenc.dll 2008-12-30 09:09:21 ----A---- C:\Windows\system32\i420vfw.dll 2008-12-30 09:09:21 ----A---- C:\Windows\system32\huffyuv.dll 2008-12-30 09:09:20 ----A---- C:\Windows\system32\qt-dx331.dll 2008-12-30 09:09:20 ----A---- C:\Windows\system32\dpl100.dll 2008-12-29 20:02:45 ----D---- C:\ConversionOutput 2008-12-29 20:00:59 ----D---- C:\Program Files\ContentaConverter-BASIC 2008-12-29 17:07:07 ----D---- C:\Program Files\Avira 2008-12-29 16:54:12 ----D---- C:\ProgramData\Avira 2008-12-29 07:19:49 ----D---- C:\Windows\pss 2008-12-28 06:34:33 ----D---- C:\VundoFix Backups 2008-12-28 02:34:07 ----SH---- C:\Windows\system32\spjycueu.ini 2008-12-28 02:31:08 ----A---- C:\Windows\system32\db424155-.txt 2008-12-28 02:26:14 ----ASH---- C:\Windows\system32\NnmVxGgh.ini 2008-12-28 02:26:14 ----A---- C:\Windows\system32\NnmVxGgh.ini2 2008-12-28 01:49:40 ----D---- C:\ProgramData\SiteAdvisor 2008-12-28 01:49:38 ----D---- C:\Program Files\SiteAdvisor 2008-12-28 01:38:58 ----D---- C:\ProgramData\McAfee 2008-12-27 18:16:00 ----A---- C:\Windows\system32\ztvunrar36.dll 2008-12-27 18:16:00 ----A---- C:\Windows\system32\ztvunace26.dll 2008-12-27 18:16:00 ----A---- C:\Windows\system32\ztvcabinet.dll 2008-12-27 18:16:00 ----A---- C:\Windows\system32\UNRAR3.dll 2008-12-27 18:16:00 ----A---- C:\Windows\system32\unacev2.dll 2008-12-27 18:15:58 ----D---- C:\Users\Fred\AppData\Roaming\Simply Super Software 2008-12-27 18:15:58 ----D---- C:\ProgramData\Simply Super Software 2008-12-27 18:15:58 ----D---- C:\Program Files\Trojan Remover 2008-12-26 17:00:55 ----D---- C:\My Videos 2008-12-26 16:59:00 ----D---- C:\ProgramData\Apowersoft 2008-12-26 16:58:44 ----D---- C:\Windows\Application Data 2008-12-26 12:58:01 ----D---- C:\Program Files\Navilog1 2008-12-25 21:30:34 ----D---- C:\Users\Fred\AppData\Roaming\Lavasoft 2008-12-25 21:06:45 ----D---- C:\Downloads 2008-12-25 21:06:35 ----D---- C:\Users\Fred\AppData\Roaming\Orbit 2008-12-25 20:25:03 ----D---- C:\Users\Fred\AppData\Roaming\AngelCleaner 2008-12-25 19:31:59 ----D---- C:\Users\Fred\AppData\Roaming\Malwarebytes 2008-12-25 19:31:49 ----D---- C:\ProgramData\Malwarebytes 2008-12-25 19:31:49 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2008-12-25 19:08:09 ----A---- C:\Windows\WRUninstall.dll 2008-12-24 21:54:36 ----D---- C:\Windows\system32\SpycatcherAgentSetupTemp 2008-12-24 21:51:01 ----D---- C:\Windows\Downloaded Installations 2008-12-24 20:00:16 ----D---- C:\Users\Fred\AppData\Roaming\Opera 2008-12-24 19:59:57 ----D---- C:\Program Files\Opera 2008-12-24 18:36:58 ----D---- C:\Users\Fred\AppData\Roaming\invibes 2008-12-24 18:11:50 ----D---- C:\ProgramData\Apple Computer 2008-12-24 18:11:45 ----D---- C:\Program Files\QT Lite 2008-12-24 18:11:19 ----D---- C:\Program Files\IVCsoft 2008-12-24 17:29:43 ----D---- C:\Users\Fred\AppData\Roaming\AVS4YOU 2008-12-24 17:00:39 ----D---- C:\Users\Fred\AppData\Roaming\AVSMedia 2008-12-24 17:00:12 ----D---- C:\ProgramData\AVS4YOU 2008-12-24 16:58:55 ----D---- C:\Program Files\Common Files\AVSMedia 2008-12-24 16:58:44 ----A---- C:\Windows\system32\msxml3a.dll 2008-12-24 16:58:42 ----A---- C:\Windows\system32\mcdvd_32.dll 2008-12-24 16:58:42 ----A---- C:\Windows\system32\divx.dll 2008-12-24 13:16:10 ----A---- C:\Windows\wininit.ini 2008-12-24 11:20:29 ----A---- C:\Windows\system32\TubeFinder.exe 2008-12-24 11:20:27 ----A---- C:\Windows\system32\PCCLPFR.DLL 2008-12-24 08:58:45 ----D---- C:\Program Files\Mozilla Firefox 2008-12-21 10:05:30 ----D---- C:\Program Files\Microsoft Office Outlook Connector 2008-12-21 10:04:06 ----D---- C:\Program Files\Microsoft 2008-12-21 10:03:34 ----D---- C:\Program Files\Windows Live SkyDrive 2008-12-18 09:46:39 ----A---- C:\Windows\system32\mshtml.dll 2008-12-17 11:39:51 ----D---- C:\Program Files\Microsoft LifeCam 2008-12-17 05:10:49 ----D---- C:\Program