Aller au contenu

realisateur

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    12

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par realisateur

  1. realisateur
    Vraiment merci. Ca faisait longtemps que mon ordi n'a pas été aussi véloce ! Voici le RSIT Logfile of random's system information tool 1.06 (written by random/random) Run by cedric at 2009-06-20 09:14:57 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 7 GB (15%) free of 45 GB Total RAM: 1023 MB (48% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:15:03, on 20/06/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\system32\AvidSDMService.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\ATK0100\HControl.exe C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\Program Files\ASUS\Wireless Console\wcourier.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\TomTom HOME\TomTomHOME.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\WengoPhone\qtwengophone.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\cedric\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\PROGRA~1\MICROS~4\rapimgr.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe C:\Documents and Settings\cedric\Bureau\RSIT.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\trend micro\cedric.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll O2 - BHO: Google Dictionary Compression sdch - {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe O4 - HKLM\..\Run: [Wireless Console] C:\Program Files\ASUS\Wireless Console\wcourier.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1 O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [WengoPhoneNG] C:\Program Files\WengoPhone\qtwengophone.exe -b O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\cedric\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: rncsys32.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Video URL Extractor - {F6E600B5-48EA-421A-AF6A-61948BB737F3} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Video URL Extractor... - {F6E600B5-48EA-421A-AF6A-61948BB737F3} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} - O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8300.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/...tiveXPlugin.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.ipernity.com/E/Applets/Uploader...oader4.cab?v4.7 O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (antivirscheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (antivirservice) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Avid SDM Service (AvidSDMService) - Avid Technology, Inc. - C:\WINDOWS\system32\AvidSDMService.exe O23 - Service: Avid Startup (AvidStartup) - Unknown owner - C:\WINDOWS\system32\AvidStartup.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Update Service (gupdate1c985d81c5efe6c) (gupdate1c985d81c5efe6c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe -- End of file - 14580 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\WGASetup.job C:\WINDOWS\tasks\Google Software Updater.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1043688568-3843691352-3439686833-1004.job C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-09-28 308832] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}] Megaupload Toolbar - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL [2007-07-31 1933256] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-04-17 323904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{aa58ed58-01dd-4d91-8333-cf10577473f7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-15 259696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-24 668656] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}] IeMonitorBho Class - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll [2007-08-16 110592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c84d72fe-e17d-4195-bb24-76c02e2e7c4e}] Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-05-03 470512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-21 41368] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}] FlashFXP Helper for Internet Explorer - C:\PROGRA~1\FlashFXP\IEFlash.dll [2005-05-04 191096] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-21 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - Megaupload Toolbar - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL [2007-07-31 1933256] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-15 259696] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "HControl"=C:\WINDOWS\ATK0100\HControl.exe [2005-04-12 102400] "ASUS Live Update"=C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2003-09-19 172032] "Wireless Console"=C:\Program Files\ASUS\Wireless Console\wcourier.exe [2005-03-02 57344] "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-12-22 98394] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-12-22 688218] "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-02-12 339968] "Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2004-09-21 81920] "H2O"=C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [2005-05-11 200069] "RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-11-05 73728] "TomTomHOME.exe"=C:\Program Files\TomTom HOME\TomTomHOME.exe [2007-03-14 3770024] "Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-02 29744] "IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2007-10-08 995328] "IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2007-10-08 1101824] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-12-03 282624] "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-09-28 185872] "LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-01-19 221184] "LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2005-01-19 458752] "LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2005-01-19 217088] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-21 148888] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-13 68856] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-02-12 21898024] "SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2006-07-07 1052672] "WengoPhoneNG"=C:\Program Files\WengoPhone\qtwengophone.exe [2006-12-11 6254592] "Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-02 29744] "H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360] "Google Update"=C:\Documents and Settings\cedric\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-11-12 133104] "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-04-08 251240] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] C:\WINDOWS\SOUNDMAN.EXE [2004-11-05 73728] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe C:\Documents and Settings\cedric\Menu Démarrer\Programmes\Démarrage rncsys32.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2005-02-12 61440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-05 240128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Messenger\MSMSGS.EXE"="C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger" "C:\Program Files\FlashFXP\flashfxp.exe"="C:\Program Files\FlashFXP\flashfxp.exe:*:Enabled:FlashFXP v3" "C:\Program Files\ASUS\ASUS Live Update\LiveUpdt.exe"="C:\Program Files\ASUS\ASUS Live Update\LiveUpdt.exe:*:Enabled:LiveUpdt" "C:\Program Files\WengoPhone\qtwengophone.exe"="C:\Program Files\WengoPhone\qtwengophone.exe:*:Enabled:WengoPhone" "C:\Program Files\Resolume-2-2\resolume.exe"="C:\Program Files\Resolume-2-2\resolume.exe:*:Enabled:Resolume 2.2" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\Documents and Settings\CEDRIC\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll"="C:\Documents and Settings\CEDRIC\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin" "C:\Documents and Settings\CEDRIC\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\CEDRIC\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. The whole world can talk for free." [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\FlashFXP\flashfxp.exe"="C:\Program Files\FlashFXP\flashfxp.exe:*:Enabled:FlashFXP v3" "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" ======File associations====== .js - open - ======List of files/folders created in the last 3 months====== 2009-06-20 00:55:53 ----SHD---- C:\Recycled 2009-06-20 00:55:27 ----D---- C:\_OTM 2009-06-18 23:23:22 ----A---- C:\WINDOWS\system32\javaws.exe 2009-06-18 23:23:22 ----A---- C:\WINDOWS\system32\javaw.exe 2009-06-18 23:23:22 ----A---- C:\WINDOWS\system32\java.exe 2009-06-18 14:22:55 ----D---- C:\WINDOWS\temp 2009-06-18 08:51:12 ----A---- C:\WINDOWS\ntbtlog.txt 2009-06-18 08:42:22 ----D---- C:\Documents and Settings\cedric\Application Data\Malwarebytes 2009-06-18 08:42:16 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-06-18 08:42:16 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-06-18 00:49:01 ----D---- C:\Program Files\Avira 2009-06-18 00:49:01 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2009-06-17 12:57:20 ----A---- C:\Boot.bak 2009-06-17 12:57:16 ----RASHD---- C:\cmdcons 2009-06-17 12:54:19 ----D---- C:\WINDOWS\ERDNT 2009-06-17 11:18:11 ----D---- C:\Program Files\trend micro 2009-06-17 11:18:10 ----D---- C:\rsit 2009-06-15 17:19:17 ----D---- C:\Documents and Settings\cedric\Application Data\AVS4YOU 2009-06-15 17:19:10 ----D---- C:\Documents and Settings\All Users\Application Data\AVS4YOU 2009-06-15 17:13:59 ----D---- C:\Program Files\Fichiers communs\AVSMedia 2009-06-15 17:13:59 ----D---- C:\Program Files\AVS4YOU 2009-06-11 00:01:03 ----HD---- C:\WINDOWS\$NtUninstallKB961501$ 2009-06-11 00:00:46 ----HD---- C:\WINDOWS\$NtUninstallKB969897$ 2009-06-11 00:00:38 ----HD---- C:\WINDOWS\$NtUninstallKB969898$ 2009-06-10 23:59:04 ----HD---- C:\WINDOWS\$NtUninstallKB970238$ 2009-06-10 23:59:00 ----A---- C:\WINDOWS\imsins.BAK 2009-06-10 23:58:55 ----HD---- C:\WINDOWS\$NtUninstallKB968537$ 2009-05-29 09:13:49 ----A---- C:\WINDOWS\system32\deploytk.dll 2009-04-22 11:06:02 ----D---- C:\Documents and Settings\cedric\Application Data\avidemux 2009-04-22 11:05:45 ----D---- C:\Program Files\Avidemux 2.4 2009-04-16 00:56:14 ----HD---- C:\WINDOWS\$NtUninstallKB959426$ 2009-04-16 00:56:09 ----HD---- C:\WINDOWS\$NtUninstallKB961373$ 2009-04-16 00:54:06 ----HD---- C:\WINDOWS\$NtUninstallKB956572$ 2009-04-16 00:53:55 ----HD---- C:\WINDOWS\$NtUninstallKB952004$ 2009-04-16 00:53:50 ----HD---- C:\WINDOWS\$NtUninstallKB960803$ 2009-04-16 00:53:32 ----HD---- C:\WINDOWS\$NtUninstallKB963027$ 2009-04-16 00:53:23 ----HD---- C:\WINDOWS\$NtUninstallKB923561$ 2009-04-14 01:54:44 ----D---- C:\WINDOWS\system32\KB905474 2009-04-02 10:11:48 ----D---- C:\OMFI MediaFiles 2009-03-31 23:45:03 ----D---- C:\WINDOWS\ie8updates 2009-03-31 23:41:47 ----A---- C:\WINDOWS\system32\ieencode.dll 2009-03-29 13:48:47 ----D---- C:\Documents and Settings\cedric\Application Data\TomTom 2009-03-29 13:48:40 ----D---- C:\Program Files\TomTom International B.V 2009-03-29 13:48:21 ----D---- C:\Program Files\TomTom HOME 2 2009-03-27 12:06:04 ----RSH---- C:\WINDOWS\system32\nbDX.dll 2009-03-27 12:06:04 ----RSH---- C:\WINDOWS\system32\msfDX.dll ======List of files/folders modified in the last 3 months====== 2009-06-20 01:26:54 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-06-18 14:27:58 ----A---- C:\WINDOWS\system.ini 2009-06-17 12:57:22 ----RASH---- C:\boot.ini 2009-06-16 13:18:50 ----A---- C:\WINDOWS\lexstat.ini 2009-06-15 12:11:38 ----A---- C:\WINDOWS\NeroDigital.ini 2009-06-01 18:51:12 ----A---- C:\WINDOWS\system32\MRT.exe 2009-05-11 21:51:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-05-07 17:43:40 ----A---- C:\WINDOWS\system32\localspl.dll 2009-05-02 19:10:04 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #2.txt 2009-05-01 10:15:56 ----A---- C:\WINDOWS\E220AutoRunLog.tmp 2009-04-29 13:23:20 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt 2009-04-29 06:52:40 ----A---- C:\WINDOWS\system32\mshtml.dll 2009-04-29 06:52:36 ----A---- C:\WINDOWS\system32\urlmon.dll 2009-04-29 06:52:36 ----A---- C:\WINDOWS\system32\browseui.dll 2009-04-29 06:52:34 ----A---- C:\WINDOWS\system32\wininet.dll 2009-04-29 06:52:34 ----A---- C:\WINDOWS\system32\shlwapi.dll 2009-04-29 06:52:34 ----A---- C:\WINDOWS\system32\shdocvw.dll 2009-04-29 06:52:34 ----A---- C:\WINDOWS\system32\pngfilt.dll 2009-04-29 06:52:34 ----A---- C:\WINDOWS\system32\mstime.dll 2009-04-29 06:52:34 ----A---- C:\WINDOWS\system32\mshtmled.dll 2009-04-29 06:52:34 ----A---- C:\WINDOWS\system32\jsproxy.dll 2009-04-29 06:52:32 ----A---- C:\WINDOWS\system32\msrating.dll 2009-04-29 06:52:32 ----A---- C:\WINDOWS\system32\inseng.dll 2009-04-29 06:52:32 ----A---- C:\WINDOWS\system32\iepeers.dll 2009-04-29 06:52:32 ----A---- C:\WINDOWS\system32\extmgr.dll 2009-04-29 06:52:32 ----A---- C:\WINDOWS\system32\Dxtrans.dll 2009-04-29 06:52:32 ----A---- C:\WINDOWS\system32\Dxtmsft.dll 2009-04-29 06:52:32 ----A---- C:\WINDOWS\system32\danim.dll 2009-04-29 06:52:32 ----A---- C:\WINDOWS\system32\cdfview.dll 2009-04-27 11:48:30 ----A---- C:\WINDOWS\system32\xpsp3res.dll 2009-04-15 17:17:18 ----A---- C:\WINDOWS\system32\rpcrt4.dll 2009-04-10 23:05:26 ----A---- C:\ASLog.txt 2009-03-21 16:20:10 ----A---- C:\WINDOWS\system32\kernel32.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2001-02-01 25244] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-06-18 75096] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248] R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2004-10-05 62799] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-11-16 21361] R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys [] R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-09-02 13059] R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-08-27 12288] R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2004-09-10 84064] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-11-05 2284864] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-02-12 986624] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [] R3 CLEDX;Team H2O CLEDX service; C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 33792] R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080] R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-09-02 1041536] R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-09-02 200064] R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824] R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 SMCIRDA;SMSC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2005-01-09 46592] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-12-22 186240] R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2005-01-08 51582] R3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2005-01-17 98304] R3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2004-07-09 36531] R3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2004-11-16 50048] R3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-07 18612] R3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2004-12-22 34816] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] R3 w29n51;Pilote de carte de connexion réseau Intel® PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2007-07-25 2210048] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-09-02 685056] R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\yukonwxp.sys [2004-06-01 142464] S1 df21453a;df21453a; C:\WINDOWS\System32\drivers\df21453a.sys [] S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848] S2 Nsynas32;Nsynas32; C:\WINDOWS\system32\drivers\Nsynas32.sys [2001-04-09 17784] S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2004-08-03 48128] S3 Asushwio;Asushwio; \??\C:\WINDOWS\system32\drivers\Asushwio.sys [] S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2004-08-03 38912] S3 AVCSTRM;AVC Streaming Filter Driver; C:\WINDOWS\system32\DRIVERS\avcstrm.sys [2004-08-03 13696] S3 camvid20;Philips ToUcam Camera; Video; C:\WINDOWS\system32\DRIVERS\camdrv21.sys [2001-08-17 223232] S3 catchme;catchme; \??\C:\DOCUME~1\cedric\LOCALS~1\Temp\catchme.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 CO_Mon;CO_Mon; \??\C:\WINDOWS\system32\Drivers\CO_Mon.sys [] S3 cxwibu;Team H2O WIBU Driver; \??