Files\IP Changer 2008-12-16 16:43:33 ----D---- C:\Users\Fred\AppData\Roaming\PeerNetworking 2008-12-13 21:42:19 ----D---- C:\Users\Fred\AppData\Roaming\skypePM 2008-12-13 21:37:55 ----D---- C:\ProgramData\Skype 2008-12-13 18:53:36 ----D---- C:\Users\Fred\AppData\Roaming\vlc 2008-12-12 03:01:32 ----A---- C:\Windows\system32\tzres.dll 2008-12-12 02:10:54 ----A---- C:\Windows\system32\Apphlpdm.dll 2008-12-12 02:10:53 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll 2008-12-12 02:10:08 ----A---- C:\Windows\system32\gdi32.dll 2008-12-12 02:10:02 ----A---- C:\Windows\system32\shell32.dll 2008-12-12 02:09:46 ----A---- C:\Windows\explorer.exe 2008-12-12 02:09:43 ----A---- C:\Windows\system32\WMVCORE.DLL 2008-12-12 02:09:43 ----A---- C:\Windows\system32\mf.dll 2008-12-12 02:09:42 ----A---- C:\Windows\system32\WMNetMgr.dll 2008-12-12 02:09:42 ----A---- C:\Windows\system32\logagent.exe 2008-12-03 18:40:27 ----A---- C:\Windows\system32\msvcr80.dll 2008-12-03 13:08:07 ----A---- C:\Windows\system32\javaws.exe 2008-12-03 13:08:07 ----A---- C:\Windows\system32\javaw.exe 2008-12-03 13:08:07 ----A---- C:\Windows\system32\java.exe 2008-12-02 22:37:20 ----A---- C:\Windows\system32\sirenacm.dll 2008-12-02 17:35:06 ----D---- C:\ProgramData\Grisoft 2008-12-02 11:29:55 ----D---- C:\Users\Fred\AppData\Roaming\vghd 2008-11-30 00:01:35 ----D---- C:\Program Files\Dealio 2008-11-30 00:00:55 ----A---- C:\Windows\system32\WMAFile.dll 2008-11-30 00:00:55 ----A---- C:\Windows\system32\AudPlayer.dll 2008-11-30 00:00:55 ----A---- C:\Windows\system32\AudioVisu.dll 2008-11-30 00:00:55 ----A---- C:\Windows\system32\AudioRecord.dll 2008-11-30 00:00:55 ----A---- C:\Windows\system32\AudioInfos.dll 2008-11-30 00:00:55 ----A---- C:\Windows\system32\AudFile.dll 2008-11-30 00:00:55 ----A---- C:\Windows\system32\AudDisplay.dll 2008-11-30 00:00:55 ----A---- C:\Windows\system32\AudDesign.dll 2008-11-30 00:00:54 ----A---- C:\Windows\system32\VB6STKIT.DLL 2008-11-30 00:00:54 ----A---- C:\Windows\system32\VB6FR.DLL 2008-11-30 00:00:54 ----A---- C:\Windows\system32\TABCTFR.DLL 2008-11-30 00:00:54 ----A---- C:\Windows\system32\MSCMCFR.DLL 2008-11-30 00:00:54 ----A---- C:\Windows\system32\Mscc2fr.dll 2008-11-30 00:00:54 ----A---- C:\Windows\system32\inetfr.DLL 2008-11-30 00:00:54 ----A---- C:\Windows\system32\CMDLGFR.DLL 2008-11-26 17:32:50 ----D---- C:\ProgramData\Messenger Plus! 2008-11-26 16:36:07 ----D---- C:\ProgramData\tpfmon 2008-11-26 04:32:14 ----A---- C:\Windows\system32\WindowsCodecsExt.dll 2008-11-26 04:32:14 ----A---- C:\Windows\system32\WindowsCodecs.dll 2008-11-26 04:32:14 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll 2008-11-26 04:32:13 ----A---- C:\Windows\system32\connect.dll 2008-11-26 04:32:12 ----A---- C:\Windows\system32\PortableDeviceApi.dll 2008-11-20 09:13:25 ----RHD---- C:\Users\Fred\AppData\Roaming\SecuROM 2008-11-17 16:01:48 ----D---- C:\Program Files\Common Files\Windows Live 2008-11-17 13:40:39 ----D---- C:\Users\Fred\AppData\Roaming\Jasc Software Inc 2008-11-17 13:40:39 ----D---- C:\Program Files\Common Files\Jasc Software Inc 2008-11-17 12:05:39 ----A---- C:\Windows\system32\XAudio2_0.dll 2008-11-17 12:05:39 ----A---- C:\Windows\system32\xactengine3_0.dll 2008-11-17 12:05:39 ----A---- C:\Windows\system32\X3DAudio1_3.dll 2008-11-17 12:05:39 ----A---- C:\Windows\system32\d3dx10_37.dll 2008-11-17 12:05:39 ----A---- C:\Windows\system32\D3DCompiler_37.dll 2008-11-17 12:05:38 ----A---- C:\Windows\system32\xactengine2_9.dll 2008-11-17 12:05:38 ----A---- C:\Windows\system32\xactengine2_10.dll 2008-11-17 12:05:38 ----A---- C:\Windows\system32\D3DX9_37.dll 2008-11-17 12:05:38 ----A---- C:\Windows\system32\d3dx9_36.dll 2008-11-17 12:05:38 ----A---- C:\Windows\system32\d3dx10_36.dll 2008-11-17 12:05:38 ----A---- C:\Windows\system32\D3DCompiler_36.dll 2008-11-17 12:05:37 ----A---- C:\Windows\system32\xactengine2_8.dll 2008-11-17 12:05:37 ----A---- C:\Windows\system32\X3DAudio1_2.dll 2008-11-17 12:05:37 ----A---- C:\Windows\system32\d3dx9_35.dll 2008-11-17 12:05:37 ----A---- C:\Windows\system32\d3dx10_35.dll 2008-11-17 12:05:37 ----A---- C:\Windows\system32\d3dx10_34.dll 2008-11-17 12:05:37 ----A---- C:\Windows\system32\D3DCompiler_35.dll 2008-11-17 12:05:37 ----A---- C:\Windows\system32\D3DCompiler_34.dll 2008-11-17 12:05:36 ----A---- C:\Windows\system32\d3dx9_34.dll 2008-11-16 15:30:51 ----A---- C:\Windows\system32\CmdLineExt.dll 2008-11-16 15:23:45 ----A---- C:\Windows\system32\xinput1_3.dll 2008-11-16 15:23:44 ----A---- C:\Windows\system32\xactengine2_7.dll 2008-11-16 15:23:44 ----A---- C:\Windows\system32\xactengine2_6.dll 2008-11-16 15:23:44 ----A---- C:\Windows\system32\xactengine2_5.dll 2008-11-16 15:23:44 ----A---- C:\Windows\system32\d3dx9_33.dll 2008-11-16 15:23:44 ----A---- C:\Windows\system32\d3dx10_33.dll 2008-11-16 15:23:44 ----A---- C:\Windows\system32\D3DCompiler_33.dll 2008-11-16 15:23:43 ----A---- C:\Windows\system32\xactengine2_4.dll 2008-11-16 15:23:43 ----A---- C:\Windows\system32\x3daudio1_1.dll 2008-11-16 15:23:43 ----A---- C:\Windows\system32\d3dx9_32.dll 2008-11-16 15:23:43 ----A---- C:\Windows\system32\d3dx10.dll 2008-11-16 15:23:42 ----A---- C:\Windows\system32\xinput1_2.dll 2008-11-16 15:23:42 ----A---- C:\Windows\system32\xinput1_1.dll 2008-11-16 15:23:42 ----A---- C:\Windows\system32\xactengine2_3.dll 2008-11-16 15:23:42 ----A---- C:\Windows\system32\xactengine2_2.dll 2008-11-16 15:23:42 ----A---- C:\Windows\system32\d3dx9_31.dll 2008-11-16 15:23:41 ----A---- C:\Windows\system32\xactengine2_1.dll 2008-11-16 15:23:33 ----A---- C:\Windows\system32\xactengine2_0.dll 2008-11-16 15:23:33 ----A---- C:\Windows\system32\d3dx9_30.dll 2008-11-16 15:23:32 ----A---- C:\Windows\system32\x3daudio1_0.dll 2008-11-16 15:23:32 ----A---- C:\Windows\system32\d3dx9_29.dll 2008-11-16 15:23:31 ----A---- C:\Windows\system32\d3dx9_28.dll 2008-11-16 15:23:31 ----A---- C:\Windows\system32\d3dx9_27.dll 2008-11-16 15:23:30 ----A---- C:\Windows\system32\d3dx9_26.dll 2008-11-16 15:23:30 ----A---- C:\Windows\system32\d3dx9_25.dll 2008-11-16 15:23:29 ----A---- C:\Windows\system32\d3dx9_24.dll 2008-11-16 15:10:05 ----D---- C:\Program Files\SEGA 2008-11-15 04:58:58 ----A---- C:\Windows\system32\wups2.dll 2008-11-15 04:58:58 ----A---- C:\Windows\system32\wucltux.dll 2008-11-15 04:58:58 ----A---- C:\Windows\system32\wuaueng.dll 2008-11-15 04:58:58 ----A---- C:\Windows\system32\wuauclt.exe 2008-11-15 04:58:39 ----A---- C:\Windows\system32\wups.dll 2008-11-15 04:58:39 ----A---- C:\Windows\system32\wudriver.dll 2008-11-15 04:58:39 ----A---- C:\Windows\system32\wuapi.dll 2008-11-15 04:58:32 ----A---- C:\Windows\system32\wuwebv.dll 2008-11-15 04:58:32 ----A---- C:\Windows\system32\wuapp.exe 2008-11-13 14:09:01 ----A---- C:\Windows\system32\CmdLineExt03.dll 2008-11-12 16:46:28 ----A---- C:\Windows\system32\uxtuneup.dll 2008-11-12 16:46:27 ----A---- C:\Windows\system32\authuitu.dll 2008-11-12 16:46:15 ----A---- C:\Windows\system32\TuneUpDefragService.exe 2008-11-12 16:45:55 ----D---- C:\ProgramData\TuneUp Software 2008-11-12 16:45:50 ----D---- C:\Program Files\TuneUp Utilities 2008 2008-11-12 16:32:35 ----D---- C:\Users\Fred\AppData\Roaming\TotalRecorder 2008-11-12 16:30:03 ----D---- C:\Program Files\HighCriteria 2008-11-12 13:18:48 ----D---- C:\TMOTM 2008-11-12 12:25:54 ----A---- C:\Windows\system32\msxml3.dll 2008-11-12 12:25:26 ----A---- C:\Windows\system32\msxml6.dll 2008-11-12 10:42:23 ----D---- C:\ProgramData\Spybot - Search & Destroy 2008-11-12 10:42:23 ----D---- C:\Program Files\Spybot - Search & Destroy 2008-11-11 23:20:50 ----D---- C:\Users\Fred\AppData\Roaming\2K Sports 2008-11-11 15:19:15 ----D---- C:\Program Files\Common Files\Ahead 2008-11-11 11:18:16 ----D---- C:\Program Files\Microsoft Works 2008-11-11 11:16:58 ----D---- C:\Program Files\Microsoft Visual Studio 2008-11-11 11:16:58 ----D---- C:\Program Files\Common Files\DESIGNER 2008-11-11 11:15:58 ----D---- C:\Program Files\Microsoft.NET 2008-11-11 11:13:10 ----D---- C:\Program Files\Microsoft Visual Studio 8 2008-11-11 11:11:51 ----D---- C:\Program Files\Microsoft Office 2008-11-11 11:11:50 ----D---- C:\ProgramData\Microsoft Help 2008-11-11 11:10:35 ----RHD---- C:\MSOCache 2008-11-11 10:50:40 ----D---- C:\Program Files\DAEMON Tools Lite 2008-11-11 10:45:56 ----D---- C:\Users\Fred\AppData\Roaming\DAEMON Tools 2008-11-11 06:00:43 ----A---- C:\Windows\system32\tsccvid.dll 2008-11-11 06:00:28 ----D---- C:\ProgramData\TechSmith 2008-11-11 06:00:07 ----D---- C:\Program Files\Common Files\TechSmith Shared 2008-11-11 06:00:06 ----D---- C:\Program Files\TechSmith 2008-11-10 17:30:51 ----D---- C:\Program Files\Zards software 2008-11-10 15:52:49 ----HD---- C:\_Backup 2008-11-10 15:52:48 ----D---- C:\Users\Fred\AppData\Roaming\Avanquest 2008-11-10 15:52:34 ----D---- C:\ProgramData\Avanquest 2008-11-10 15:51:36 ----D---- C:\Program Files\Avanquest 2008-11-10 15:38:34 ----A---- C:\Windows\SuperUtil.ini 2008-11-10 15:23:05 ----D---- C:\ProgramData\Ashampoo 2008-11-03 23:30:19 ----D---- C:\Program Files\Camfrog 2008-10-31 22:13:55 ----A---- C:\Windows\system32\EncDec.dll 2008-10-31 22:13:54 ----A---- C:\Windows\system32\psisdecd.dll ======List of files/folders modified in the last 2 months====== 2008-12-30 11:40:27 ----D---- C:\Windows\Temp 2008-12-30 11:34:25 ----RD---- C:\Program Files 2008-12-30 10:25:11 ----A---- C:\Windows\NeroDigital.ini 2008-12-30 09:55:16 ----HD---- C:\ProgramData 2008-12-30 09:14:35 ----SHD---- C:\Windows\Installer 2008-12-30 09:14:21 ----D---- C:\Windows\System32 2008-12-30 09:13:26 ----D---- C:\Windows\Prefetch 2008-12-30 09:09:19 ----D---- C:\Program Files\K-Lite Codec Pack 2008-12-30 05:48:19 ----D---- C:\Windows 2008-12-30 05:02:09 ----AD---- C:\ProgramData\TEMP 2008-12-29 17:07:07 ----D---- C:\Windows\system32\drivers 2008-12-29 17:02:32 ----D---- C:\Windows\system32\config 2008-12-29 14:59:14 ----SD---- C:\Users\Fred\AppData\Roaming\Microsoft 2008-12-29 07:48:48 ----D---- C:\Windows\rescache 2008-12-29 07:21:00 ----D---- C:\Windows\system32\fr-FR 2008-12-29 06:59:21 ----D---- C:\Windows\winsxs 2008-12-29 05:04:17 ----SD---- C:\Windows\Downloaded Program Files 2008-12-28 10:31:48 ----D---- C:\Program Files\MP3Gain 2008-12-28 10:13:59 ----RD---- C:\Users 2008-12-28 04:04:56 ----D---- C:\Windows\system32\catroot2 2008-12-28 03:30:49 ----D---- C:\Windows\system32\catroot 2008-12-28 03:30:48 ----D---- C:\Windows\inf 2008-12-28 02:21:11 ----D---- C:\ProgramData\Kaspersky Lab Setup Files 2008-12-28 02:19:56 ----D---- C:\Program Files\Common Files 2008-12-28 02:18:13 ----D---- C:\Windows\Tasks 2008-12-28 01:47:02 ----D---- C:\Windows\system32\Tasks 2008-12-28 00:09:25 ----A---- C:\Windows\bdagent.INI 2008-12-27 07:53:21 ----D---- C:\Program Files\CCleaner 2008-12-26 22:31:51 ----D---- C:\Program Files\a-squared Free 2008-12-26 17:26:35 ----D---- C:\Program Files\Messenger Plus! Live 2008-12-26 13:49:50 ----SHD---- C:\Boot 2008-12-26 09:45:32 ----D---- C:\Program Files\Lphant 2008-12-24 18:22:03 ----D---- C:\Program Files\VSO 2008-12-24 18:21:38 ----D---- C:\Users\Fred\AppData\Roaming\Vso 2008-12-24 18:21:23 ----A---- C:\Users\Fred\AppData\Roaming\inst.exe 2008-12-24 17:09:14 ----RSD---- C:\Windows\Fonts 2008-12-22 14:44:14 ----D---- C:\Windows\Minidump 2008-12-21 10:05:30 ----D---- C:\Program Files\Common Files\System 2008-12-21 10:03:50 ----D---- C:\Program Files\Common Files\microsoft shared 2008-12-20 16:48:49 ----A---- C:\Windows\system32\PerfStringBackup.INI 2008-12-17 