\C:\Program Files\WIBUKEY\H2O\cxwibu.sys [] S3 EchoIndigoIO;Echo Indigo io Service; C:\WINDOWS\system32\drivers\echondgo.sys [2003-08-25 124160] S3 hdsp;RME Hammerfall Audio Device; C:\WINDOWS\system32\DRIVERS\hdsp.sys [] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2007-04-20 100992] S3 IKFileSec;File Security Driver; C:\WINDOWS\system32\drivers\ikfilesec.sys [2009-01-13 40840] S3 IKSysFlt;System Filter Driver; C:\WINDOWS\system32\drivers\iksysflt.sys [2009-01-13 66952] S3 IKSysSec;System Security Driver; C:\WINDOWS\system32\drivers\iksyssec.sys [2009-01-13 81288] S3 LMASFltr;LMASFltr; C:\WINDOWS\system32\drivers\LMASFltr.sys [] S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-04-01 22016] S3 massfilter;ZTE Mass Storage Filter Driver; C:\WINDOWS\system32\drivers\massfilter.sys [] S3 MMAUSB;M-Audio USB ASIO Driver; C:\WINDOWS\System32\Drivers\MMAUSB.SYS [] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-03 15360] S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2004-08-03 51328] S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2004-08-03 22016] S3 MSTAPE;Microsoft AV/C Tape Subunit Device; C:\WINDOWS\system32\DRIVERS\mstape.sys [2004-08-03 49024] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-05 40320] S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2005-04-01 7072] S3 phil2vid;Appareil photo VGA USB Philips PCVC690; C:\WINDOWS\system32\DRIVERS\philcam2.sys [2001-08-17 173696] S3 PID_08A0;Labtec WebCam(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2005-04-01 913280] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2002-10-17 2851] S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2004-12-16 50048] S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2005-10-21 12800] S3 USB28xxBGA;Pinnacle PCTV DVB-T USB Stick; C:\WINDOWS\system32\DRIVERS\emBDA.sys [2005-11-22 209408] S3 USB28xxOEM;USB 28xx OEM Filter; C:\WINDOWS\system32\DRIVERS\emOEM.sys [2005-11-22 17792] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024] S3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-04-10 104576] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\cedric\LOCALS~1\Temp\mc25.tmp [] S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 antivirscheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865] R2 antivirservice;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-02-12 344064] R2 AvidSDMService;Avid SDM Service; C:\WINDOWS\system32\AvidSDMService.exe [2003-05-01 57344] R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-10-08 794624] R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-21 152984] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-10-08 483328] R2 S24EventMonitor;Intel® PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-10-08 1183744] R2 SimpTcp;Services TCP/IP simplifiés; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-05 19456] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912] S2 AvidStartup;Avid Startup; C:\WINDOWS\system32\AvidStartup.exe [2003-07-02 241664] S2 gupdate1c985d81c5efe6c;Google Update Service (gupdate1c985d81c5efe6c); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-03 133104] S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-08-07 68096] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-02 29744] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2008-06-13 356920] S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2009-01-13 1079176] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136] S4 Aspmpusb;Aspmpusb; C:\WINDOWS\system32\drivers\msfs.sys [2004-08-05 19072] -----------------EOF-----------------
  2. realisateur
    Tout a l'air de rentrer dans l'ordre. J'ai quelques déreglements et messages d'alerte de windows aléatoires mais rien de grave. Voici l'analyse OTM: Error: Unable to interpret <:first> in the current context! ========== PROCESSES ========== Process explorer.exe killed successfully. ========== FILES ========== C:\WINDOWS\tasks\Norton Security Scan for cedric.job moved successfully. c:\program files\Norton Security Scan moved successfully. c:\program files\Fichiers communs\Symantec Shared\SymcData\virusdefs-2.5-e\20090604.002 moved successfully. c:\program files\Fichiers communs\Symantec Shared\SymcData\virusdefs-2.5-e\20090514.002 moved successfully. c:\program files\Fichiers communs\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub moved successfully. c:\program files\Fichiers communs\Symantec Shared\SymcData\virusdefs-2.5-e\incoming moved successfully. c:\program files\Fichiers communs\Symantec Shared\SymcData\virusdefs-2.5-e moved successfully. c:\program files\Fichiers communs\Symantec Shared\SymcData moved successfully. c:\program files\Fichiers communs\Symantec Shared\NSSSetup\{1E86581C-2858-4094-AB8B-D005EF96D4AC}_2_0_0 moved successfully. c:\program files\Fichiers communs\Symantec Shared\NSSSetup moved successfully. c:\program files\Fichiers communs\Symantec Shared moved successfully. C:\Combo-Fix moved successfully. C:\Recycled moved successfully. C:\ComboFix.txt moved successfully. C:\FOUND.043 moved successfully. C:\FOUND.042 moved successfully. C:\FOUND.041 moved successfully. C:\FOUND.040 moved successfully. C:\FOUND.039 moved successfully. File/Folder C:\WINDOWS\zip.exe not found. File/Folder C:\WINDOWS\SWXCACLS.exe not found. File/Folder C:\WINDOWS\SWSC.exe not found. File/Folder C:\WINDOWS\SWREG.exe not found. File/Folder C:\WINDOWS\sed.exe not found. File/Folder C:\WINDOWS\PEV.exe not found. File/Folder C:\WINDOWS\NIRCMD.exe not found. File/Folder C:\WINDOWS\grep.exe not found. File/Folder C:\WINDOWS\system32\CF6519.exe not found. ========== REGISTRY ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA}\\ deleted successfully. Registry key HKEY_CLASSES_ROOT\CLSID\{EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA}\\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB3BDDEF-DCA7-42E7-AB80-B7A783938E26}\\ deleted successfully. Registry key HKEY_CLASSES_ROOT\CLSID\{FB3BDDEF-DCA7-42E7-AB80-B7A783938E26}\\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{158996E7-8E06-4119-8935-849CF71B46F9}\\ deleted successfully. Registry key HKEY_CLASSES_ROOT\CLSID\{158996E7-8E06-4119-8935-849CF71B46F9}\\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{363AE83D-6ECF-1E57-8F6E-032C8E9056F8}\\ deleted successfully. Registry key HKEY_CLASSES_ROOT\CLSID\{363AE83D-6ECF-1E57-8F6E-032C8E9056F8}\\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\\ deleted successfully. Registry key HKEY_CLASSES_ROOT\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4C1FD760-D260-117C-2C4B-08A8CF2CF25E}\\ deleted successfully. Registry key HKEY_CLASSES_ROOT\CLSID\{4C1FD760-D260-117C-2C4B-08A8CF2CF25E}\\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\\ deleted successfully. Registry key HKEY_CLASSES_ROOT\CLSID\{7E853D72-626A-48EC-A868-BA8D5E23E045}\\ not found. ========== COMMANDS ========== File delete failed. C:\DOCUME~1\cedric\LOCALS~1\Temp\~DF5FB5.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\cedric\LOCALS~1\Temp\~DF5FC1.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\cedric\LOCALS~1\Temp\~DFFA21.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\cedric\LOCALS~1\Temp\~DF369E.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\cedric\LOCALS~1\Temp\~DF36D2.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\cedric\LOCALS~1\Temp\WCESLog.log scheduled to be deleted on reboot. User's Temp folder emptied. User's Internet Explorer cache folder emptied. File delete failed. C:\Documents and Settings\cedric\Local Settings\Temporary Internet Files\Content.IE5\IVLANLH0\CA25CFG3.htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\cedric\Local Settings\Temporary Internet Files\Content.IE5\IVLANLH0\ban_728x90[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\cedric\Local Settings\Temporary Internet Files\Content.IE5\IVLANLH0\http-successfullytoworknet-malware-t164447[1].html&pid=1393596&mode=threaded scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\cedric\Local Settings\Temporary Internet Files\Content.IE5\8LABK9AV\CACHMLN0.fr scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\cedric\Local Settings\Temporary Internet Files\Content.IE5\8LABK9AV\AP_ADV_300x250[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\cedric\Local Settings\Temporary Internet Files\Content.IE5\KPAZSD2N\CA8X2BWX.htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\cedric\Local Settings\Temporary Internet Files\Content.IE5\KPAZSD2N\iframe[4].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\cedric\Local Settings\Temporary Internet Files\Content.IE5\W3CH9EBD\CA5KPKTF.htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\cedric\Local Settings\Temporary Internet Files\Content.IE5\W3CH9EBD\AP_ADV_728x90[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\cedric\Local Settings\Temporary Internet Files\Content.IE5\W3CH9EBD\hp[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\cedric\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. User's Temporary Internet Files folder emptied. Local Service Temp folder emptied. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. Local Service Temporary Internet Files folder emptied. Network Service Temp folder emptied. Network Service Temporary Internet Files folder emptied. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_470.dat scheduled to be deleted on reboot. Windows Temp folder emptied. Java cache emptied. FireFox cache emptied. Temp folders emptied. Explorer started successfully OTM by OldTimer - Version 2.1.0.1 log created on 06202009_005527 Files moved on Reboot... File C:\DOCUME~1\cedric\LOCALS~1\Temp\~DF5FB5.tmp not found! File C:\DOCUME~1\cedric\LOCALS~1\Temp\~DF5FC1.tmp not found! C:\DOCUME~1\cedric\LOCALS~1\Temp\~DFFA21.tmp moved successfully. File C:\DOCUME~1\cedric\LOCALS~1\Temp\~DF369E.tmp not found! File C:\DOCUME~1\cedric\LOCALS~1\Temp\~DF36D2.tmp not found! C:\DOCUME~1\cedric\LOCALS~1\Temp\WCESLog.log moved successfully. C:\Documents and Settings\cedric\Local Settings\Temporary Internet Files\Content.IE5\IVLANLH0\CA25CFG3.htm moved successfully. C:\Documents and Settings\cedric\Local Settings\Temporary Internet Files\Content.IE5\IVLANLH0\ban_728x90[1].htm moved successfully. C:\Documents and Settings\cedric\Local Settings\Temporary Internet Files\Content.IE5\IVLANLH0\http-successfullytoworknet-malware-t164447[1].html&pid=1393596&mode=threaded moved successfully. C:\Documents and Settings\cedric\Local Settings\Temporary Internet Files\Content.IE5\8LABK9AV\CACHMLN0.fr moved successfully. C:\Documents and Settings\cedric\Local Settings\Temporary Internet Files\Content.IE5\8LABK9AV\AP_ADV_300x250[1].htm moved successfully. C:\Documents and Settings\cedric\Local Settings\Temporary Internet Files\Content.IE5\KPAZSD2N\CA8X2BWX.htm moved successfully. C:\Documents and Settings\cedric\Local Settings\Temporary Internet Files\Content.IE5\KPAZSD2N\iframe[4].htm moved successfully. C:\Documents and Settings\cedric\Local Settings\Temporary Internet Files\Content.IE5\W3CH9EBD\CA5KPKTF.htm moved successfully. C:\Documents and Settings\cedric\Local Settings\Temporary Internet Files\Content.IE5\W3CH9EBD\AP_ADV_728x90[1].htm moved successfully. C:\Documents and Settings\cedric\Local Settings\Temporary Internet Files\Content.IE5\W3CH9EBD\hp[1].htm moved successfully. File C:\WINDOWS\temp\Perflib_Perfdata_470.dat not found! Registry entries deleted on Reboot... Fichier msfs.sys reçu le 2009.06.19 23:06:00 (UTC) Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE Résultat: 0/41 (0%) en train de charger les informations du serveur... Votre fichier est dans la file d'attente, en position: ___. L'heure estimée de démarrage est entre ___ et ___ . Ne fermez pas la fenêtre avant la fin de l'analyse. L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats. Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier. Votre fichier est, en ce moment, en cours d'analyse par VirusTotal, les résultats seront affichés au fur et à mesure de leur génération. Formaté Impression des résultats Votre fichier a expiré ou n'existe pas. Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie. Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée. Email: Antivirus Version Dernière mise à jour Résultat a-squared 4.5.0.18 2009.06.19 - AhnLab-V3 5.0.0.2 2009.06.19 - AntiVir 7.9.0.193 2009.06.19 - Antiy-AVL 2.0.3.1 2009.06.19 - Authentium 5.1.2.4 2009.06.19 - Avast 4.8.1335.0 2009.06.19 - AVG 8.5.0.339 2009.06.19 - BitDefender 7.2 2009.06.20 - CAT-QuickHeal 10.00 2009.06.19 - ClamAV 0.94.1 2009.06.19 - Comodo 1374 2009.06.19 - DrWeb 5.0.0.12182 2009.06.20 - eSafe 7.0.17.0 2009.06.18 - eTrust-Vet 31.6.6570 2009.06.19 - F-Prot 4.4.4.56 2009.06.19 - F-Secure 8.0.14470.0 2009.06.19 - Fortinet 3.117.0.0 2009.06.19 - GData 19 2009.06.20 - Ikarus T3.1.1.59.0 2009.06.19 - Jiangmin 11.0.706 2009.06.19 - K7AntiVirus 7.10.768 2009.06.19 - Kaspersky 7.0.0.125 2009.06.20 - McAfee 5651 2009.06.19 - McAfee+Artemis 5651 2009.06.19 - McAfee-GW-Edition 6.7.6 2009.06.19 - Microsoft 1.4803 2009.06.20 - NOD32 4172 2009.06.19 - Norman 6.01.09 2009.06.19 - nProtect 2009.1.8.0 2009.06.19 - Panda 10.0.0.16 2009.06.19 - PCTools 4.4.2.0 2009.06.19 - Prevx 3.0 2009.06.20 - Rising 21.34.44.00 2009.06.19 - Sophos 4.42.0 2009.06.19 - Sunbelt 3.2.1858.2 2009.06.20 - Symantec 1.4.4.12 2009.06.20 - TheHacker 6.3.4.3.348 2009.06.19 - TrendMicro 8.950.0.1094 2009.06.19 - VBA32 3.12.10.7 2009.06.19 - ViRobot 2009.6.19.1796 2009.06.19 - VirusBuster 4.6.5.0 2009.06.19 - Information additionnelle File size: 19072 bytes MD5...: 561b3a4333ca2dbdba28b5b956822519 SHA1..: 7a4ce956bfe7e9b29dfa9572a01de8ec22ee00d6 SHA256: 5b53906a29b9aa55a399f880ca989f9878bd943d3e97fb10a25bfd723654af49 ssdeep: 384:NKn7yHbBnrY3qcFXi2hOIGElTEmOUFo7EphffyJlxlXn7np5+NMvWN8mPWqH :G6bBrYaGy2FGEKmXjpJuRXCNMPm PEiD..: - TrID..: File type identification Win32 Executable Generic (68.0%) Generic Win/DOS Executable (15.9%) DOS Executable Generic (15.9%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x3bed timedatestamp.....: 0x41107b85 (Wed Aug 04 06:00:37 2004) machinetype.......: 0x14c (I386) ( 7 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x300 0x36c 0x380 5.89 4fce3dd40ef6360dbfd4798bb6110599 .rdata 0x680 0x2a4 0x300 3.22 aa69eb23c82b54fcedc673046f331b7f .data 0x980 0x20 0x80 0.69 786e7c02947e1df5194548183a86b3c0 PAGE 0xa00 0x2ead 0x2f00 6.22 35f97fd2ee518a5e711c54f87660bc71 INIT 0x3900 0x9f6 0xa00 5.88 81e7974dd33a245ea7922fd1a0814cda .rsrc 0x4300 0x3e0 0x400 3.34 c07ded49aebf3df6e3742186c2a2ff81 .reloc 0x4700 0x36e 0x380 5.89 21f5bbe3b8fcc06d27737f20b62c3e05 ( 2 imports ) > ntoskrnl.exe: ExFreePoolWithTag, IoFreeWorkItem, KeCancelTimer, IofCompleteRequest, _except_handler3, KeLeaveCriticalRegion, KeEnterCriticalRegion, IoCheckShareAccess, SeUnlockSubjectContext, SeOpenObjectAuditAlarm, RtlInitUnicodeString, SeFreePrivileges, SeAppendPrivileges, SeAccessCheck, IoGetFileObjectGenericMapping, SeLockSubjectContext, ExAcquireResourceSharedLite, KeQuerySystemTime, IoSetShareAccess, SeAssignSecurity, FsRtlLegalAnsiCharacterArray, IoGetRequestorProcess, ObfReferenceObject, PsChargeProcessPagedPoolQuota, ObfDereferenceObject, PsReturnProcessPagedPoolQuota, IoReleaseCancelSpinLock, KeSetTimer, ExAcquireResourceExclusiveLite, ExAllocatePoolWithTag, MmMapLockedPages, KeBugCheck, FsRtlIsNameInExpression, IoQueueWorkItem, ProbeForRead, ProbeForWrite, ExInitializeResourceLite, ExDeleteResourceLite, IoDeleteDevice, IoDeleteSymbolicLink, IoCreateDevice, MmPageEntireDriver, RtlFindUnicodePrefix, KeInitializeDpc, KeInitializeTimer, IoAllocateWorkItem, KeBugCheckEx, SeQuerySecurityDescriptorInfo, SeSetSecurityDescriptorInfo, RtlInitializeUnicodePrefix, RtlInsertUnicodePrefix, KeInitializeSpinLock, RtlRemoveUnicodePrefix, MmResetDriverPaging, SeDeassignSecurity, KeTickCount, ExReleaseResourceLite, ExAllocatePoolWithQuotaTag, IoRemoveShareAccess > HAL.dll: KfReleaseSpinLock, KfAcquireSpinLock ( 0 exports ) PDFiD.: - RDS...: NSRL Reference Data Set ( Microsoft ) > MSDN Disc 2443.2: msfs.sys > MSDN Disc 2443.4: msfs.sys > MSDN Disc 2440.5: msfs.sys > Operating System Reinstallation CD Microsoft Windows XP Professional Service Pack 2: msfs.sys > MSDN Disc 2440.3: msfs.sys > MSDN Disc 2466.2: msfs.sys > Virtual PC for Mac Windows XP Home Edition: msfs.sys > MSDN Disc 2441.6: msfs.sys > MSDN Disc 2441.7: msfs.sys > MSDN Disc 2466.4: msfs.sys > MSDN Disc 2476.4: msfs.sys > MSDN Disc 2455.6: msfs.sys > MSDN Disc 2476.2: msfs.sys > Disc 2438.5: msfs.sys > MSDN Disc 2440.4: msfs.sys > MSDN Disc 2444.3: msfs.sys > MSDN Disc 2444.6: msfs.sys > MSDN Disc 2444.4: msfs.sys > MSDN Disc 2438.7: msfs.sys > MSDN Disc 2477.2: msfs.sys > MSDN Disc 2439.7: msfs.sys > MSDN Disc 2439.6: msfs.sys > MSDN Disc 2442.4: msfs.sys > MSDN Disc 2442.6: msfs.sys > MSDN Disc 2438.8: msfs.sys > MSDN Disc 2465.4: msfs.sys > MSDN Disc 2465.5: msfs.sys > MSDN Disc 2464.5: msfs.sys > MSDN Disc 2428.4: msfs.sys > MSDN Disc 2439.8: msfs.sys > MSDN Disc 2428.8: msfs.sys > Virtual PC for Mac Windows XP Professional Edition: msfs.sys > MSDN Disc 2428.5: msfs.sys > MSDN Disc 2441.5: msfs.sys ( Gateway ) > Gateway Operating System Windows XP Pro Edition SP2: MSFS.SYS,msfs.sys packers (Kaspersky): PE_Patch ATTENTION: VirusTotal est un service gratuit offert par Hispasec Sistemas. Il n'y a aucune garantie quant à la disponibilité et la continuité de ce service. Bien que le taux de détection permis par l'utilisation de multiples moteurs antivirus soit bien supérieur à celui offert par seulement un produit, ces résultats NE garantissent PAS qu'un fichier est sans danger. Il n'y a actuellement aucune solution qui offre un taux d'efficacité de 100% pour la détection des virus et malwares.