11:42:28 ----D---- C:\Windows\twain_32 2008-12-17 11:39:32 ----RSD---- C:\Windows\assembly 2008-12-17 11:30:31 ----D---- C:\ProgramData\Logishrd 2008-12-17 05:50:49 ----D---- C:\Users\Fred\AppData\Roaming\FileZilla 2008-12-17 04:28:03 ----D---- C:\Program Files\IncrediMail 2008-12-16 16:43:27 ----SHD---- C:\System Volume Information 2008-12-12 19:07:13 ----D---- C:\Windows\Debug 2008-12-12 03:12:23 ----D---- C:\Windows\AppPatch 2008-12-12 03:12:23 ----D---- C:\Program Files\Windows Mail 2008-12-10 00:24:37 ----A---- C:\Windows\system32\mrt.exe 2008-12-03 13:08:05 ----D---- C:\Program Files\Java 2008-12-03 09:39:43 ----D---- C:\Program Files\Windows Live Safety Center 2008-12-02 20:41:18 ----HD---- C:\Program Files\InstallShield Installation Information 2008-12-02 20:18:56 ----SD---- C:\ProgramData\Microsoft 2008-12-02 13:25:10 ----D---- C:\Program Files\IceOp 2008-11-26 16:19:02 ----D---- C:\Program Files\Windows Live 2008-11-26 16:14:25 ----D---- C:\ProgramData\WLInstaller 2008-11-17 16:35:15 ----D---- C:\Windows\Microsoft.NET 2008-11-17 13:40:39 ----D---- C:\Program Files\Jasc Software Inc 2008-11-16 15:53:38 ----D---- C:\Program Files\WinRAR 2008-11-12 21:00:27 ----SHD---- C:\$Recycle.Bin 2008-11-12 19:15:09 ----D---- C:\Windows\system32\wbem 2008-11-12 19:14:20 ----D---- C:\Windows\system32\spool 2008-11-12 19:14:20 ----D---- C:\Windows\system32\CodeIntegrity 2008-11-12 19:14:20 ----D---- C:\Program Files\Common Files\Wise Installation Wizard 2008-11-12 19:14:19 ----D---- C:\Windows\registration 2008-11-11 18:57:09 ----A---- C:\Windows\win.ini 2008-11-11 15:21:53 ----D---- C:\Windows\ehome 2008-11-11 15:19:16 ----D---- C:\ProgramData\Nero 2008-11-11 15:19:15 ----D---- C:\Program Files\Nero 2008-11-11 11:21:29 ----D---- C:\Program Files\Zeallsoft 2008-11-11 11:17:40 ----D---- C:\Program Files\MSBuild 2008-11-11 11:16:52 ----D---- C:\Windows\ShellNew 2008-11-11 10:49:37 ----D---- C:\Users\Fred\AppData\Roaming\Camfrog 2008-11-10 20:16:05 ----D---- C:\ProgramData\NVIDIA 2008-11-10 16:16:44 ----D---- C:\ProgramData\ma-config.com 2008-11-10 16:16:44 ----D---- C:\Program Files\ma-config.com 2008-11-10 15:21:54 ----D---- C:\Program Files\Video Snapshots Genius 2008-11-10 05:43:30 ----A---- C:\Windows\system32\deploytk.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-10-30 75072] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248] R2 tifsfilter;Acronis True Image FS Filter; C:\Windows\system32\DRIVERS\tifsfilt.sys [2008-08-22 44384] R3 athrusb;Atheros Wireless LAN USB device driver; C:\Windows\system32\DRIVERS\athrusb.sys [2006-12-22 449536] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-20 52032] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-09-24 2171672] R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\Windows\system32\DRIVERS\ManyCam.sys [2008-01-14 21632] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-06-19 7468128] R3 tapvpn;TAP VPN Adapter; C:\Windows\system32\DRIVERS\tapvpn.sys [2008-01-23 27136] R3 TotRec7;Total Recorder WDM audio driver; C:\Windows\system32\drivers\TotRec7.sys [2008-10-27 127496] R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-18 73088] R3 VX1000;VX-1000; C:\Windows\system32\DRIVERS\VX1000.sys [2007-04-10 1966312] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328] R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-05-20 303616] S1 SuperMounter;SuperMounter; C:\Windows\system32\drivers\SuperMounter.sys [] S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\Windows\system32\drivers\NSDriver.sys [2008-04-29 15648] S3 ATE_PROCMON;ATE_PROCMON; \??\C:\Program Files\Anti Trojan Elite\ATEPMon.sys [] S3 ATIAVPCI;ATI Unified AVStream service; C:\Windows\system32\DRIVERS\atinavrr.sys [2006-11-02 377472] S3 atjcteny;atjcteny; C:\Windows\system32\drivers\atjcteny.sys [] S3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys [] S3 catchme;catchme; \??\C:\Users\Fred\AppData\Local\Temp\catchme.sys [] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2008-11-02 15360] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632] S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\lvusbsta.sys [] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016] S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2008-09-25 47360] S3 pfsvgae;pfsvgae; \??\C:\Users\Fred\AppData\Local\Temp\pfsvgae.sys [] S3 Ph3xIB32;Philips 713x Inbox PCI TV Card; C:\Windows\system32\DRIVERS\Ph3xIB32.sys [2006-11-02 1083520] S3 QCMerced;Logitech QuickCam Communicate; C:\Windows\system32\DRIVERS\LVCM.sys [2005-05-27 1317152] S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2008-12-17 419448] R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-06-02 611664] R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865] R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-10 116040] R2 Diskeeper;Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2007-10-16 1094936] R2 HotspotShieldService;Hotspot Shield Service; C:\Program Files\Hotspot Shield\bin\openvpnas.exe [2008-08-27 84440] R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-05-17 271720] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-06-19 118784] R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920] R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-07-07 809296] R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-18 21504] S2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [] S2 FileZilla Server;FileZilla Server FTP server; C:\Program Files\FileZilla Server\FileZilla Server.exe [] S2 Fix-It Task Manager;Fix-It Task Manager; C:\PROGRA~1\AVANQU~1\Fix-It\mxtask.exe -Service [] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-11-02 195752] S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2008-04-08 800040] S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2008-11-12 355584] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] -----------------EOF----------------- et: info.txt logfile of random's system information tool 1.05 2008-12-30 11:34:39 ======Uninstall list====== -->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\Windows\UNNeroBackItUp.exe /UNINSTALL -->C:\Windows\UNNeroMediaHome.exe /UNINSTALL -->C:\Windows\UNNeroShowTime.exe /UNINSTALL -->C:\Windows\UNNeroVision.exe /UNINSTALL -->C:\Windows\UNRecode.exe /UNINSTALL 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF} Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001} Apple Mobile Device Support-->MsiExec.exe /I{35B91753-5789-4517-9CF1-2CCE3A8CF4F1} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe a-squared Free 4.0-->"C:\Program Files\a-squared Free\unins000.exe" Assistant de connexion Windows Live-->MsiExec.exe /I{D6E592B3-67DA-4BBB-9783-E1838FB253A2} Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE Camfrog Video Chat 5.1-->"C:\Program Files\Camfrog\Camfrog Video Chat\uninstall.exe" Camtasia Studio 5-->MsiExec.exe /I{33583C2B-04FF-4E17-A446-2C29A998129E} CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} Contenta Converter BASIC-->C:\Program Files\ContentaConverter-BASIC\uninstall.exe Diskeeper 2008 Pro Premier-->MsiExec.exe /X{4ECCF281-ED79-4EA7-AE89-5E39D3291C2A} DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe" HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall Hotspot Shield 1.07-->C:\Program Files\Hotspot Shield\Uninstall.exe IceOp-->C:\Program Files\IceOp\Uninstall.exe IncrediMail-->C:\Program Files\IncrediMail\bin\ImSetup.exe /remove /addon:IncrediMail /log:IncMail.log Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{3CCB732A-E472-4CF9-B1EE-F18365341FE0} Jasc Paint Shop Pro 9-->MsiExec.exe /I{F843C6A3-224D-4615-94F8-3C461BD9AEA0} Java 