  3. realisateur
    Thanos, merci ! Ca a l'air de fonctionner bcp mieux Voici le log JavaRa : JavaRa 1.14 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Thu Jun 18 23:23:54 2009 Found and removed: C:\Program Files\Java\jre1.5.0_11 Found and removed: C:\WINDOWS\system32\plugincpl130_02.cpl Found and removed: SOFTWARE\Classes\JavaSoft.JavaBeansBridge Found and removed: SOFTWARE\Classes\JavaSoft.JavaBeansBridge.1 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\javaw.Exe Found and removed: Software\JavaSoft\Java2D\1.5.0_11 Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D511001 Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D511001 Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D511001 Found and removed: SOFTWARE\Classes\JavaPlugin.150_11 Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0 Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_11 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_11 Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D511001 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D511001 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150110} Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_11 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\JRE 1.3.0_02 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB} Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_11\ Found and removed: C:\Program Files\JavaSoft ------------------------------------ Finished reporting. et voici le log de RSIT Logfile of random's system information tool 1.06 (written by random/random) Run by cedric at 2009-06-18 23:25:55 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 8 GB (18%) free of 45 GB Total RAM: 1023 MB (42% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:26:03, on 18/06/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\system32\AvidSDMService.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\ATK0100\HControl.exe C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\Program Files\ASUS\Wireless Console\wcourier.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\WengoPhone\qtwengophone.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\cedric\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\PROGRA~1\MICROS~4\rapimgr.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\internet explorer\iexplore.exe C:\Documents and Settings\cedric\Bureau\RSIT.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\trend micro\cedric.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {158996E7-8E06-4119-8935-849CF71B46F9} - (no file) O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {363AE83D-6ECF-1E57-8F6E-032C8E9056F8} - (no file) O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: (no name) - {4C1FD760-D260-117C-2C4B-08A8CF2CF25E} - (no file) O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll O2 - BHO: Google Dictionary Compression sdch - {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: (no name) - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - (no file) O2 - BHO: (no name) - {FB3BDDEF-DCA7-42E7-AB80-B7A783938E26} - (no file) O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe O4 - HKLM\..\Run: [Wireless Console] C:\Program Files\ASUS\Wireless Console\wcourier.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1 O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [WengoPhoneNG] C:\Program Files\WengoPhone\qtwengophone.exe -b O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\cedric\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Video URL Extractor - {F6E600B5-48EA-421A-AF6A-61948BB737F3} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Video URL Extractor... - {F6E600B5-48EA-421A-AF6A-61948BB737F3} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} - O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8300.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/...tiveXPlugin.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.ipernity.com/E/Applets/Uploader...oader4.cab?v4.7 O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (antivirscheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (antivirservice) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Avid SDM Service (AvidSDMService) - Avid Technology, Inc. - C:\WINDOWS\system32\AvidSDMService.exe O23 - Service: Avid Startup (AvidStartup) - Unknown owner - C:\WINDOWS\system32\AvidStartup.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Update Service (gupdate1c985d81c5efe6c) (gupdate1c985d81c5efe6c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe -- End of file - 15151 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\WGASetup.job C:\WINDOWS\tasks\Norton Security Scan for cedric.job C:\WINDOWS\tasks\Google Software Updater.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1043688568-3843691352-3439686833-1004.job C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{158996E7-8E06-4119-8935-849CF71B46F9}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-09-28 308832] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{363AE83D-6ECF-1E57-8F6E-032C8E9056F8}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4C1FD760-D260-117C-2C4B-08A8CF2CF25E}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}] Megaupload Toolbar - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL [2007-07-31 1933256] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-04-17 323904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{aa58ed58-01dd-4d91-8333-cf10577473f7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-15 259696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-24 668656] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}] IeMonitorBho Class - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll [2007-08-16 110592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c84d72fe-e17d-4195-bb24-76c02e2e7c4e}] Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-05-03 470512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-21 41368] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}] FlashFXP Helper for Internet Explorer - C:\PROGRA~1\FlashFXP\IEFlash.dll [2005-05-04 191096] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-21 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB3BDDEF-DCA7-42E7-AB80-B7A783938E26}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - Megaupload Toolbar - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL [2007-07-31 1933256] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-15 259696] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "HControl"=C:\WINDOWS\ATK0100\HControl.exe [2005-04-12 102400] "ASUS Live Update"=C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2003-09-19 172032] "Wireless Console"=C:\Program Files\ASUS\Wireless Console\wcourier.exe [2005-03-02 57344] "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-12-22 98394] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-12-22 688218] "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-02-12 339968] "Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2004-09-21 81920] "H2O"=C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [2005-05-11 200069] "RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-11-05 73728] "TomTomHOME.exe"=C:\Program Files\TomTom HOME\TomTomHOME.exe [2007-03-14 3770024] "Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-02 29744] "IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2007-10-08 995328] "IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2007-10-08 1101824] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-12-03 282624] "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-09-28 185872] "LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-01-19 221184] "LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2005-01-19 458752] "LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2005-01-19 217088] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-21 148888] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-13 68856] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-02-12 21898024] "SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2006-07-07 1052672] "WengoPhoneNG"=C:\Program Files\WengoPhone\qtwengophone.exe [2006-12-11 6254592] "Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-02 29744] "H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360] "Google Update"=C:\Documents and Settings\cedric\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-11-12 133104] "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-04-08 251240] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] C:\WINDOWS\SOUNDMAN.EXE [2004-11-05 73728] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2005-02-12 61440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-05 240128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Messenger\MSMSGS.EXE"="C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger" "C:\Program Files\FlashFXP\flashfxp.exe"="C:\Program Files\FlashFXP\flashfxp.exe:*:Enabled:FlashFXP v3" "C:\Program Files\ASUS\ASUS Live Update\LiveUpdt.exe"="C:\Program Files\ASUS\ASUS Live Update\LiveUpdt.exe:*:Enabled:LiveUpdt" "C:\Program Files\WengoPhone\qtwengophone.exe"="C:\Program Files\WengoPhone\qtwengophone.exe:*:Enabled:WengoPhone" "C:\Program Files\Resolume-2-2\resolume.exe"="C:\Program Files\Resolume-2-2\resolume.exe:*:Enabled:Resolume 2.2" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\Documents and Settings\CEDRIC\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll"="C:\Documents and Settings\CEDRIC\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin" "C:\Documents and Settings\CEDRIC\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\CEDRIC\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. The whole world can talk for free." [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\FlashFXP\flashfxp.exe"="C:\Program Files\FlashFXP\flashfxp.exe:*:Enabled:FlashFXP v3" "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" ======File associations====== .js - open - ======List of files/folders created in the last 3 months====== 2009-06-18 23:23:22 ----A---- C:\WINDOWS\system32\javaws.exe 2009-06-18 23:23:22 ----A---- C:\WINDOWS\system32\javaw.exe 2009-06-18 23:23:22 ----A---- C:\WINDOWS\system32\java.exe 2009-06-18 23:00:26 ----SD---- C:\Combo-Fix 2009-06-18 18:54:39 ----SHD---- C:\Recycled 2009-06-18 14:33:43 ----A---- C:\ComboFix.txt 2009-06-18 14:22:55 ----D---- C:\WINDOWS\temp 2009-06-18 08:51:12 ----A---- C:\WINDOWS\ntbtlog.txt 2009-06-18 08:42:22 ----D---- C:\Documents and Settings\cedric\Application Data\Malwarebytes 2009-06-18 08:42:16 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-06-18 08:42:16 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-06-18 00:49:01 ----D---- C:\Program Files\Avira 2009-06-18 00:49:01 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2009-06-17 12:57:20 ----A---- C:\Boot.bak 2009-06-17 12:57:16 ----RASHD---- C:\cmdcons 2009-06-17 12:54:19 ----D---- C:\WINDOWS\ERDNT 2009-06-17 11:18:11 ----D---- C:\Program Files\trend micro 2009-06-17 11:18:10 ----D---- C:\rsit 2009-06-15 17:19:17 ----D---- C:\Documents and Settings\cedric\Application Data\AVS4YOU 2009-06-15 17:19:10 ----D---- C:\Documents and Settings\All Users\Application Data\AVS4YOU 2009-06-15 17:13:59 ----D---- C:\Program Files\Fichiers communs\AVSMedia 2009-06-15 17:13:59 ----D---- C:\Program Files\AVS4YOU 2009-06-11 00:01:03 ----HD---- C:\WINDOWS\$NtUninstallKB961501$ 2009-06-11 00:00:46 ----HD---- C:\WINDOWS\$NtUninstallKB969897$ 2009-06-11 00:00:38 ----HD---- C:\WINDOWS\$NtUninstallKB969898$ 2009-06-10 23:59:04 ----HD---- C:\WINDOWS\$NtUninstallKB970238$ 2009-06-10 23:59:00 ----A---- C:\WINDOWS\imsins.BAK 2009-06-10 23:58:55 ----HD---- C:\WINDOWS\$NtUninstallKB968537$ 2009-05-29 09:13:49 ----A---- C:\WINDOWS\system32\deploytk.dll 2009-05-18 13:45:38 ----SHD---- C:\FOUND.043 2009-05-04 18:20:44 ----D---- C:\Program Files\Fichiers communs\Symantec Shared 2009-05-04 18:20:42 ----D---- C:\Program Files\Norton Security Scan 2009-04-29 14:31:20 ----SHD---- C:\FOUND.042 2009-04-22 11:06:02 ----D---- C:\Documents and Settings\cedric\Application Data\avidemux 2009-04-22 11:05:45 ----D---- C:\Program Files\Avidemux 2.4 2009-04-20 14:27:28 ----SHD---- C:\FOUND.041 2009-04-16 00:56:14 ----HD---- C:\WINDOWS\$NtUninstallKB959426$ 2009-04-16 00:56:09 ----HD---- C:\WINDOWS\$NtUninstallKB961373$ 2009-04-16 00:54:06 ----HD---- C:\WINDOWS\$NtUninstallKB956572$ 2009-04-16 00:53:55 ----HD---- C:\WINDOWS\$NtUninstallKB952004$ 2009-04-16 00:53:50 ----HD---- C:\WINDOWS\$NtUninstallKB960803$ 2009-04-16 00:53:32 ----HD---- C:\WINDOWS\$NtUninstallKB963027$ 2009-04-16 00:53:23 ----HD---- C:\WINDOWS\$NtUninstallKB923561$ 2009-04-14 01:54:44 ----D---- C:\WINDOWS\system32\KB905474 2009-04-13 19:14:40 ----SHD---- C:\FOUND.040 2009-04-13 12:49:00 ----SHD---- C:\FOUND.039 2009-04-02 10:11:48 ----D---- C:\OMFI MediaFiles 2009-03-31 23:45:03 ----D---- C:\WINDOWS\ie8updates 2009-03-31 23:41:47 ----A---- C:\WINDOWS\system32\ieencode.dll 2009-03-29 13:48:47 ----D---- C:\Documents and Settings\cedric\Application Data\TomTom 2009-03-29 13:48:40 ----D---- C:\Program Files\TomTom International B.V 2009-03-29 13:48:21 ----D---- C:\Program Files\TomTom HOME 2 2009-03-27 12:06:04 ----RSH---- C:\WINDOWS\system32\nbDX.dll 2009-03-27 12:06:04 ----RSH---- C:\WINDOWS\system32\msfDX.dll ======List of files/folders modified in the last 3 months====== 2009-06-18 23:03:26 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-06-18 14:27:58 ----A---- C:\WINDOWS\system.ini 2009-06-17 12:57:22 ----RASH---- C:\boot.ini 2009-06-16 13:18:50 ----A---- C:\WINDOWS\lexstat.ini 2009-06-15 12:11:38 ----A---- C:\WINDOWS\NeroDigital.ini 2009-06-01 18:51:12 ----A---- C:\WINDOWS\system32\MRT.exe 2009-05-11 21:51:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-05-07 17:43:40 ----A---- C:\WINDOWS\system32\localspl.dll 2009-05-02 19:10:04 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #2.txt 2009-05-01 10:15:56 ----A---- C:\WINDOWS\E220AutoRunLog.tmp 2009-04-29 13:23:20 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt 2009-04-29 06:52:40 ----A---- C:\WINDOWS\system32\mshtml.dll 2009-04-29 06:52:36 ----A---- C:\WINDOWS\system32\urlmon.dll 2009-04-29 06:52:36 ----A---- C:\WINDOWS\system32\browseui.dll 2009-04-29 06:52:34 ----A---- C:\WINDOWS\system32\wininet.dll 2009-04-29 06:52:34 ----A---- C:\WINDOWS\system32\shlwapi.dll 2009-04-29 06:52:34 ----A---- C:\WINDOWS\system32\shdocvw.dll 2009-04-29 06:52:34 ----A---- C:\WINDOWS\system32\pngfilt.dll 2009-04-29 06:52:34 ----A---- C:\WINDOWS\system32\mstime.dll 2009-04-29 06:52:34 ----A---- C:\WINDOWS\system32\mshtmled.dll 2009-04-29 06:52:34 ----A---- C:\WINDOWS\system32\jsproxy.dll 2009-04-29 06:52:32 ----A---- C:\WINDOWS\system32\msrating.dll 2009-04-29 06:52:32 ----A---- C:\WINDOWS\system32\inseng.dll 2009-04-29 06:52:32 ----A---- C:\WINDOWS\system32\iepeers.dll 2009-04-29 06:52:32 ----A---- C:\WINDOWS\system32\extmgr.dll 2009-04-29 06:52:32 ----A---- C:\WINDOWS\system32\Dxtrans.dll 2009-04-29 06:52:32 ----A---- C:\WINDOWS\system32\Dxtmsft.dll 2009-04-29 06:52:32 ----A---- C:\WINDOWS\system32\danim.dll 2009-04-29 06:52:32 ----A---- C:\WINDOWS\system32\cdfview.dll 2009-04-27 11:48:30 ----A---- C:\WINDOWS\system32\xpsp3res.dll 2009-04-15 17:17:18 ----A---- C:\WINDOWS\system32\rpcrt4.dll 2009-04-10 23:05:26 ----A---- C:\ASLog.txt 2009-03-21 16:20:10 ----A---- C:\WINDOWS\system32\kernel32.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2001-02-01 25244] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-06-18 75096] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248] R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2004-10-05 62799] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-11-16 21361] R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys [] R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-09-02 13059] R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-08-27 12288] R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2004-09-10 84064] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-11-05 2284864] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-02-12 986624] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [] R3 CLEDX;Team H2O CLEDX service; C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 33792] R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080] R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-09-02 1041536] R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-09-02 200064] R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824] R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 SMCIRDA;SMSC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2005-01-09 46592] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-12-22 186240] R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2005-01-08 51582] R3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2005-01-17 98304] R3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2004-07-09 36531] R3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2004-11-16 50048] R3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-07 18612] R3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2004-12-22 34816] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] R3 w29n51;Pilote de carte de connexion réseau Intel® PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2007-07-25 2210048] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-09-02 685056] R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\yukonwxp.sys [2004-06-01 142464] S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848] S2 Nsynas32;Nsynas32; C:\WINDOWS\system32\drivers\Nsynas32.sys [2001-04-09 17784] S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2004-08-03 48128] S3 Asushwio;Asushwio; \??\C:\WINDOWS\system32\drivers\Asushwio.sys [] S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2004-08-03 38912] S3 AVCSTRM;AVC Streaming Filter Driver; C:\WINDOWS\system32\DRIVERS\avcstrm.sys [2004-08-03 13696] S3 camvid20;Philips ToUcam Camera; Video; C:\WINDOWS\system32\DRIVERS\camdrv21.sys [2001-08-17 223232] S3 catchme;catchme; \??\C:\DOCUME~1\cedric\LOCALS~1\Temp\catchme.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 CO_Mon;CO_Mon; \??\C:\WINDOWS\system32\Drivers\CO_Mon.sys [] S3 cxwibu;Team H2O WIBU Driver; \??\C:\Program Files\WIBUKEY\H2O\cxwibu.sys [] S3 EchoIndigoIO;Echo Indigo io Service; C:\WINDOWS\system32\drivers\echondgo.sys [2003-08-25 124160] S3 hdsp;RME Hammerfall Audio Device; C:\WINDOWS\system32\DRIVERS\hdsp.sys [] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2007-04-20 100992] S3 IKFileSec;File Security Driver; C:\WINDOWS\system32\drivers\ikfilesec.sys [2009-01-13 40840] S3 IKSysFlt;System Filter Driver; C:\WINDOWS\system32\drivers\iksysflt.sys [2009-01-13 66952] S3 IKSysSec;System Security Driver; C:\WINDOWS\system32\drivers\iksyssec.sys [2009-01-13 81288] S3 LMASFltr;LMASFltr; C:\WINDOWS\system32\drivers\LMASFltr.sys [] S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-04-01 22016] S3 massfilter;ZTE Mass Storage Filter Driver; C:\WINDOWS\system32\drivers\massfilter.sys [] S3 MMAUSB;M-Audio USB ASIO Driver; C:\WINDOWS\System32\Drivers\MMAUSB.SYS [] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-03 15360] S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2004-08-03 51328] S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2004-08-03 22016] S3 MSTAPE;Microsoft AV/C Tape Subunit Device; C:\WINDOWS\system32\DRIVERS\mstape.sys [2004-08-03 49024] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-05 40320] S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2005-04-01 7072] S3 phil2vid;Appareil photo VGA USB Philips PCVC690; C:\WINDOWS\system32\DRIVERS\philcam2.sys [2001-08-17 173696] S3 PID_08A0;Labtec WebCam(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2005-04-01 913280] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2002-10-17 2851] S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2004-12-16 50048] S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2005-10-21 12800] S3 USB28xxBGA;Pinnacle PCTV DVB-T USB Stick; C:\WINDOWS\system32\DRIVERS\emBDA.sys [2005-11-22 209408] S3 USB28xxOEM;USB 28xx OEM Filter; C:\WINDOWS\system32\DRIVERS\emOEM.sys [2005-11-22 17792] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024] S3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-04-10 104576] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\cedric\LOCALS~1\Temp\mc25.tmp [] S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 antivirscheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865] R2 antivirservice;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-02-12 344064] R2 AvidSDMService;Avid SDM Service; C:\WINDOWS\system32\AvidSDMService.exe [2003-05-01 57344] R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-10-08 794624] R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-21 152984] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-10-08 483328] R2 S24EventMonitor;Intel® PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-10-08 1183744] R2 SimpTcp;Services TCP/IP simplifiés; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-05 19456] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912] S2 AvidStartup;Avid Startup; C:\WINDOWS\system32\AvidStartup.exe [2003-07-02 241664] S2 gupdate1c985d81c5efe6c;Google Update Service (gupdate1c985d81c5efe6c); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-03 133104] S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-08-07 68096] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-02 29744] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2008-06-13 356920] S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2009-01-13 1079176] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136] S4 Aspmpusb;Aspmpusb; C:\WINDOWS\system32\drivers\msfs.sys [2004-08-05 19072] -----------------EOF-----------------
  4. realisateur
    Et voici le rapport AntiVir : Avira AntiVir Personal Date de création du fichier de rapport : jeudi 18 juin 2009 14:37 La recherche porte sur 1468438 souches de virus. Détenteur de la licence :Avira AntiVir PersonalEdition Classic Numéro de série : 0000149996-ADJIE-0001 Plateforme : Windows XP Version de Windows :(Service Pack 2) [5.1.2600] Mode Boot : Mode sans échec Identifiant : cedric Nom de l'ordinateur :LIVE Informations de version : BUILD.DAT : 8.2.0.61 17752 Bytes 25/05/2009 13:47:00 AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 07:21:02 AVSCAN.DLL : 8.1.4.1 49921 Bytes 21/07/2008 12:44:28 LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 11:44:18 LUKERES.DLL : 8.1.4.0 13057 Bytes 04/07/2008 06:30:28 ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 10:30:38 ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 23:20:06 ANTIVIR2.VDF : 7.1.4.87 2982912 Bytes 12/06/2009 23:20:18 ANTIVIR3.VDF : 7.1.4.107 73728 Bytes 17/06/2009 23:20:20 Version du moteur: 8.2.0.191 AEVDF.DLL : 8.1.1.1 106868 Bytes 17/06/2009 23:20:36 AESCRIPT.DLL : 8.1.2.9 409978 Bytes 17/06/2009 23:20:34 AESCN.DLL : 8.1.2.3 127347 Bytes 17/06/2009 23:20:34 AERDL.DLL : 8.1.1.3 438645 Bytes 04/11/2008 12:58:40 AEPACK.DLL : 8.1.3.18 401783 Bytes 17/06/2009 23:20:32 AEOFFICE.DLL : 8.1.0.38 196987 Bytes 17/06/2009 23:20:30 AEHEUR.DLL : 8.1.0.133 1798520 Bytes 17/06/2009 23:20:30 AEHELP.DLL : 8.1.3.6 205174 Bytes 17/06/2009 23:20:26 AEGEN.DLL : 8.1.1.45 348532 Bytes 17/06/2009 23:20:24 AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 09:05:58 AECORE.DLL : 8.1.6.12 180599 Bytes 17/06/2009 23:20:22 AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 09:05:58 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 07:40:04 AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 08:28:00 AVREP.DLL : 8.0.0.3 155688 Bytes 17/06/2009 23:20:20 AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 10:26:38 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 07:29:20 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 11:27:48 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 16:28:04 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 11:49:38 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 11:05:08 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 04/07/2008 06:23:18 RCTEXT.DLL : 8.0.52.1 86273 Bytes 17/07/2008 09:08:44 Configuration pour la recherche actuelle : Nom de la tâche..................: Contrôle intégral du système Fichier de configuration.........: c:\program files\avira\antivir personaledition classic\sysscan.avp Documentation....................: bas Action principale................: interactif Action secondaire................: ignorer Recherche sur les secteurs d'amorçage maître: marche Recherche sur les secteurs d'amorçage: marche Secteurs d'amorçage..............: C:, D:, Recherche dans les programmes actifs: marche Recherche en cours sur l'enregistrement: marche Recherche de Rootkits............: marche Fichier mode de recherche........: Tous les fichiers Recherche sur les archives.......: marche Limiter la profondeur de récursivité: 20 Archive Smart Extensions.........: marche Types d'archives divergents......: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox, Heuristique de macrovirus........: marche Heuristique fichier..............: moyen Catégories de dangers divergentes: +APPL,+GAME,+JOKE,+PCK,+SPR, Début de la recherche : jeudi 18 juin 2009 14:37 La recherche d'objets cachés commence. Impossible d'initialiser le pilote. La recherche sur les processus démarrés commence : Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés Processus de recherche 'Explorer.EXE' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés Processus de recherche 'services.exe' - '1' module(s) sont contrôlés Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés '11' processus ont été contrôlés avec '11' modules La recherche sur les secteurs d'amorçage maître commence : Secteur d'amorçage maître HD0 [iNFO] Aucun virus trouvé ! La recherche sur les secteurs d'amorçage commence : Secteur d'amorçage 'C:\' [iNFO] Aucun virus trouvé ! Secteur d'amorçage 'D:\' [iNFO] Aucun virus trouvé ! La recherche sur les renvois aux fichiers exécutables (registre) commence. Le registre a été contrôlé ( '74' fichiers). La recherche sur les fichiers sélectionnés commence : Recherche débutant dans 'C:\' C:\pagefile.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\WINDOWS\system32\drivers\sptd.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\System Volume Information\_restore{28B1478C-A929-432D-B839-87374FE3AB90}\RP512\A0229602.exe [RESULTAT] Contient le modèle de détection du programme SPR/Tool.Hardoff.A [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a6c560b.qua' ! C:\System Volume Information\_restore{28B1478C-A929-432D-B839-87374FE3AB90}\RP512\A0229716.sys [RESULTAT] Contient le modèle de détection du rootkit RKIT/Agent.102206 [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a6c5616.qua' ! Recherche débutant dans 'D:\' Fin de la recherche : jeudi 18 juin 2009 17:05 Temps nécessaire: 2:27:50 Heure(s) La recherche a été effectuée intégralement 10713 Les répertoires ont été contrôlés 315793 Des fichiers ont été contrôlés 2 Des virus ou programmes indésirables ont été trouvés 0 Des fichiers ont été classés comme suspects 0 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 2 Les fichiers ont été déplacés dans la quarantaine 0 Les fichiers ont été renommés 2 Impossible de contrôler des fichiers 315789 Fichiers non infectés 7761 Les archives ont été contrôlées 2 Avertissements 2 Consignes
  5. realisateur
    Thanos, Je ne sais pas si on avance mais je te suis les yeux fermés. J'ai qd même l'impression que ca commence à aller mieux. Pour autant tu m'as demandé d'effacer le dossier Qoobox, ce que j'ai fais 2 fois et il réapparait à chaque fois. Voici le rapport Combofix: En tous cas, merci ! ComboFix 09-06-16.05 - cedric 18/06/2009 14:17.3 - FAT32x86 MINIMAL Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1023.816 [GMT 2:00] Lancé depuis: c:\documents and settings\cedric\Bureau\Combo-Fix.exe Commutateurs utilisés :: c:\documents and settings\cedric\Bureau\CFScript.txt AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} FILE :: "c:\program files\driver\driver.sys" "c:\windows\jmmark2.dat" "c:\windows\system32\drivers\75bb293c.sys" . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\FOUND.044 C:\FOUND.045 C:\FOUND.046 c:\program files\driver c:\found.044\FILE0000.CHK c:\found.044\FILE0001.CHK c:\found.044\FILE0002.CHK c:\found.044\FILE0003.CHK c:\found.044\FILE0004.CHK c:\found.044\FILE0005.CHK c:\found.044\FILE0006.CHK c:\found.044\FILE0007.CHK c:\found.044\FILE0008.CHK c:\found.044\FILE0009.CHK c:\found.044\FILE0010.CHK c:\found.044\FILE0011.CHK c:\found.044\FILE0012.CHK c:\found.044\FILE0013.CHK c:\found.044\FILE0014.CHK c:\found.044\FILE0015.CHK c:\found.044\FILE0016.CHK c:\found.044\FILE0017.CHK c:\found.044\FILE0018.CHK c:\found.044\FILE0019.CHK c:\found.044\FILE0020.CHK c:\found.044\FILE0021.CHK c:\found.044\FILE0022.CHK c:\found.044\FILE0023.CHK c:\found.044\FILE0024.CHK c:\found.044\FILE0025.CHK c:\found.044\FILE0026.CHK c:\found.044\FILE0027.CHK c:\found.044\FILE0028.CHK c:\found.044\FILE0029.CHK c:\found.044\FILE0030.CHK c:\found.044\FILE0031.CHK c:\found.044\FILE0032.CHK c:\found.044\FILE0033.CHK c:\found.044\FILE0034.CHK c:\found.044\FILE0035.CHK c:\found.044\FILE0036.CHK c:\found.044\FILE0037.CHK c:\found.044\FILE0038.CHK c:\found.045\FILE0000.CHK c:\found.045\FILE0001.CHK c:\found.045\FILE0002.CHK c:\found.045\FILE0003.CHK c:\found.045\FILE0004.CHK c:\found.045\FILE0005.CHK c:\found.045\FILE0006.CHK c:\found.045\FILE0007.CHK c:\found.045\FILE0008.CHK c:\found.045\FILE0009.CHK c:\found.045\FILE0010.CHK c:\found.045\FILE0011.CHK c:\found.045\FILE0012.CHK c:\found.045\FILE0013.CHK c:\found.045\FILE0014.CHK c:\found.045\FILE0015.CHK c:\found.045\FILE0016.CHK c:\found.045\FILE0017.CHK c:\found.045\FILE0018.CHK c:\found.045\FILE0019.CHK c:\found.046\FILE0000.CHK c:\found.046\FILE0001.CHK c:\found.046\FILE0002.CHK c:\found.046\FILE0003.CHK c:\found.046\FILE0004.CHK c:\windows\jmmark2.dat c:\windows\system32\drivers\75bb293c.sys . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_DRIVERDRV -------\Service_PDIDRV ((((((((((((((((((((((((((((( Fichiers créés du 2009-05-18 au 2009-06-18 )))))))))))))))))))))))))))))))))))) . 2009-06-18 07:05 . 2004-08-05 12:00 2944 ----a-w- c:\windows\system32\drivers\null.sys 2009-06-18 06:42 . 2009-06-18 06:42 -------- d-----w- c:\documents and settings\cedric\Application Data\Malwarebytes 2009-06-18 06:42 . 2009-06-17 09:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-06-18 06:42 . 2009-06-18 06:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-06-18 06:42 . 2009-06-18 06:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-06-18 06:42 . 2009-06-17 09:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-06-17 22:49 . 2008-05-09 10:15 45376 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2009-06-17 22:49 . 2008-01-21 15:11 22336 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2009-06-17 22:49 . 2009-06-17 23:20 75096 ----a-w- c:\windows\system32\drivers\avipbb.sys 2009-06-17 22:49 . 2009-06-17 22:49 -------- d-----w- c:\program files\Avira 2009-06-17 22:49 . 2009-06-17 22:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2009-06-17 09:18 . 2009-06-17 09:18 -------- d-----w- c:\program files\trend micro 2009-06-17 09:18 . 2009-06-17 09:18 -------- d-----w- C:\rsit 2009-06-15 15:19 . 2009-06-15 15:19 -------- d-----w- c:\documents and settings\cedric\Application Data\AVS4YOU 2009-06-15 15:19 . 2009-06-15 15:19 -------- d-----w- c:\documents and settings\All Users\Application Data\AVS4YOU 2009-06-15 15:13 . 2009-06-15 15:14 -------- d-----w- c:\program files\Fichiers communs\AVSMedia 2009-06-15 15:13 . 2009-06-15 15:14 -------- d-----w- c:\program files\AVS4YOU 2009-05-29 07:13 . 2009-05-29 07:13 410984 ----a-w- c:\windows\system32\deploytk.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-05-29 07:13 . 2009-04-13 15:09 152576 ----a-w- c:\documents and settings\cedric\Application Data\Sun\Java\jre1.6.0_13\lzma.dll 2009-05-11 19:51 . 2004-09-20 16:47 77906 ----a-w- c:\windows\system32\perfc00C.dat 2009-05-11 19:51 . 2004-09-20 16:47 474520 ----a-w- c:\windows\system32\perfh00C.dat 2009-05-07 15:43 . 2004-09-20 16:46 347136 ----a-w- c:\windows\system32\localspl.dll 2009-05-04 16:20 . 2009-05-04 16:20 -------- d-----w- c:\program files\Fichiers communs\Symantec Shared 2009-05-04 16:20 . 2009-05-04 16:20 -------- d-----w- c:\program files\Norton Security Scan 2009-05-01 08:15 . 2007-11-23 08:42 204643 ----a-w- c:\windows\E220AutoRunLog.tmp 2009-04-29 04:52 . 2004-09-20 16:46 663552 ----a-w- c:\windows\system32\wininet.dll 2009-04-29 04:52 . 2009-03-31 21:41 81920 ----a-w- c:\windows\system32\ieencode.dll 2009-04-22 09:06 . 2009-04-22 09:06 -------- d-----w- c:\documents and settings\cedric\Application Data\avidemux 2009-04-22 09:05 . 2009-04-22 09:05 -------- d-----w- c:\program files\Avidemux 2.4 2009-04-19 20:09 . 2004-09-20 16:46 1846784 ----a-w- c:\windows\system32\win32k.sys 2009-04-15 15:17 . 2004-09-20 16:46 584192 ----a-w- c:\windows\system32\rpcrt4.dll 2009-03-24 16:33 . 2009-03-24 16:33 237264 ----a-w- c:\documents and settings\cedric\Application Data\Mozilla\plugins\npgoogletalk.dll 2008-08-02 11:51 . 2008-08-02 11:29 122880 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll 2006-05-03 09:06 . 2007-03-12 20:38 163328 --sh--r- c:\windows\system32\flvDX.dll 2007-02-21 10:47 . 2009-03-27 10:06 31232 --sh--r- c:\windows\system32\msfDX.dll 2008-03-16 12:30 . 2009-03-27 10:06 216064 --sh--r- c:\windows\system32\nbDX.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-13 68856] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-02-12 21898024] "SuperCopier2.exe"="c:\program files\SuperCopier2\SuperCopier2.exe" [2006-07-07 1052672] "WengoPhoneNG"="c:\program files\WengoPhone\qtwengophone.exe" [2006-12-11 6254592] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-08-02 29744] "H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-05 15360] "Google Update"="c:\documents and settings\cedric\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-11-12 133104] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-04-08 251240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HControl"="c:\windows\ATK0100\HControl.exe" [2005-04-12 102400] "ASUS Live Update"="c:\program files\ASUS\ASUS Live Update\ALU.exe" [2003-09-19 172032] "Wireless Console"="c:\program files\ASUS\Wireless Console\wcourier.exe" [2005-03-02 57344] "SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-12-21 98394] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-12-21 688218] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-02-12 339968] "Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2004-09-21 81920] "H2O"="c:\program files\SyncroSoft\Pos\H2O\cledx.exe" [2005-05-11 200069] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-29 148888] "TomTomHOME.exe"="c:\program files\TomTom HOME\TomTomHOME.exe" [2007-03-14 3770024] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-08-02 29744] "IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-10-08 995328] "IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-10-08 1101824] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-12-03 282624] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-09-28 185872] "LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-01-19 221184] "LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-01-19 458752] "LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-01-19 217088] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2004-11-05 73728] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-05 15360] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2004-12-22 45056] Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588] Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2007-8-7 113664] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "wave1"=hdspmme.dll "wave3"=hdspmme.dll "Midi1"=hdspmme.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] @="" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\MSMSGS.EXE"= "c:\\Program Files\\FlashFXP\\flashfxp.exe"= "c:\\Program Files\\ASUS\\ASUS Live Update\\LiveUpdt.exe"= "c:\\Program Files\\WengoPhone\\qtwengophone.exe"= "c:\\Program Files\\Resolume-2-2\\resolume.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\MSN Messenger\\livecall.exe"= "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "c:\\Documents and Settings\\CEDRIC\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"= "c:\\Documents and Settings\\CEDRIC\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service R0 R592;R592;c:\windows\system32\drivers\R592.sys [15/10/2004 03:34 57088] R0 risdpntk;risdpntk;c:\windows\system32\drivers\risdpntk.sys [15/10/2004 03:34 27264] R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [21/07/2005 17:27 33792] S2 gupdate1c985d81c5efe6c;Google Update Service (gupdate1c985d81c5efe6c);c:\program files\Google\Update\GoogleUpdate.exe [03/02/2009 09:19 133104] S3 Asushwio;Asushwio;c:\windows\system32\drivers\ASUSHWIO.SYS [22/07/2005 04:00 5824] S3 camvid20;Philips ToUcam Camera; Video;c:\windows\system32\drivers\camdrv21.sys [28/09/2005 16:52 223232] S3 cxwibu;Team H2O WIBU Driver;c:\program files\WIBUKEY\H2O\cxwibu.sys [26/07/2006 13:11 7040] S3 EchoIndigoIO;Echo Indigo io Service;c:\windows\system32\drivers\echondgo.sys [25/08/2003 10:33 124160] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [14/03/2007 22:07 29744] S3 hdsp;RME Hammerfall Audio Device;c:\windows\system32\DRIVERS\hdsp.sys --> c:\windows\system32\DRIVERS\hdsp.sys [?] S3 LMASFltr;LMASFltr;c:\windows\system32\drivers\LMASFltr.sys --> c:\windows\system32\drivers\LMASFltr.sys [?] S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys --> c:\windows\system32\drivers\massfilter.sys [?] S3 MMAUSB;M-Audio USB ASIO Driver;c:\windows\system32\Drivers\MMAUSB.SYS --> c:\windows\system32\Drivers\MMAUSB.SYS [?] S3 phil2vid;Appareil photo VGA USB Philips PCVC690;c:\windows\system32\drivers\philcam2.sys [06/04/2007 14:31 173696] S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [26/03/2008 17:36 356920] --- Autres Services/Pilotes en mémoire --- *Deregistered* - mchInjDrv [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E4066320-E4AE-11CF-B1B0-00AA00BBAD66}] rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\fpxpress.inf,PerUserstub . Contenu du dossier 'Tâches planifiées' 2009-06-18 c:\windows\Tasks\WGASetup.job - c:\windows\system32\KB905474\wgasetup.exe [2009-04-13 20:18] 2009-06-12 c:\windows\Tasks\Norton Security Scan for cedric.job - c:\program files\Norton Security Scan\Nss.exe [2008-09-19 18:20] 2009-06-18 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-03-14 07:41] 2009-06-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1043688568-3843691352-3439686833-1004.job - c:\documents and settings\cedric\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-11-12 13:03] 2009-06-18 c:\windows\Tasks\GoogleUpdateTaskMachine.