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF} JiaoMPC-->MsiExec.exe /I{1F5BAF83-7E8E-4E5F-BB73-C9255D5264B4} Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A} K-Lite Mega Codec Pack 2.2.5-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" Lphant v3.51-->"C:\Program Files\Lphant\unins000.exe" Ma-Config.com-->MsiExec.exe /X{DD987A54-122B-4CFD-A8C5-5577027A6B78} Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" ManyCam 2.3 (remove only)-->"C:\Program Files\ManyCam 2.3\uninstall.exe" Marvell Miniport Driver-->C:\Program Files\Marvell\Miniport Driver\Uninst.exe Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe" Microsoft LifeCam-->MsiExec.exe /X{968D41C3-25BB-4632-A6DF-2E1C8F0143A4} Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE} Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB} Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC} Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0120-040C-0000-0000000FF1CE} Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} Nero 7 Premium-->MsiExec.exe /X{98EFD8F0-08DE-48DB-B922-A2EBAB711036} neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI Opera 9.63-->MsiExec.exe /X{1BC4026B-1957-4514-9058-2B542557F143} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} QT Lite 2.7.0-->"C:\Program Files\QT Lite\unins000.exe" Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly Sagem Wi-Fi 11g USB adapter (driver)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2ED60C17-4568-4CD5-830A-03C4688B09A1}\setup.exe" -l0x40c SAGEM Wi-Fi 11g USB adapter (pilote)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7421E270-0140-4F62-AE39-ECB9F1C81B35}\setup.exe" -l0x40c SAGEM Wi-Fi 11g USB adapter (pilote)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E2AA331E-E10E-438C-B1C0-24B2FFD3D9C4}\setup.exe" -l0x40c Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85} Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7} Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2} Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B} Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77} Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85} Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F} Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC} Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C} Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe Total Recorder 7.1-->"C:\Program Files\HighCriteria\TotalRecorder\setup.exe" U Trojan Remover 6.7.5-->"C:\Program Files\Trojan Remover\unins000.exe" TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA} Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {49E314EE-81FA-4007-8F1A-8D39BDBB4498} Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756} Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {80E46078-C1C5-4AE8-8744-3EAFC812E118} Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278} Update for Outlook 2007 Junk Email Filter (kb958619)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {79B301C1-DBC0-467C-AFDA-2A6CDAFA4302} Virtual DJ - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe Winamp-->"C:\Program Files\Winamp\UninstWA.exe" Windows Live Call-->MsiExec.exe /I{01523985-2098-43AF-9C97-12B07BE02A9B} Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B} Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657} Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C} Windows Live OneCare safety scanner-->"C:\Program Files\Windows Live Safety Center\UnInstall.exe" Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D} ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======Security center information====== AS: Spybot - Search and Destroy AS: AVG Anti-Spyware (disabled) (outdated) AS: Windows Defender (disabled) (outdated) System event log Computer Name: PC-de-Fred Event Code: 7036 Message: Le service