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-03 07:18] . - - - - ORPHELINS SUPPRIMES - - - - BHO-{158996E7-8E06-4119-8935-849CF71B46F9} - (no file) BHO-{363AE83D-6ECF-1E57-8F6E-032C8E9056F8} - (no file) BHO-{4C1FD760-D260-117C-2C4B-08A8CF2CF25E} - (no file) BHO-{FB3BDDEF-DCA7-42E7-AB80-B7A783938E26} - (no file) HKLM-Run-PinnacleDriverCheck - c:\windows\system32\PSDrvCheck.exe HKLM-Run-!AVG Anti-Spyware - c:\program files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe HKLM-Run-AVG8_TRAY - c:\progra~1\AVG\AVG8\avgtray.exe Notify-avgrsstarter - (no file) Notify-IntelWireless - (no file) SafeBoot-AVG Anti-Spyware Driver SafeBoot-AVG Anti-Spyware Guard . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.com/webhp?sourceid=navclient&hl=fr&ie=UTF-8 uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms} uInternet Connection Wizard,ShellNext = hxxp://www.asus.com/ uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: {{F6E600B5-48EA-421A-AF6A-61948BB737F3} - {F6E600B5-48EA-421A-AF6A-61948BB737F3} - . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-06-18 14:27 Windows 5.1.2600 Service Pack 2 FAT NTAPI Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mchInjDrv] "ImagePath"="\??\c:\docume~1\cedric\LOCALS~1\Temp\mc23.tmp" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-1043688568-3843691352-3439686833-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{46567A77-EE7A-F2D5-E703-6430F685D206}*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) "iaffpanemapbgjldoe"=hex:6a,61,62,6f,6d,63,68,62,6f,64,6e,65,65,61,69,6e,62,63, 69,64,00,00 "hapgfcianpoclbcj"=hex:6a,61,62,6f,6d,63,68,62,6f,64,6e,65,65,61,69,6e,62,63, 69,64,00,48 [HKEY_USERS\S-1-5-21-1043688568-3843691352-3439686833-1004\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\ActiveSync] "Name"="ActiveSync" "DisplayName"="Microsoft ActiveSync" "Param1"="ActiveSync" "Type"="wellknown" "Order"=dword:00000001 "State"=dword:0000000b [HKEY_USERS\S-1-5-21-1043688568-3843691352-3439686833-1004\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\IESettings] "Name"="IESettings" "Type"="IESettings" "Order"=dword:00000004 "State"=dword:00000003 [HKEY_USERS\S-1-5-21-1043688568-3843691352-3439686833-1004\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\MediaFiles] "Name"="MediaFiles" "Type"="MediaFiles" "Order"=dword:00000003 "State"=dword:00000003 [HKEY_USERS\S-1-5-21-1043688568-3843691352-3439686833-1004\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\NPW] "Name"="NPW" "Param1"="NPW" "Type"="wellknown" "Order"=dword:00000002 "State"=dword:00000007 [HKEY_USERS\S-1-5-21-1043688568-3843691352-3439686833-1004\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\Outlook] "Name"="Outlook" "DisplayName"="Microsoft Outlook" "Param1"="Outlook" "Type"="wellknown" "Order"=dword:00000000 "State"=dword:00000013 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "cd042efbbd7f7af1647644e76e06692b"=hex:2e,e8,e1,00,eb,16,2b,de,67,51,60,c2,65, fd,0c,98,c8,28,51,af,b0,29,a3,98,7c,dd,c8,bc,e5,e3,97,c1,e2,63,26,f1,3f,c8,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,1d,20,7a,19,b4, 4d,de,f3,71,3b,04,66,8b,46,0d,96,4d,95,ff,7d,76,84,20,9b,6a,9c,d6,61,af,45,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "2c81e34222e8052573023a60d06dd016"=hex:ff,7c,85,e0,43,d4,0e,fe,5a,8d,41,9b,7a, 73,f6,17,25,da,ec,7e,55,20,c9,26,1c,ff,ec,83,08,96,d3,f0,ff,7c,85,e0,43,d4,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "2582ae41fb52324423be06337561aa48"=hex:6b,65,49,6a,7e,99,74,f7,bd,ba,4e,46,6e, 6d,1f,01,3e,1e,9e,e0,57,5a,93,61,9f,f6,c5,0b,98,a7,ce,8f,86,8c,21,01,be,91,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "caaeda5fd7a9ed7697d9686d4b818472"=hex:e9,02,6c,fa,fb,1d,47,57,5c,69,6e,bf,36, c0,43,08,cd,44,cd,b9,a6,33,6c,cd,55,c3,60,c3,e7,48,93,5d,f5,1d,4d,73,a8,13,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:df,20,58,62,78,6b,cf,c8,0e,e1,ed,53,b5, 67,73,20,b0,18,ed,a7,3f,8d,37,a4,a3,4a,ef,c7,19,21,9c,7f,df,20,58,62,78,6b,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "4d370831d2c43cd13623e232fed27b7b"=hex:31,77,e1,ba,b1,f8,68,02,c1,00,66,56,84, eb,62,22,31,77,e1,ba,b1,f8,68,02,14,ca,00,2b,fd,da,ff,9f,fb,a7,78,e6,12,2f,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc,e8,04,4a,f1,9b,e8,1f,2a,cf, 5c,7f,5b,83,6c,56,8b,a0,85,96,ab,86,05,68,41,c3,53,ee,a5,01,3a,48,fc,e8,04,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "1fac81b91d8e3c5aa4b0a51804d844a3"=hex:f6,0f,4e,58,98,5b,89,c9,2c,44,c0,80,17, f5,c3,d9,51,fa,6e,91,28,9e,14,cc,7d,e8,a3,78,1a,01,ba,20,f6,0f,4e,58,98,5b,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,db,f4,4a,6a,f5, 7f,93,2f,b1,cd,45,5a,a8,c4,f8,b9,57,8d,11,94,3a,3c,16,1a,3d,ce,ea,26,2d,45,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:2a,b7,cc,b5,b9,7f,41,e7,f0,0f,4e,47,cb, 4b,ad,d9,e3,0e,66,d5,eb,bc,2f,6b,98,45,79,55,27,1f,82,de,2a,b7,cc,b5,b9,7f,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "8a8aec57dd6508a385616fbc86791ec2"=hex:6c,43,2d,1e,aa,22,2f,9c,43,3d,98,c1,1b, 1b,6e,aa,fa,ea,66,7f,d4,3b,6b,70,98,24,64,4a,c8,c6,ca,9b,6c,43,2d,1e,aa,22,\ . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(1036) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(5992) c:\program files\SuperCopier2\SC2Hook.dll c:\windows\system32\netprovcredman.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\SYSTEM32\ATI2EVXX.EXE c:\program files\INTEL\WIRELESS\BIN\S24EVMON.EXE c:\windows\SYSTEM32\ATI2EVXX.EXE c:\program files\AVIRA\ANTIVIR PERSONALEDITION CLASSIC\SCHED.EXE c:\program files\AVIRA\ANTIVIR PERSONALEDITION CLASSIC\AVGUARD.EXE c:\windows\SYSTEM32\AVIDSDMSERVICE.EXE c:\program files\INTEL\WIRELESS\BIN\EVTENG.EXE c:\program files\JAVA\JRE6\BIN\JQS.EXE c:\program files\INTEL\WIRELESS\BIN\REGSRVC.EXE c:\progra~1\MICROS~4\rapimgr.exe c:\windows\SYSTEM32\TCPSVCS.EXE c:\windows\SYSTEM32\WDFMGR.EXE c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe c:\windows\ATK0100\ATKOSD.EXE c:\program files\Logitech\Video\FxSvr2.exe c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe c:\program files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe c:\windows\system32\wbem\wmiapsrv.exe c:\program files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe c:\program files\Intel\Wireless\Bin\Dot1XCfg.exe . ************************************************************************** . Heure de fin: 2009-06-18 14:33 - La machine a redémarré ComboFix-quarantined-files.txt 2009-06-18 12:33 Avant-CF: 5 832 212 480 octets libres Après-CF: 4 739 235 840 octets libres 402 --- E O F --- 2009-06-10 22:01
  6. realisateur
    Bjr, Voici le rapport Combofix : ComboFix 09-06-16.05 - cedric 18/06/2009 8:59:28.2 - FAT32x86 MINIMAL Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1023.808 [GMT 2:00] Lancé depuis: C:\Documents and Settings\cedric\Bureau\Combo-Fix.exe Commutateurs utilisés :: C:\Documents and Settings\cedric\Bureau\CFScript.txt AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} FILE :: "C:\DOCUME~1\cedric\LOCALS~1\Temp\mc23.tmp" "C:\DOCUME~1\cedric\LOCALS~1\Temp\winCB.tmp.exe" "C:\windows\freddy46.exe" "C:\windows\ld09.exe" "C:\windows\mstre19.exe" "C:\WINDOWS\System32\drivers\e6a43b0b.sys" "C:\WINDOWS\system32\drivers\glaide32.sys" "C:\WINDOWS\system32\gytfkmdb.dll" "C:\WINDOWS\TEMP\win111B.tmp.exe" "C:\WINDOWS\TEMP\win165.tmp.exe" "C:\WINDOWS\TEMP\win18.tmp.exe" "C:\WINDOWS\TEMP\winF2A.tmp.exe" "C:\WINDOWS\TEMP\winF2C.tmp.exe" . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\cedric\Application Data\wiaserva.log C:\windows\mstre19.exe C:\WINDOWS\System32\drivers\e6a43b0b.sys C:\WINDOWS\system32\drivers\glaide32.sys C:\WINDOWS\zaponce52597.dat C:\WINDOWS\zaponce52621.dat C:\WINDOWS\zaponce52689.dat C:\WINDOWS\system32\drivers\null.sys était absent Copie restaurée à partir de - C:\WINDOWS\system32\dllcache\null.sys . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_driver -------\Legacy_MCHINJDRV -------\Legacy_TMCOMM -------\Service_driver -------\Service_glaide32 -------\Service_tmcomm -------\Service_e6a43b0b ((((((((((((((((((((((((((((( Fichiers créés du 2009-05-18 au 2009-06-18 )))))))))))))))))))))))))))))))))))) . 2009-06-18 07:05:02 . 2004-08-05 12:00:00 2944 ----a-w- C:\WINDOWS\system32\drivers\null.sys 2009-06-18 06:42:22 . 2009-06-18 06:42:24 0 d-----w- C:\Documents and Settings\cedric\Application Data\Malwarebytes 2009-06-18 06:42:18 . 2009-06-17 09:27:56 38160 ----a-w- C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2009-06-18 06:42:16 . 2009-06-18 06:42:18 0 d-----w- C:\Program Files\Malwarebytes' Anti-Malware 2009-06-18 06:42:16 . 2009-06-18 06:42:18 0 d-----w- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-06-18 06:42:16 . 2009-06-17 09:27:44 19096 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys 2009-06-17 22:49:04 . 2008-05-09 10:15:48 45376 ----a-w- C:\WINDOWS\system32\drivers\avgntdd.sys 2009-06-17 22:49:04 . 2008-01-21 15:11:30 22336 ----a-w- C:\WINDOWS\system32\drivers\avgntmgr.sys 2009-06-17 22:49:02 . 2009-06-17 23:20:42 75096 ----a-w- C:\WINDOWS\system32\drivers\avipbb.sys 2009-06-17 22:49:01 . 2009-06-17 22:49:02 0 d-----w- C:\Program Files\Avira 2009-06-17 22:49:01 . 2009-06-17 22:49:02 0 d-----w- C:\Documents and Settings\All Users\Application Data\Avira 2009-06-17 11:05:49 . 2009-06-17 11:05:50 0 ----a-w- C:\WINDOWS\system32\drivers\75bb293c.sys 2009-06-17 09:18:11 . 2009-06-17 09:18:12 0 d-----w- C:\Program Files\trend micro 2009-06-17 09:18:10 . 2009-06-17 09:18:12 0 d-----w- C:\rsit 2009-06-17 08:41:30 . 2009-06-17 08:41:32 1 ---h--w- C:\WINDOWS\jmmark2.dat 2009-06-17 08:41:30 . 2009-06-17 08:41:32 0 d-----w- C:\Program Files\driver 2009-06-17 08:41:27 . 2009-06-17 08:41:28 1 ---h--w- C:\WINDOWS\bf23567.dat 2009-06-17 08:37:54 . 2009-06-17 08:37:54 0 d-sh--w- C:\FOUND.046 2009-06-15 15:19:17 . 2009-06-15 15:19:18 0 d-----w- C:\Documents and Settings\cedric\Application Data\AVS4YOU 2009-06-15 15:19:10 . 2009-06-15 15:19:12 0 d-----w- C:\Documents and Settings\All Users\Application Data\AVS4YOU 2009-06-15 15:13:59 . 2009-06-15 15:14:00 0 d-----w- C:\Program Files\Fichiers communs\AVSMedia 2009-06-15 15:13:59 . 2009-06-15 15:14:00 0 d-----w- C:\Program Files\AVS4YOU 2009-06-10 11:15:56 . 2009-06-10 11:15:56 0 d-sh--w- C:\FOUND.045 2009-06-08 09:13:18 . 2009-06-08 09:13:18 0 d-sh--w- C:\FOUND.044 2009-05-29 07:13:49 . 2009-05-29 07:13:46 410984 ----a-w- C:\WINDOWS\system32\deploytk.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-05-29 07:13:24 . 2009-04-13 15:09:09 152576 ----a-w- C:\Documents and Settings\cedric\Application Data\Sun\Java\jre1.6.0_13\lzma.dll 2009-05-11 19:51:14 . 2004-09-20 16:47:06 77906 ----a-w- C:\WINDOWS\system32\perfc00C.dat 2009-05-11 19:51:14 . 2004-09-20 16:47:06 474520 ----a-w- C:\WINDOWS\system32\perfh00C.dat 2009-05-07 15:43:40 . 2004-09-20 16:46:38 347136 ----a-w- C:\WINDOWS\system32\localspl.dll 2009-05-04 16:20:46 . 2009-05-04 16:20:44 0 d-----w- C:\Program Files\Fichiers communs\Symantec Shared 2009-05-04 16:20:44 . 2009-05-04 16:20:42 0 d-----w- C:\Program Files\Norton Security Scan 2009-05-01 08:15:56 . 2007-11-23 08:42:22 204643 ----a-w- C:\WINDOWS\E220AutoRunLog.tmp 2009-04-29 04:52:34 . 2004-09-20 16:46:59 663552 ----a-w- C:\WINDOWS\system32\wininet.dll 2009-04-29 04:52:32 . 2009-03-31 21:41:47 81920 ----a-w- C:\WINDOWS\system32\ieencode.dll 2009-04-22 09:06:04 . 2009-04-22 09:06:02 0 d-----w- C:\Documents and Settings\cedric\Application Data\avidemux 2009-04-22 09:05:46 . 2009-04-22 09:05:45 0 d-----w- C:\Program Files\Avidemux 2.4 2009-04-19 20:09:40 . 2004-09-20 16:46:59 1846784 ----a-w- C:\WINDOWS\system32\win32k.sys 2009-04-15 15:17:18 . 2004-09-20 16:46:50 584192 ----a-w- C:\WINDOWS\system32\rpcrt4.dll 2009-03-24 16:33:58 . 2009-03-24 16:33:58 237264 ----a-w- C:\Documents and Settings\cedric\Application Data\Mozilla\plugins\npgoogletalk.dll 2008-08-02 11:51:58 . 2008-08-02 11:29:32 122880 ----a-w- C:\Program Files\mozilla firefox\components\GoogleDesktopMozilla.dll 2006-05-03 09:06:54 . 2007-03-12 20:38:03 163328 --sh--r- C:\WINDOWS\system32\flvDX.dll 2007-02-21 10:47:16 . 2009-03-27 10:06:04 31232 --sh--r- C:\WINDOWS\system32\msfDX.dll 2008-03-16 12:30:52 . 2009-03-27 10:06:04 216064 --sh--r- C:\WINDOWS\system32\nbDX.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 10:55:02 5674352] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-13 06:49:02 68856] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-02-12 18:10:40 21898024] "SuperCopier2.exe"="C:\Program Files\SuperCopier2\SuperCopier2.exe" [2006-07-07 16:45:00 1052672] "WengoPhoneNG"="C:\Program Files\WengoPhone\qtwengophone.exe" [2006-12-11 09:43:14 6254592] "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-08-02 11:51:58 29744] "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 12:07:02 1289000] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 12:00:00 15360] "Google Update"="C:\Documents and Settings\cedric\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-11-12 13:03:24 133104] "TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-04-08 10:38:14 251240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HControl"="C:\WINDOWS\ATK0100\HControl.exe" [2005-04-12 05:17:08 102400] "ASUS Live Update"="C:\Program Files\ASUS\ASUS Live Update\ALU.exe" [2003-09-19 10:54:44 172032] "Wireless Console"="C:\Program Files\ASUS\Wireless Console\wcourier.exe" [2005-03-02 19:52:08 57344] "SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-12-21 23:23:00 98394] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-12-21 23:23:00 688218] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-02-12 19:05:00 339968] "Power_Gear"="C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe" [2004-09-21 14:55:40 81920] "H2O"="C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe" [2005-05-11 00:46:02 200069] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 18:24:46 32768] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50:42 155648] "SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [2009-05-29 07:14:30 148888] "TomTomHOME.exe"="C:\Program Files\TomTom HOME\TomTomHOME.exe" [2007-03-14 14:52:50 3770024] "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-08-02 11:51:58 29744] "IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-10-08 12:18:04 995328] "IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-10-08 12:13:36 1101824] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-12-03 19:31:04 282624] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-09-28 18:31:40 185872] "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-01-19 09:05:48 221184] "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-01-19 09:45:36 458752] "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-01-19 09:39:16 217088] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 20:16:38 39792] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 11:28:42 266497] "SoundMan"="SOUNDMAN.EXE" - C:\WINDOWS\SOUNDMAN.EXE [2004-11-05 07:03:00 73728] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 12:00:00 15360] C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2004-12-22 45056] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588] Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2007-8-7 113664] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "wave1"=hdspmme.dll "wave3"=hdspmme.dll "Midi1"=hdspmme.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] @="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "SoundService"=rundll32.exe "C:\WINDOWS\system32\gytfkmdb.dll",setvm "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Messenger\\MSMSGS.EXE"= "C:\\Program Files\\FlashFXP\\flashfxp.exe"= "C:\\Program Files\\ASUS\\ASUS Live Update\\LiveUpdt.exe"= "C:\\Program Files\\WengoPhone\\qtwengophone.exe"= "C:\\Program Files\\Resolume-2-2\\resolume.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "C:\\Documents and Settings\\CEDRIC\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"= "C:\\Documents and Settings\\CEDRIC\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service "8085:TCP"= 8085:TCP:driver R0 R592;R592;C:\WINDOWS\system32\drivers\R592.sys [15/10/2004 03:34:00 57088] R0 risdpntk;risdpntk;C:\WINDOWS\system32\drivers\risdpntk.sys [15/10/2004 03:34:00 27264] R3 CLEDX;Team H2O CLEDX service;C:\WINDOWS\system32\drivers\cledx.sys [21/07/2005 17:27:31 33792] S1 driverdrv;driverdrv;\??\C:\Program Files\driver\driver.sys --> C:\Program Files\driver\driver.sys [?] S1 PDIDRV;PDIDRV; [x] S2 gupdate1c985d81c5efe6c;Google Update Service (gupdate1c985d81c5efe6c);C:\Program Files\Google\Update\GoogleUpdate.exe [03/02/2009 09:19:02 133104] S3 Asushwio;Asushwio;C:\WINDOWS\system32\drivers\ASUSHWIO.SYS [22/07/2005 04:00:37 5824] S3 camvid20;Philips ToUcam Camera; Video;C:\WINDOWS\system32\drivers\camdrv21.sys [28/09/2005 16:52:03 223232] S3 cxwibu;Team H2O WIBU Driver;C:\Program Files\WIBUKEY\H2O\cxwibu.sys [26/07/2006 13:11:57 7040] S3 EchoIndigoIO;Echo Indigo io Service;C:\WINDOWS\system32\drivers\echondgo.sys [25/08/2003 10:33:24 124160] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [14/03/2007 22:07:54 29744] S3 hdsp;RME Hammerfall Audio Device;C:\WINDOWS\system32\DRIVERS\hdsp.sys --> C:\WINDOWS\system32\DRIVERS\hdsp.sys [?] S3 LMASFltr;LMASFltr;C:\WINDOWS\system32\drivers\LMASFltr.sys --> C:\WINDOWS\system32\drivers\LMASFltr.sys [?] S3 massfilter;ZTE Mass Storage Filter Driver;C:\WINDOWS\system32\drivers\massfilter.sys --> C:\WINDOWS\system32\drivers\massfilter.sys [?] S3 MMAUSB;M-Audio USB ASIO Driver;C:\WINDOWS\system32\Drivers\MMAUSB.SYS --> C:\WINDOWS\system32\Drivers\MMAUSB.SYS [?] S3 phil2vid;Appareil photo VGA USB Philips PCVC690;C:\WINDOWS\system32\drivers\philcam2.sys [06/04/2007 14:31:31 173696] S3 sdAuxService;PC Tools Auxiliary Service;C:\Program Files\Spyware Doctor\pctsAuxs.exe [26/03/2008 17:36:10 356920] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] driver REG_MULTI_SZ driver [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E4066320-E4AE-11CF-B1B0-00AA00BBAD66}] rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\fpxpress.inf,PerUserstub . Contenu du dossier 'Tâches planifiées' 2009-06-18 C:\WINDOWS\Tasks\WGASetup.job - C:\WINDOWS\system32\KB905474\wgasetup.exe [2009-04-13 23:54:44 . 2009-03-10 20:18:10] 2009-06-12 C:\WINDOWS\Tasks\Norton Security Scan for cedric.job - C:\Program Files\Norton Security Scan\Nss.exe [2008-09-19 02:18:06 . 2009-03-11 18:20:08] 2009-06-18 C:\WINDOWS\Tasks\Google Software Updater.job - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-03-14 20:09:31 . 2009-03-24 07:41:38] 2009-06-18 C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1043688568-3843691352-3439686833-1004.job - C:\Documents and Settings\cedric\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-11-12 13:03:22 . 2008-11-12 13:03:24] 2009-06-18 C:\WINDOWS\Tasks\GoogleUpdateTaskMachine.job - C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-03 07:19:02 . 2009-02-03 07:18:40] . - - - - ORPHELINS SUPPRIMES - - - - BHO-{158996E7-8E06-4119-8935-849CF71B46F9} - (no file) BHO-{363AE83D-6ECF-1E57-8F6E-032C8E9056F8} - (no file) BHO-{4C1FD760-D260-117C-2C4B-08A8CF2CF25E} - (no file) BHO-{FB3BDDEF-DCA7-42E7-AB80-B7A783938E26} - (no file) HKLM-Run-PinnacleDriverCheck - C:\WINDOWS\system32\PSDrvCheck.exe HKLM-Run-!AVG Anti-Spyware - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe HKLM-Run-AVG8_TRAY - C:\PROGRA~1\AVG\AVG8\avgtray.exe Notify-avgrsstarter - (no file) Notify-IntelWireless - (no file) SafeBoot-AVG Anti-Spyware Driver SafeBoot-AVG Anti-Spyware Guard . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.com/webhp?sourceid=navclient&hl=fr&ie=UTF-8 uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms} uInternet Connection Wizard,ShellNext = hxxp://www.asus.com/ uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: {{F6E600B5-48EA-421A-AF6A-61948BB737F3} - {F6E600B5-48EA-421A-AF6A-61948BB737F3} - . Et voici le rapport MBAM : Merci Malwarebytes' Anti-Malware 1.38 Version de la base de données: 2302 Windows 5.1.2600 Service Pack 2 18/06/2009 10:33:40 mbam-log-2009-06-18 (10-33-40).txt Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|) Eléments examinés: 206501 Temps écoulé: 1 hour(s), 12 minute(s), 18 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 2 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\driverdrv (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\driver (Trojan.Downloader) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\8085:tcp (Malware.Trace) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\WINDOWS\bf23567.dat (Worm.KoobFace) -> Quarantined and deleted successfully. C:\Program Files\driver\driver.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
  7. realisateur
    Et voici le rapport RSIT J'espère que ça te parle car moi j'y comprends rien ! Logfile of random's system information tool 1.06 (written by random/random) Run by cedric at 2009-06-18 02:32:18 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 5 GB (10%) free of 45 GB Total RAM: 1023 MB (38% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 02:32:28, on 18/06/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\system32\AvidSDMService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\ATK0100\HControl.exe C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\Program Files\ASUS\Wireless Console\wcourier.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ATK0100\ATKOSD.exe C:\Program Files\TomTom HOME\TomTomHOME.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\PROGRA~1\MICROS~4\rapimgr.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\windows\mstre19.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\cedric\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe C:\Documents and Settings\cedric\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\cedric\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Documents and Settings\cedric\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\cedric\Bureau\RSIT.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\trend micro\cedric.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {158996E7-8E06-4119-8935-849CF71B46F9} - (no file) O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {363AE83D-6ECF-1E57-8F6E-032C8E9056F8} - (no file) O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: (no name) - {4C1FD760-D260-117C-2C4B-08A8CF2CF25E} - (no file) O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll O2 - BHO: (no name) - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - (no file) O2 - BHO: (no name) - {FB3BDDEF-DCA7-42E7-AB80-B7A783938E26} - (no file) O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe O4 - HKLM\..\Run: [Wireless Console] C:\Program Files\ASUS\Wireless Console\wcourier.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1 O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [sysldtray] C:\windows\ld09.exe O4 - HKLM\..\Run: [sysfbtray] C:\windows\freddy46.exe O4 - HKLM\..\Run: [sysmstray] C:\windows\mstre19.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [WengoPhoneNG] C:\Program Files\WengoPhone\qtwengophone.exe -b O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\cedric\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Video URL Extractor - {F6E600B5-48EA-421A-AF6A-61948BB737F3} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Video URL Extractor... - {F6E600B5-48EA-421A-AF6A-61948BB737F3} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} - O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8300.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/...tiveXPlugin.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.ipernity.com/E/Applets/Uploader...oader4.cab?v4.7 O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\ O20 - Winlogon Notify: jkkkkki - C:\WINDOWS\ O20 - Winlogon Notify: vturr - C:\WINDOWS\ O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (antivirscheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (antivirservice) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Avid SDM Service (AvidSDMService) - Avid Technology, Inc. - C:\WINDOWS\system32\AvidSDMService.exe O23 - Service: Avid Startup (AvidStartup) - Unknown owner - C:\WINDOWS\system32\AvidStartup.exe O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\ O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Update Service (gupdate1c985d81c5efe6c) (gupdate1c985d81c5efe6c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: Mises à jour automatiques (wuauserv) - Unknown owner - C:\WINDOWS\ -- End of file - 15678 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\WGASetup.job C:\WINDOWS\tasks\Norton Security Scan for cedric.job C:\WINDOWS\tasks\Google Software Updater.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1043688568-3843691352-3439686833-1004.job C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{158996E7-8E06-4119-8935-849CF71B46F9}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-09-28 308832] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{363AE83D-6ECF-1E57-8F6E-032C8E9056F8}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4C1FD760-D260-117C-2C4B-08A8CF2CF25E}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}] Megaupload Toolbar - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL [2007-07-31 1933256] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-04-17 323904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-05-03 259696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-24 668656] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}] IeMonitorBho Class - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll [2007-08-16 110592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-29 35840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}] FlashFXP Helper for Internet Explorer - C:\PROGRA~1\FlashFXP\IEFlash.dll [2005-05-04 191096] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB3BDDEF-DCA7-42E7-AB80-B7A783938E26}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - Megaupload Toolbar - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL [2007-07-31 1933256] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-05-03 259696] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "HControl"=C:\WINDOWS\ATK0100\HControl.exe [2005-04-12 102400] "ASUS Live Update"=C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2003-09-19 172032] "Wireless Console"=C:\Program Files\ASUS\Wireless Console\wcourier.exe [2005-03-02 57344] "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-12-22 98394] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-12-22 688218] "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-02-12 339968] "Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2004-09-21 81920] "H2O"=C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [2005-05-11 200069] "RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-29 148888] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-11-05 73728] "PinnacleDriverCheck"=C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg [] "TomTomHOME.exe"=C:\Program Files\TomTom HOME\TomTomHOME.exe [2007-03-14 3770024] "Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-02 29744] "IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2007-10-08 995328] "IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2007-10-08 1101824] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-12-03 282624] "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-09-28 185872] "LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-01-19 221184] "LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2005-01-19 458752] "LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2005-01-19 217088] "!AVG Anti-Spyware"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe /minimized [] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792] "AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [] "sysldtray"=C:\windows\ld09.exe [] "sysfbtray"=C:\windows\freddy46.exe [] "sysmstray"=C:\windows\mstre19.exe [2009-06-17 31744] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-13 68856] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-02-12 21898024] "SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2006-07-07 1052672] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] "WengoPhoneNG"=C:\Program Files\WengoPhone\qtwengophone.exe [2006-12-11 6254592] "Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-02 29744] "H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360] "Google Update"=C:\Documents and Settings\cedric\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-11-12 133104] "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-04-08 251240] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrintDrive] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Soec] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] C:\WINDOWS\SOUNDMAN.EXE [2004-11-05 73728] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundService] C:\WINDOWS\system32\gytfkmdb.dll,setvm [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VaCtrls] v7 [] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2005-02-12 61440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\jkkkkki] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\vturr] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-05 240128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Messenger\MSMSGS.EXE"="C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger" "C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe"="C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe:*:Enabled:Dreamweaver MX 2004" "C:\Program Files\FlashFXP\flashfxp.exe"="C:\Program Files\FlashFXP\flashfxp.exe:*:Enabled:FlashFXP v3" "C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe"="C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe:*:Enabled:Lecteur CANALPLAY" "C:\Program Files\Lecteur CANALPLAY\CanalPlayerHelper.exe"="C:\Program Files\Lecteur CANALPLAY\CanalPlayerHelper.exe:*:Enabled:Lecteur CANALPLAY Helper" "C:\Program Files\FTP Commander\Ftpcomm.exe"="C:\Program Files\FTP Commander\Ftpcomm.exe:*:Enabled:Ftpcomm" "C:\Program Files\ASUS\ASUS Live Update\LiveUpdt.exe"="C:\Program Files\ASUS\ASUS Live Update\LiveUpdt.exe:*:Enabled:LiveUpdt" "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\DOCUME~1\cedric\LOCALS~1\Temp\winCB.tmp.exe"="C:\DOCUME~1\cedric\LOCALS~1\Temp\winCB.tmp.exe:*:Enabled:winCB.tmp" "C:\WINDOWS\TEMP\win18.tmp.exe"="C:\WINDOWS\TEMP\win18.tmp.exe:*:Enabled:win18.tmp" "C:\WINDOWS\TEMP\win165.tmp.exe"="C:\WINDOWS\TEMP\win165.tmp.exe:*:Enabled:win165.tmp" "C:\Program Files\WengoPhone\qtwengophone.exe"="C:\Program Files\WengoPhone\qtwengophone.exe:*:Enabled:WengoPhone" "C:\WINDOWS\TEMP\winF2A.tmp.exe"="C:\WINDOWS\TEMP\winF2A.tmp.exe:*:Enabled:winF2A.tmp" "C:\Program Files\Pinnacle\MediaCenter\Pmc.exe"="C:\Program Files\Pinnacle\MediaCenter\Pmc.exe:LocalSubNet:Enabled:Pmc.exe" "C:\Program Files\Pinnacle\MediaCenter\PSST.exe"="C:\Program Files\Pinnacle\MediaCenter\PSST.exe:LocalSubNet:Enabled:PSST.exe" "C:\Program Files\Pinnacle\MediaCenter\PMSInstallInit.exe"="C:\Program Files\Pinnacle\MediaCenter\PMSInstallInit.exe:LocalSubNet:Enabled:PMSInstallInit.exe" "C:\Program Files\Pinnacle\MediaCenter\PMC.Tvtv.Wizard.exe"="C:\Program Files\Pinnacle\MediaCenter\PMC.Tvtv.Wizard.exe:LocalSubNet:Enabled:PMC.Tvtv.Wizard.exe" "C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe:LocalSubNet:Disabled:PMCService" "C:\WINDOWS\TEMP\winF2C.tmp.exe"="C:\WINDOWS\TEMP\winF2C.tmp.exe:*:Enabled:winF2C.tmp" "C:\WINDOWS\TEMP\win111B.tmp.exe"="C:\WINDOWS\TEMP\win111B.tmp.exe:*:Enabled:win111B.tmp" "C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe"="C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe:*:Enabled:Kerio Personal Firewall 4 - GUI" "C:\Program Files\Resolume-2-2\resolume.exe"="C:\Program Files\Resolume-2-2\resolume.exe:*:Enabled:Resolume 2.2" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\Program Files\RayV\RayV\RayV.exe"="C:\Program Files\RayV\RayV\RayV.exe:*:Enabled:RayV" "C:\Documents and Settings\CEDRIC\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll"="C:\Documents and Settings\CEDRIC\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin" "C:\Documents and Settings\CEDRIC\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\CEDRIC\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. The whole world can talk for free." [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\FlashFXP\flashfxp.exe"="C:\Program Files\FlashFXP\flashfxp.exe:*:Enabled:FlashFXP v3" "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" ======File associations====== .js - open - ======List of files/folders created in the last 1 months====== 2009-06-18 00:49:01 ----D---- C:\Program Files\Avira 2009-06-18 00:49:01 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2009-06-18 00:47:58 ----SHD---- C:\Recycled 2009-06-17 13:16:19 ----H---- C:\WINDOWS\mstre19.exe 2009-06-17 12:57:20 ----A---- C:\Boot.bak 2009-06-17 12:57:16 ----RASHD---- C:\cmdcons 2009-06-17 12:56:01 ----A---- C:\WINDOWS\zip.exe 2009-06-17 12:56:01 ----A---- C:\WINDOWS\SWXCACLS.exe 2009-06-17 12:56:01 ----A---- C:\WINDOWS\SWSC.exe 2009-06-17 12:56:01 ----A---- C:\WINDOWS\SWREG.exe 2009-06-17 12:56:01 ----A---- C:\WINDOWS\sed.exe 2009-06-17 12:56:01 ----A---- C:\WINDOWS\PEV.exe 2009-06-17 12:56:01 ----A---- C:\WINDOWS\NIRCMD.exe 2009-06-17 12:56:01 ----A---- C:\WINDOWS\grep.exe 2009-06-17 12:54:19 ----D---- C:\WINDOWS\ERDNT 2009-06-17 12:54:17 ----SD---- C:\Combo-Fix 2009-06-17 12:54:17 ----A---- C:\WINDOWS\system32\CF6519.exe 2009-06-17 11:18:11 ----D---- C:\Program Files\trend micro 2009-06-17 11:18:10 ----D---- C:\rsit 2009-06-17 10:41:30 ----D---- C:\Program Files\driver 2009-06-17 10:41:30 ----A---- C:\ARK17.tmp 2009-06-17 10:37:54 ----SHD---- C:\FOUND.046 2009-06-15 17:19:17 ----D---- C:\Documents and Settings\cedric\Application Data\AVS4YOU 2009-06-15 17:19:10 ----D---- C:\Documents and Settings\All Users\Application Data\AVS4YOU 2009-06-15 17:13:59 ----D---- C:\Program Files\Fichiers communs\AVSMedia 2009-06-15 17:13:59 ----D---- C:\Program Files\AVS4YOU 2009-06-11 00:01:03 ----HD---- C:\WINDOWS\$NtUninstallKB961501$ 2009-06-11 00:00:46 ----HD---- C:\WINDOWS\$NtUninstallKB969897$ 2009-06-11 00:00:38 ----HD---- C:\WINDOWS\$NtUninstallKB969898$ 2009-06-10 23:59:04 ----HD---- C:\WINDOWS\$NtUninstallKB970238$ 2009-06-10 23:59:00 ----A---- C:\WINDOWS\imsins.BAK 2009-06-10 23:58:55 ----HD---- C:\WINDOWS\$NtUninstallKB968537$ 2009-06-10 13:15:56 ----SHD---- C:\FOUND.045 2009-06-08 11:13:18 ----SHD---- C:\FOUND.044 2009-05-29 09:13:49 ----A---- C:\WINDOWS\system32\deploytk.dll ======List of files/folders modified in the last 1 months====== 2009-06-18 01:21:50 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-06-17 13:05:04 ----A---- C:\WINDOWS\system.ini 2009-06-17 12:57:22 ----RASH---- C:\boot.ini 2009-06-16 13:18:50 ----A---- C:\WINDOWS\lexstat.ini 2009-06-15 12:11:38 ----A---- C:\WINDOWS\NeroDigital.ini 2009-06-01 18:51:12 ----A---- C:\WINDOWS\system32\MRT.exe 2009-05-29 09:13:46 ----A---- C:\WINDOWS\system32\javaws.exe 2009-05-29 09:13:46 ----A---- C:\WINDOWS\system32\javaw.exe 2009-05-29 09:13:46 ----A---- C:\WINDOWS\system32\java.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2001-02-01 25244] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-06-18 75096] R1 driverdrv;driverdrv; \??\C:\Program Files\driver\driver.sys [] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248] R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2004-10-05 62799] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-11-16 21361] R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys [] R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-09-02 13059] R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-08-27 12288] R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2004-09-10 84064] R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys [] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-11-05 2284864] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-02-12 986624] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [] R3 CLEDX;Team H2O CLEDX service; C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 33792] R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080] R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-09-02 1041536] R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-09-02 200064] R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824] R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 SMCIRDA;SMSC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2005-01-09 46592] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-12-22 186240] R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2005-01-08 51582] R3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2005-01-17 98304] R3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2004-07-09 36531] R3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2004-11-16 50048] R3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-07 18612] R3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2004-12-22 34816] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] R3 w29n51;Pilote de carte de connexion réseau Intel® PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2007-07-25 2210048] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-09-02 685056] R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\yukonwxp.sys [2004-06-01 142464] S1 e6a43b0b;e6a43b0b; C:\WINDOWS\System32\drivers\e6a43b0b.sys [] S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848] S1 PDIDRV;PDIDRV; C:\WINDOWS\system32\drivers\PDIDRV.sys [] S2 Nsynas32;Nsynas32; C:\WINDOWS\system32\drivers\Nsynas32.sys [2001-04-09 17784] S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2004-08-03 48128] S3 Asushwio;Asushwio; \??\C:\WINDOWS\system32\drivers\Asushwio.sys [] S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2004-08-03 38912] S3 AVCSTRM;AVC Streaming Filter Driver; C:\WINDOWS\system32\DRIVERS\avcstrm.sys [2004-08-03 13696] S3 camvid20;Philips ToUcam Camera; Video; C:\WINDOWS\system32\DRIVERS\camdrv21.sys [2001-08-17 223232] S3 catchme;catchme; \??\C:\DOCUME~1\cedric\LOCALS~1\Temp\catchme.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 CO_Mon;CO_Mon; \??\C:\WINDOWS\system32\Drivers\CO_Mon.sys [] S3 cxwibu;Team H2O WIBU Driver; \??