Programme d’installation de modules Windows est entré dans l'état : en cours d'exécution. Record Number: 84427 Source Name: Service Control Manager Time Written: 20081230081851.000000-000 Event Type: Information User: Computer Name: PC-de-Fred Event Code: 7036 Message: Le service Programme d’installation de modules Windows est entré dans l'état : arrêté. Record Number: 84428 Source Name: Service Control Manager Time Written: 20081230082851.000000-000 Event Type: Information User: Computer Name: PC-de-Fred Event Code: 7036 Message: Le service Service de découverte automatique de Proxy Web pour les services HTTP Windows est entré dans l'état : arrêté. Record Number: 84429 Source Name: Service Control Manager Time Written: 20081230083217.000000-000 Event Type: Information User: Computer Name: PC-de-Fred Event Code: 7036 Message: Le service Service de découverte automatique de Proxy Web pour les services HTTP Windows est entré dans l'état : en cours d'exécution. Record Number: 84430 Source Name: Service Control Manager Time Written: 20081230095340.000000-000 Event Type: Information User: Computer Name: PC-de-Fred Event Code: 7036 Message: Le service Service de découverte automatique de Proxy Web pour les services HTTP Windows est entré dans l'état : arrêté. Record Number: 84431 Source Name: Service Control Manager Time Written: 20081230101010.000000-000 Event Type: Information User: Application event log Computer Name: PC-de-Fred Event Code: 1003 Message: Le service Windows Search a été démarré. Record Number: 30415 Source Name: Microsoft-Windows-Search Time Written: 20081230081549.000000-000 Event Type: Information User: Computer Name: PC-de-Fred Event Code: 1000 Message: Application défaillante EasyBurner.exe, version 1.0.0.4, horodatage 0x4772182c, module défaillant FoxBurner.dll, version 6.0.6001.18000, horodatage 0x4791a7a6, code d’exception 0xc0000135, décalage d’erreur 0x00009cac, ID du processus 0x868, heure de début de l’application 0x01c96a56de9d9d4e. Record Number: 30416 Source Name: Application Error Time Written: 20081230081610.000000-000 Event Type: Erreur User: Computer Name: PC-de-Fred Event Code: 1001 Message: Récipient d’erreurs 667726199, type 1 Événement : APPCRASH Réponse : Aucun ID de CAB : 0 Signature du problème : P1 : EasyBurner.exe P2 : 1.0.0.4 P3 : 4772182c P4 : FoxBurner.dll P5 : 6.0.6001.18000 P6 : 4791a7a6 P7 : c0000135 P8 : 00009cac P9 : P10 : Fichiers joints : C:\Users\Fred\AppData\Local\Temp\WERF41E.tmp.version.txt Ces fichiers sont peut-être disponibles ici : C:\Users\Fred\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report08950b26 Record Number: 30417 Source Name: Windows Error Reporting Time Written: 20081230081619.000000-000 Event Type: Information User: Computer Name: PC-de-Fred Even

Bonjour au forum!! OS: Vista AV: Antivir Voici mon soucis : Il y a quelques temps , au démarrage de Windows , Trojan Remover me détectait : C:\Windows\system32\jkkIXpQk.dll comme trojan VirtuaMonde et me donnait le chemin d'accès et me conseillait de relancer Trojan Remover afin de rescanner et de nettoyer. Malheureusement , en relancant le scan pour nettoyer , il ne me le détectait plus! Je l'ai donc supprimé a l'aide de Navilog.Au redémarrage , j'avais un message d'alerte me disant que C:\Windows\system32\jkkIXpQk.dll, ne pouvait etre lancé.Je suis allé dans ms.config, démarrage , et j ai décoché : MSServer situé dans HKLM/Software/Microsoft/Windows/CurrentVersion/Run pour ne plus avoir ce message d'alerte.Cependant , au scan de démarrage de Trojan Remover, il me trouve toujours : C:\Windows\system32\jkkIXpQk.dll, disant : A file with this name"has not" been found(it may be hidden), Appears to contain : TROJAN.VIRTUAMONDE (HEURISTIC DETECTION). Comment faire pour me débarraser de ca, ansi que de MSServeur ?? Merci d'avance!