\C:\Program Files\WIBUKEY\H2O\cxwibu.sys [] S3 EchoIndigoIO;Echo Indigo io Service; C:\WINDOWS\system32\drivers\echondgo.sys [2003-08-25 124160] S3 hdsp;RME Hammerfall Audio Device; C:\WINDOWS\system32\DRIVERS\hdsp.sys [] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2007-04-20 100992] S3 IKFileSec;File Security Driver; C:\WINDOWS\system32\drivers\ikfilesec.sys [2009-01-13 40840] S3 IKSysFlt;System Filter Driver; C:\WINDOWS\system32\drivers\iksysflt.sys [2009-01-13 66952] S3 IKSysSec;System Security Driver; C:\WINDOWS\system32\drivers\iksyssec.sys [2009-01-13 81288] S3 LMASFltr;LMASFltr; C:\WINDOWS\system32\drivers\LMASFltr.sys [] S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-04-01 22016] S3 massfilter;ZTE Mass Storage Filter Driver; C:\WINDOWS\system32\drivers\massfilter.sys [] S3 MMAUSB;M-Audio USB ASIO Driver; C:\WINDOWS\System32\Drivers\MMAUSB.SYS [] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-03 15360] S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2004-08-03 51328] S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2004-08-03 22016] S3 MSTAPE;Microsoft AV/C Tape Subunit Device; C:\WINDOWS\system32\DRIVERS\mstape.sys [2004-08-03 49024] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-05 40320] S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2005-04-01 7072] S3 phil2vid;Appareil photo VGA USB Philips PCVC690; C:\WINDOWS\system32\DRIVERS\philcam2.sys [2001-08-17 173696] S3 PID_08A0;Labtec WebCam(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2005-04-01 913280] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2002-10-17 2851] S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2004-12-16 50048] S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2005-10-21 12800] S3 USB28xxBGA;Pinnacle PCTV DVB-T USB Stick; C:\WINDOWS\system32\DRIVERS\emBDA.sys [2005-11-22 209408] S3 USB28xxOEM;USB 28xx OEM Filter; C:\WINDOWS\system32\DRIVERS\emOEM.sys [2005-11-22 17792] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024] S3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-04-10 104576] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S4 mchinjdrv;mchinjdrv; \??\C:\DOCUME~1\cedric\LOCALS~1\Temp\mc23.tmp [] S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 antivirscheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865] R2 antivirservice;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-02-12 344064] R2 AvidSDMService;Avid SDM Service; C:\WINDOWS\system32\AvidSDMService.exe [2003-05-01 57344] R2 driver;driver; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336] R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-10-08 794624] R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-29 152984] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-10-08 483328] R2 S24EventMonitor;Intel® PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-10-08 1183744] R2 SimpTcp;Services TCP/IP simplifiés; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-05 19456] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912] S2 AvidStartup;Avid Startup; C:\WINDOWS\system32\AvidStartup.exe [2003-07-02 241664] S2 gupdate1c985d81c5efe6c;Google Update Service (gupdate1c985d81c5efe6c); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-03 133104] S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-08-07 68096] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-02 29744] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2008-06-13 356920] S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2009-01-13 1079176] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136] S4 Aspmpusb;Aspmpusb; C:\WINDOWS\system32\drivers\msfs.sys [2004-08-05 19072] -----------------EOF-----------------
  8. realisateur
    Hello, Le rapport Antivir : Avira AntiVir Personal Date de création du fichier de rapport : jeudi 18 juin 2009 01:34 La recherche porte sur 1468438 souches de virus. Détenteur de la licence :Avira AntiVir PersonalEdition Classic Numéro de série : 0000149996-ADJIE-0001 Plateforme : Windows XP Version de Windows :(Service Pack 2) [5.1.2600] Mode Boot : Démarré normalement Identifiant : SYSTEM Nom de l'ordinateur :LIVE Informations de version : BUILD.DAT : 8.2.0.61 17752 Bytes 25/05/2009 13:47:00 AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 07:21:02 AVSCAN.DLL : 8.1.4.1 49921 Bytes 21/07/2008 12:44:28 LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 11:44:18 LUKERES.DLL : 8.1.4.0 13057 Bytes 04/07/2008 06:30:28 ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 10:30:38 ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 23:20:06 ANTIVIR2.VDF : 7.1.4.87 2982912 Bytes 12/06/2009 23:20:18 ANTIVIR3.VDF : 7.1.4.107 73728 Bytes 17/06/2009 23:20:20 Version du moteur: 8.2.0.191 AEVDF.DLL : 8.1.1.1 106868 Bytes 17/06/2009 23:20:36 AESCRIPT.DLL : 8.1.2.9 409978 Bytes 17/06/2009 23:20:34 AESCN.DLL : 8.1.2.3 127347 Bytes 17/06/2009 23:20:34 AERDL.DLL : 8.1.1.3 438645 Bytes 04/11/2008 12:58:40 AEPACK.DLL : 8.1.3.18 401783 Bytes 17/06/2009 23:20:32 AEOFFICE.DLL : 8.1.0.38 196987 Bytes 17/06/2009 23:20:30 AEHEUR.DLL : 8.1.0.133 1798520 Bytes 17/06/2009 23:20:30 AEHELP.DLL : 8.1.3.6 205174 Bytes 17/06/2009 23:20:26 AEGEN.DLL : 8.1.1.45 348532 Bytes 17/06/2009 23:20:24 AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 09:05:58 AECORE.DLL : 8.1.6.12 180599 Bytes 17/06/2009 23:20:22 AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 09:05:58 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 07:40:04 AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 08:28:00 AVREP.DLL : 8.0.0.3 155688 Bytes 17/06/2009 23:20:20 AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 10:26:38 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 07:29:20 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 11:27:48 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 16:28:04 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 11:49:38 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 11:05:08 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 04/07/2008 06:23:18 RCTEXT.DLL : 8.0.52.1 86273 Bytes 17/07/2008 09:08:44 Configuration pour la recherche actuelle : Nom de la tâche..................: Contrôle intégral du système Fichier de configuration.........: c:\program files\avira\antivir personaledition classic\sysscan.avp Documentation....................: bas Action principale................: interactif Action secondaire................: ignorer Recherche sur les secteurs d'amorçage maître: marche Recherche sur les secteurs d'amorçage: marche Secteurs d'amorçage..............: C:, D:, Recherche dans les programmes actifs: marche Recherche en cours sur l'enregistrement: marche Recherche de Rootkits............: marche Fichier mode de recherche........: Tous les fichiers Recherche sur les archives.......: marche Limiter la profondeur de récursivité: 20 Archive Smart Extensions.........: marche Types d'archives divergents......: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox, Heuristique de macrovirus........: marche Heuristique fichier..............: moyen Catégories de dangers divergentes: +APPL,+GAME,+JOKE,+PCK,+SPR, Début de la recherche : jeudi 18 juin 2009 01:34 La recherche d'objets cachés commence. HKEY_LOCAL_MACHINE\System\ControlSet001\Services\glaide32\type [iNFO] L'entrée d'enregistrement n'est pas visible. HKEY_LOCAL_MACHINE\System\ControlSet001\Services\glaide32\start [iNFO] L'entrée d'enregistrement n'est pas visible. HKEY_LOCAL_MACHINE\System\ControlSet001\Services\glaide32\errorcontrol [iNFO] L'entrée d'enregistrement n'est pas visible. HKEY_LOCAL_MACHINE\System\ControlSet001\Services\glaide32\imagepath [iNFO] L'entrée d'enregistrement n'est pas visible. HKEY_LOCAL_MACHINE\System\ControlSet001\Services\glaide32\extparamd [iNFO] L'entrée d'enregistrement n'est pas visible. HKEY_LOCAL_MACHINE\System\ControlSet001\Services\glaide32\f96zk6npb [iNFO] L'entrée d'enregistrement n'est pas visible. HKEY_LOCAL_MACHINE\System\ControlSet001\Services\glaide32\Security\security [iNFO] L'entrée d'enregistrement n'est pas visible. HKEY_LOCAL_MACHINE\System\ControlSet001\Services\glaide32\type [iNFO] L'entrée d'enregistrement n'est pas visible. HKEY_LOCAL_MACHINE\System\ControlSet001\Services\glaide32\start [iNFO] L'entrée d'enregistrement n'est pas visible. HKEY_LOCAL_MACHINE\System\ControlSet001\Services\glaide32\errorcontrol [iNFO] L'entrée d'enregistrement n'est pas visible. HKEY_LOCAL_MACHINE\System\ControlSet001\Services\glaide32\imagepath [iNFO] L'entrée d'enregistrement n'est pas visible. HKEY_LOCAL_MACHINE\System\ControlSet001\Services\glaide32\extparamd [iNFO] L'entrée d'enregistrement n'est pas visible. HKEY_LOCAL_MACHINE\System\ControlSet001\Services\glaide32\f96zk6npb [iNFO] L'entrée d'enregistrement n'est pas visible. HKEY_LOCAL_MACHINE\System\ControlSet001\Services\glaide32\Security\security [iNFO] L'entrée d'enregistrement n'est pas visible. '80517' objets ont été contrôlés, '14' objets cachés ont été trouvés. La recherche sur les processus démarrés commence : Processus de recherche 'GUARDGUI.EXE' - '1' module(s) sont contrôlés Processus de recherche 'GUARDGUI.EXE' - '1' module(s) sont contrôlés Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés Processus de recherche 'chrome.exe' - '1' module(s) sont contrôlés Processus de recherche 'chrome.exe' - '1' module(s) sont contrôlés Processus de recherche 'chrome.exe' - '1' module(s) sont contrôlés Processus de recherche 'TosBtProc.exe' - '1' module(s) sont contrôlés Processus de recherche 'TosOBEX.exe' - '1' module(s) sont contrôlés Processus de recherche 'TosBtHSP.exe' - '1' module(s) sont contrôlés Processus de recherche 'TosA2dp.exe' - '1' module(s) sont contrôlés Processus de recherche 'TosBtMng.exe' - '1' module(s) sont contrôlés Processus de recherche 'GoogleUpdate.exe' - '1' module(s) sont contrôlés Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés Processus de recherche 'qtwengophone.exe' - '1' module(s) sont contrôlés Processus de recherche 'TeaTimer.exe' - '1' module(s) sont contrôlés Processus de recherche 'SuperCopier2.exe' - '1' module(s) sont contrôlés Processus de recherche 'Skype.exe' - '1' module(s) sont contrôlés Processus de recherche 'wscntfy.exe' - '1' module(s) sont contrôlés Processus de recherche 'MsnMsgr.Exe' - '1' module(s) sont contrôlés Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés Processus de recherche 'AVGNT.EXE' - '1' module(s) sont contrôlés Processus de recherche 'MSTRE19.EXE' - '1' module(s) sont contrôlés Processus de recherche 'wcescomm.exe' - '1' module(s) sont contrôlés Processus de recherche 'Dot1XCfg.exe' - '1' module(s) sont contrôlés Processus de recherche 'rapimgr.exe' - '1' module(s) sont contrôlés Processus de recherche 'GoogleDesktop.exe' - '1' module(s) sont contrôlés Processus de recherche 'FxSvr2.exe' - '1' module(s) sont contrôlés Processus de recherche 'LogiTray.exe' - '1' module(s) sont contrôlés Processus de recherche 'LVCOMSX.EXE' - '1' module(s) sont contrôlés Processus de recherche 'realsched.exe' - '1' module(s) sont contrôlés Processus de recherche 'qttask.exe' - '1' module(s) sont contrôlés Processus de recherche 'iFrmewrk.exe' - '1' module(s) sont contrôlés Processus de recherche 'ZCfgSvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'GoogleDesktop.exe' - '1' module(s) sont contrôlés Processus de recherche 'TomTomHOME.exe' - '1' module(s) sont contrôlés Processus de recherche 'ATKOSD.exe' - '1' module(s) sont contrôlés Processus de recherche 'SOUNDMAN.EXE' - '1' module(s) sont contrôlés Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés Processus de recherche 'PDVDServ.exe' - '1' module(s) sont contrôlés Processus de recherche 'cledx.exe' - '1' module(s) sont contrôlés Processus de recherche 'BatteryLife.exe' - '1' module(s) sont contrôlés Processus de recherche 'atiptaxx.exe' - '1' module(s) sont contrôlés Processus de recherche 'SynTPEnh.exe' - '1' module(s) sont contrôlés Processus de recherche 'SynTPLpr.exe' - '1' module(s) sont contrôlés Processus de recherche 'wcourier.exe' - '1' module(s) sont contrôlés Processus de recherche 'ALU.exe' - '1' module(s) sont contrôlés Processus de recherche 'HControl.exe' - '1' module(s) sont contrôlés Processus de recherche 'wmiapsrv.exe' - '1' module(s) sont contrôlés Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés Processus de recherche 'wdfmgr.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'tcpsvcs.exe' - '1' module(s) sont contrôlés Processus de recherche 'RegSrvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'jqs.exe' - '1' module(s) sont contrôlés Processus de recherche 'EvtEng.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'AvidSDMService.exe' - '1' module(s) sont contrôlés Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'GoogleUpdate.exe' - '1' module(s) sont contrôlés Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'Explorer.EXE' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'Ati2evxx.exe' - '1' module(s) sont contrôlés Processus de recherche 'S24EvMon.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'Ati2evxx.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés Processus de recherche 'services.exe' - '1' module(s) sont contrôlés Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés Processus de recherche 'SMSS.EXE' - '1' module(s) sont contrôlés '77' processus ont été contrôlés avec '77' modules La recherche sur les secteurs d'amorçage maître commence : Secteur d'amorçage maître HD0 [iNFO] Aucun virus trouvé ! La recherche sur les secteurs d'amorçage commence : Secteur d'amorçage 'C:\' [iNFO] Aucun virus trouvé ! Secteur d'amorçage 'D:\' [iNFO] Aucun virus trouvé ! La recherche sur les renvois aux fichiers exécutables (registre) commence. Le registre a été contrôlé ( '73' fichiers). La recherche sur les fichiers sélectionnés commence : Recherche débutant dans 'C:\' C:\hiberfil.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\pagefile.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\WINDOWS\system32\drivers\glaide32.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\WINDOWS\system32\drivers\sptd.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\WINDOWS\Temp\wpv661243627542.exe [RESULTAT] Contient le modèle de détection du dropper DR/Agent.bks [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4aaf7f5a.qua' ! C:\Documents and Settings\cedric\Bureau\SmitfraudFix\restart.exe [RESULTAT] Contient le modèle de détection du programme SPR/Tool.Hardoff.A [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4aac852b.qua' ! C:\Program Files\driver\driver.sys [RESULTAT] Contient le cheval de Troie TR/Agent.clsj.B [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4aa2865a.qua' ! C:\Program Files\driver\driver.dll [RESULTAT] Contient le modèle de détection du programme backdoor (dangereux) BDS/Backdoor.Gen [AVERTISSEMENT] Erreur lors de la création d'une copie de sécurité du fichier. Le fichier n'a pas été supprimé. Code d'erreur : 26003 [AVERTISSEMENT] Impossible de supprimer le fichier! [REMARQUE] Tentative en cours d'exécuter l'action à l'aide de la bibliothèque ARK. [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4aa2865b.qua' ! C:\System Volume Information\_restore{28B1478C-A929-432D-B839-87374FE3AB90}\RP510\A0227500.exe [RESULTAT] Contient le cheval de Troie TR/Downloader.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a6b8841.qua' ! C:\System Volume Information\_restore{28B1478C-A929-432D-B839-87374FE3AB90}\RP510\A0228520.sys [RESULTAT] Contient le cheval de Troie TR/Agent.clsj.B [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a6b8843.qua' ! C:\System Volume Information\_restore{28B1478C-A929-432D-B839-87374FE3AB90}\RP510\A0228521.dll [RESULTAT] Contient le modèle de détection du programme backdoor (dangereux) BDS/Backdoor.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '49fba274.qua' ! C:\System Volume Information\_restore{28B1478C-A929-432D-B839-87374FE3AB90}\RP512\A0229590.EXE [RESULTAT] Contient le modèle de détection du ver WORM/Koobface.aal [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a6b8846.qua' ! C:\System Volume Information\_restore{28B1478C-A929-432D-B839-87374FE3AB90}\RP512\A0229592.exe [RESULTAT] Contient le cheval de Troie TR/Dldr.Agent.HBR.2 [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a6b8847.qua' ! C:\System Volume Information\_restore{28B1478C-A929-432D-B839-87374FE3AB90}\RP512\A0229600.exe [RESULTAT] Contient le modèle de détection du programme SPR/Tool.Hardoff.A [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '49fba278.qua' ! C:\System Volume Information\_restore{28B1478C-A929-432D-B839-87374FE3AB90}\RP512\A0229601.sys [RESULTAT] Contient le cheval de Troie TR/Agent.clsj.B [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a6b8849.qua' ! C:\FOUND.022\FILE0243.CHK [RESULTAT] Contient le code suspect : HEUR/HTML.Malware [REMARQUE] Le résultat positif a été classé comme suspect. [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a85887d.qua' ! C:\FOUND.022\FILE0275.CHK [RESULTAT] Contient le code suspect : HEUR/HTML.Malware [REMARQUE] Le résultat positif a été classé comme suspect. [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a85887e.qua' ! C:\FOUND.022\FILE0279.CHK [RESULTAT] Contient le code suspect : HEUR/HTML.Malware [REMARQUE] Le résultat positif a été classé comme suspect. [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4911f1df.qua' ! C:\FOUND.022\FILE0293.CHK [RESULTAT] Contient le code suspect : HEUR/HTML.Malware [REMARQUE] Le résultat positif a été classé comme suspect. [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a858840.qua' ! C:\FOUND.022\FILE0304.CHK [RESULTAT] Contient le code suspect : HEUR/HTML.Malware [REMARQUE] Le résultat positif a été classé comme suspect. [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a85887f.qua' ! C:\FOUND.022\FILE0305.CHK [RESULTAT] Contient le code suspect : HEUR/HTML.Malware [REMARQUE] Le résultat positif a été classé comme suspect. [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4911f120.qua' ! C:\FOUND.022\FILE0317.CHK [RESULTAT] Contient le code suspect : HEUR/HTML.Malware [REMARQUE] Le résultat positif a été classé comme suspect. [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a858880.qua' ! C:\FOUND.022\FILE0323.CHK [RESULTAT] Contient le code suspect : HEUR/HTML.Malware [REMARQUE] Le résultat positif a été classé comme suspect. [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4911f121.qua' ! C:\smitfraudfix\restart.exe [RESULTAT] Contient le modèle de détection du programme SPR/Tool.Hardoff.A [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4aac88aa.qua' ! Recherche débutant dans 'D:\' D:\Site Radio Tennis\radiotennis\install\index.php [RESULTAT] Contient le code suspect : HEUR/HTML.Malware [REMARQUE] Le résultat positif a été classé comme suspect. [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a9d8980.qua' ! Fin de la recherche : jeudi 18 juin 2009 02:24 Temps nécessaire: 50:11 Minute(s) La recherche a été effectuée intégralement 10724 Les répertoires ont été contrôlés 316240 Des fichiers ont été contrôlés 12 Des virus ou programmes indésirables ont été trouvés 9 Des fichiers ont été classés comme suspects 0 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 21 Les fichiers ont été déplacés dans la quarantaine 0 Les fichiers ont été renommés 4 Impossible de contrôler des fichiers 316215 Fichiers non infectés 7762 Les archives ont été contrôlées 5 Avertissements 21 Consignes 80517 Des objets ont été contrôlés lors du Rootkitscan 14 Des objets cachés ont été trouvés
  9. realisateur
    Slt, Non je confirme c'est tout ce que j'ai dans le rapport. Peut-etre que quelque chose ne s'est pas passé comme attendu. En tout cas merci encore pour ton temps.
  10. realisateur
    Merci de ton aide. Voici le rapport Combofix : ComboFix 09-06-16.05 - cedric 17/06/2009 12:57:47.1 - FAT32x86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1023.364 [GMT 2:00] Lancé depuis: C:\Documents and Settings\cedric\Bureau\Combo-Fix.exe . Les fichiers ci-dessous ont été désactivés pendant l'exécution: C:\Program Files\SuperCopier2\SC2Hook.dll (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\PROGRA~1\FICHIE~1\{70DA0~1 C:\Program Files\fnts~1 C:\WINDOWS\system32\dobe~1 C:\WINDOWS\system32\dobe~2 C:\Documents and Settings\cedric\Application Data\wiaserva.log C:\Program Files\Fichiers communs\Yazzle1162OinUninstaller.exe C:\WINDOWS\freddy46.exe C:\WINDOWS\ld09.exe C:\WINDOWS\mstre19.exe C:\WINDOWS\system32\bdmkftyg.ini C:\WINDOWS\system32\bjrmpauj.ini C:\WINDOWS\system32\bpetyikc.ini C:\WINDOWS\system32\dpapsoyl.ini C:\WINDOWS\system32\dumphive.exe C:\WINDOWS\system32\fifngbsm.ini C:\WINDOWS\system32\ikqvrfwc.ini C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\Process.exe C:\WINDOWS\system32\SrchSTS.exe C:\WINDOWS\system32\sxwgotet.ini C:\WINDOWS\system32\tmp.reg C:\WINDOWS\system32\ugpwrgyd.ini C:\WINDOWS\system32\umyfvimr.ini C:\WINDOWS\zaponce52597.dat C:\WINDOWS\zaponce52621.dat C:\WINDOWS\zaponce52689.dat . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_COM+_MESSAGES -------\Legacy_DRIVER -------\Legacy_NPF -------\Legacy_VWSERVICE -------\Service_driver -------\Service_vwservice ((((((((((((((((((((((((((((( Fichiers créés du 2009-05-17 au 2009-06-17 ))))))))))))))))))))))))))))))))))))
  11. realisateur
    Merci de ton aide. Voici le rapport Combofix : ComboFix 09-06-16.05 - cedric 17/06/2009 12:57:47.1 - FAT32x86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1023.364 [GMT 2:00] Lancé depuis: C:\Documents and Settings\cedric\Bureau\Combo-Fix.exe . Les fichiers ci-dessous ont été désactivés pendant l'exécution: C:\Program Files\SuperCopier2\SC2Hook.dll (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\PROGRA~1\FICHIE~1\{70DA0~1 C:\Program Files\fnts~1 C:\WINDOWS\system32\dobe~1 C:\WINDOWS\system32\dobe~2 C:\Documents and Settings\cedric\Application Data\wiaserva.log C:\Program Files\Fichiers communs\Yazzle1162OinUninstaller.exe C:\WINDOWS\freddy46.exe C:\WINDOWS\ld09.exe C:\WINDOWS\mstre19.exe C:\WINDOWS\system32\bdmkftyg.ini C:\WINDOWS\system32\bjrmpauj.ini C:\WINDOWS\system32\bpetyikc.ini C:\WINDOWS\system32\dpapsoyl.ini C:\WINDOWS\system32\dumphive.exe C:\WINDOWS\system32\fifngbsm.ini C:\WINDOWS\system32\ikqvrfwc.ini C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\Process.exe C:\WINDOWS\system32\SrchSTS.exe C:\WINDOWS\system32\sxwgotet.ini C:\WINDOWS\system32\tmp.reg C:\WINDOWS\system32\ugpwrgyd.ini C:\WINDOWS\system32\umyfvimr.ini C:\WINDOWS\zaponce52597.dat C:\WINDOWS\zaponce52621.dat C:\WINDOWS\zaponce52689.dat . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_COM+_MESSAGES -------\Legacy_DRIVER -------\Legacy_NPF -------\Legacy_VWSERVICE -------\Service_driver -------\Service_vwservice ((((((((((((((((((((((((((((( Fichiers créés du 2009-05-17 au 2009-06-17 )))))))))))))))))))))))))))))))))))) .
  12. realisateur
    Bonjour à tous, Depuis ce matin je me retouve avec le même probleme que http://forum.zebulon.fr/resolu-redirection...ed#entry1392532. Lors d'une recherche Google la redirection passe par http://successfullytowork.net et termine sur une page de dictionnaire ou retour à la case Google. J'ai lu que je n'était pas le seul à avoir ce problême et qu'il y avait même des solutions ! Pour autant ne sacahant pas lire les rapports hijack y aurait-il une ame charitable prete à m'aider à me débarraser de ce malware ? En suivant la procédure détaillée je commence par poster : Par avance, merci Logfile of random's system information tool 1.06 (written by random/random) Run by cedric at 2009-06-17 11:18:10 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 5 GB (10%) free of 45 GB Total RAM: 1023 MB (25% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:18:22, on 17/06/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\AvidSDMService.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\ATK0100\HControl.exe C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\Program Files\ASUS\Wireless Console\wcourier.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\system32\wdfmgr.exe C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\TomTom HOME\TomTomHOME.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Skype\Phone\Skype.exe C:\WINDOWS\System32\alg.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\WengoPhone\qtwengophone.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\cedric\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\PROGRA~1\MICROS~4\rapimgr.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe C:\WINDOWS\system32\wuauclt.exe c:\windows\freddy46.exe C:\Program Files\Internet Explorer\iexplore.exe c:\windows\mstre19.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\cedric\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\cedric\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\cedric\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\cedric\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\cedric\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\cedric\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\cedric\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\cedric\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\cedric\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe C:\Documents and Settings\cedric\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\cedric\Bureau\RSIT.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\trend micro\cedric.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {0BDFA6A8-D910-7F03-E1EF-0862DA76EC64} - (no file) O2 - BHO: (no name) - {14CE8969-8B41-380F-9DA8-08E729ABC196} - (no file) O2 - BHO: (no name) - {158996E7-8E06-4119-8935-849CF71B46F9} - (no file) O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {363AE83D-6ECF-1E57-8F6E-032C8E9056F8} - (no file) O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: (no name) - {4C1FD760-D260-117C-2C4B-08A8CF2CF25E} - (no file) O2 - BHO: (no name) - {4D8F8AD2-9EB0-43B1-A4BC-75B80CA6C157} - (no file) O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {57E218E6-5A80-4f0c-AB25-83598F25D7E9} - (no file) O2 - BHO: (no name) - {713A7346-6EE8-4C5C-BD80-D9BBF6786012} - (no file) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll O2 - BHO: (no name) - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - (no file) O2 - BHO: (no name) - {FB3BDDEF-DCA7-42E7-AB80-B7A783938E26} - (no file) O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe O4 - HKLM\..\Run: [Wireless Console] C:\Program Files\ASUS\Wireless Console\wcourier.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1 O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [WengoPhoneNG] C:\Program Files\WengoPhone\qtwengophone.exe -b O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\cedric\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: rncsys32.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Video URL Extractor - {F6E600B5-48EA-421A-AF6A-61948BB737F3} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Video URL Extractor... - {F6E600B5-48EA-421A-AF6A-61948BB737F3} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} - O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8300.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/...tiveXPlugin.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.ipernity.com/E/Applets/Uploader...oader4.cab?v4.7 O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\ O20 - Winlogon Notify: jkkkkki - C:\WINDOWS\ O20 - Winlogon Notify: vturr - C:\WINDOWS\ O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Avid SDM Service (AvidSDMService) - Avid Technology, Inc. - C:\WINDOWS\system32\AvidSDMService.exe O23 - Service: Avid Startup (AvidStartup) - Unknown owner - C:\WINDOWS\system32\AvidStartup.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Update Service (gupdate1c985d81c5efe6c) (gupdate1c985d81c5efe6c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe -- End of file - 16468 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\WGASetup.job C:\WINDOWS\tasks\Norton Security Scan for cedric.job C:\WINDOWS\tasks\Google Software Updater.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1043688568-3843691352-3439686833-1004.job C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BDFA6A8-D910-7F03-E1EF-0862DA76EC64}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14CE8969-8B41-380F-9DA8-08E729ABC196}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{158996E7-8E06-4119-8935-849CF71B46F9}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-09-28 308832] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{363AE83D-6ECF-1E57-8F6E-032C8E9056F8}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4C1FD760-D260-117C-2C4B-08A8CF2CF25E}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D8F8AD2-9EB0-43B1-A4BC-75B80CA6C157}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}] Megaupload Toolbar - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL [2007-07-31 1933256] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-08-14 1562448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{57E218E6-5A80-4f0c-AB25-83598F25D7E9}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{713A7346-6EE8-4C5C-BD80-D9BBF6786012}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-04-17 323904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-05-03 259696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-24 668656] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}] IeMonitorBho Class - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll [2007-08-16 110592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-29 35840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}] FlashFXP Helper for Internet Explorer - C:\PROGRA~1\FlashFXP\IEFlash.dll [2005-05-04 191096] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB3BDDEF-DCA7-42E7-AB80-B7A783938E26}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - Megaupload Toolbar - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL [2007-07-31 1933256] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-05-03 259696] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "HControl"=C:\WINDOWS\ATK0100\HControl.exe [2005-04-12 102400] "ASUS Live Update"=C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2003-09-19 172032] "Wireless Console"=C:\Program Files\ASUS\Wireless Console\wcourier.exe [2005-03-02 57344] "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-12-22 98394] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-12-22 688218] "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-02-12 339968] "Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2004-09-21 81920] "H2O"=C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [2005-05-11 200069] "RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-29 148888] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-11-05 73728] "PinnacleDriverCheck"=C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg [] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] "TomTomHOME.exe"=C:\Program Files\TomTom HOME\TomTomHOME.exe [2007-03-14 3770024] "Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-02 29744] "IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2007-10-08 995328] "IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2007-10-08 1101824] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-12-03 282624] "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-09-28 185872] "LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-01-19 221184] "LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2005-01-19 458752] "LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2005-01-19 217088] "!AVG Anti-Spyware"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe /minimized [] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792] "AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-13 68856] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-02-12 21898024] "SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2006-07-07 1052672] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] "WengoPhoneNG"=C:\Program Files\WengoPhone\qtwengophone.exe [2006-12-11 6254592] "Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-02 29744] "H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360] "Google Update"=C:\Documents and Settings\cedric\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-11-12 133104] "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-04-08 251240] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrintDrive] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Soec] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] C:\WINDOWS\SOUNDMAN.EXE [2004-11-05 73728] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundService] C:\WINDOWS\system32\gytfkmdb.dll,setvm [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VaCtrls] v7 [] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe C:\Documents and Settings\cedric\Menu Démarrer\Programmes\Démarrage rncsys32.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2005-02-12 61440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\jkkkkki] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\vturr] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-05 240128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{4D8F8AD2-9EB0-43B1-A4BC-75B80CA6C157}"= [] "{713A7346-6EE8-4C5C-BD80-D9BBF6786012}"= [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Messenger\MSMSGS.EXE"="C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger" "C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe"="C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe:*:Enabled:Dreamweaver MX 2004" "C:\Program Files\FlashFXP\flashfxp.exe"="C:\Program Files\FlashFXP\flashfxp.exe:*:Enabled:FlashFXP v3" "C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe"="C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe:*:Enabled:Lecteur CANALPLAY" "C:\Program Files\Lecteur CANALPLAY\CanalPlayerHelper.exe"="C:\Program Files\Lecteur CANALPLAY\CanalPlayerHelper.exe:*:Enabled:Lecteur CANALPLAY Helper" "C:\Program Files\FTP Commander\Ftpcomm.exe"="C:\Program Files\FTP Commander\Ftpcomm.exe:*:Enabled:Ftpcomm" "C:\Program Files\ASUS\ASUS Live Update\LiveUpdt.exe"="C:\Program Files\ASUS\ASUS Live Update\LiveUpdt.exe:*:Enabled:LiveUpdt" "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\DOCUME~1\cedric\LOCALS~1\Temp\winCB.tmp.exe"="C:\DOCUME~1\cedric\LOCALS~1\Temp\winCB.tmp.exe:*:Enabled:winCB.tmp" "C:\WINDOWS\TEMP\win18.tmp.exe"="C:\WINDOWS\TEMP\win18.tmp.exe:*:Enabled:win18.tmp" "C:\WINDOWS\TEMP\win165.tmp.exe"="C:\WINDOWS\TEMP\win165.tmp.exe:*:Enabled:win165.tmp" "C:\Program Files\WengoPhone\qtwengophone.exe"="C:\Program Files\WengoPhone\qtwengophone.exe:*:Enabled:WengoPhone" "C:\WINDOWS\TEMP\winF2A.tmp.exe"="C:\WINDOWS\TEMP\winF2A.tmp.exe:*:Enabled:winF2A.tmp" "C:\Program Files\Pinnacle\MediaCenter\Pmc.exe"="C:\Program Files\Pinnacle\MediaCenter\Pmc.exe:LocalSubNet:Enabled:Pmc.exe" "C:\Program Files\Pinnacle\MediaCenter\PSST.exe"="C:\Program Files\Pinnacle\MediaCenter\PSST.exe:LocalSubNet:Enabled:PSST.exe" "C:\Program Files\Pinnacle\MediaCenter\PMSInstallInit.exe"="C:\Program Files\Pinnacle\MediaCenter\PMSInstallInit.exe:LocalSubNet:Enabled:PMSInstallInit.exe" "C:\Program Files\Pinnacle\MediaCenter\PMC.Tvtv.Wizard.exe"="C:\Program Files\Pinnacle\MediaCenter\PMC.Tvtv.Wizard.exe:LocalSubNet:Enabled:PMC.Tvtv.Wizard.exe" "C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe:LocalSubNet:Disabled:PMCService" "C:\WINDOWS\TEMP\winF2C.tmp.exe"="C:\WINDOWS\TEMP\winF2C.tmp.exe:*:Enabled:winF2C.tmp" "C:\WINDOWS\TEMP\win111B.tmp.exe"="C:\WINDOWS\TEMP\win111B.tmp.exe:*:Enabled:win111B.tmp" "C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe"="C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe:*:Enabled:Kerio Personal Firewall 4 - GUI" "C:\Program Files\Resolume-2-2\resolume.exe"="C:\Program Files\Resolume-2-2\resolume.exe:*:Enabled:Resolume 2.2" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\Program Files\RayV\RayV\RayV.exe"="C:\Program Files\RayV\RayV\RayV.exe:*:Enabled:RayV" "C:\Documents and Settings\CEDRIC\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll"="C:\Documents and Settings\CEDRIC\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin" "C:\Documents and Settings\CEDRIC\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\CEDRIC\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. The whole world can talk for free." [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\FlashFXP\flashfxp.exe"="C:\Program Files\FlashFXP\flashfxp.exe:*:Enabled:FlashFXP v3" "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0a31aaf4-3628-11de-8da7-0012f07a0f3b}] shell\AutoRun\command - I:\VMC_PBStarter.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0a31aaf5-3628-11de-8da7-0012f07a0f3b}] shell\AutoRun\command - I:\VMC_PBStarter.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0a4fdbca-a40a-11dc-8a79-0012f07a0f3b}] shell\AutoRun\command - I:\VMC_PBStarter.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0a4fdbcb-a40a-11dc-8a79-0012f07a0f3b}] shell\AutoRun\command - I:\VMC_PBStarter.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0a4fdbcc-a40a-11dc-8a79-0012f07a0f3b}] shell\AutoRun\command - I:\VMC_PBStarter.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a018e06-99af-11dc-8a4d-0002c76824ed}] shell\AutoRun\command - I:\VMC_PBStarter.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{47962c2e-99c3-11dc-8a51-0002c76824ed}] shell\AutoRun\command - I:\VMC_PBStarter.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4c266218-bd04-11dc-8ab3-0012f07a0f3b}] shell\AutoRun\command - I:\VMC_PBStarter.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4e6f6170-99a8-11dc-8a4b-0002c76824ed}] shell\AutoRun\command - I:\VMC_PBStarter.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{512404fa-9c39-11dc-8a58-0002c76824ed}] shell\AutoRun\command - I:\VMC_PBStarter.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{512404fb-9c39-11dc-8a58-0002c76824ed}] shell\AutoRun\command - I:\VMC_PBStarter.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{83cec3ae-47fc-11dc-8967-0012f07a0f3b}] shell\Auto\command - I:\RavMonE.exe e shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a3c0f658-99c0-11dc-8a50-0012f07a0f3b}] shell\AutoRun\command - I:\VMC_PBStarter.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cefe60fa-0251-11dc-88b0-0012f07a0f3b}] shell\Auto\command - AdobeR.exe e shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e ======File associations====== .js - open - ======List of files/folders created in the last 1 months====== 2009-06-17 11:18:11 ----D---- C:\Program Files\trend micro 2009-06-17 11:18:10 ----D---- C:\rsit 2009-06-17 10:41:30 ----H---- C:\WINDOWS\mstre19.exe 2009-06-17 10:41:30 ----D---- C:\Program Files\driver 2009-06-17 10:41:27 ----H---- C:\WINDOWS\freddy46.exe 2009-06-17 10:37:54 ----SHD---- C:\FOUND.046 2009-06-17 10:32:02 ----H---- C:\WINDOWS\ld09.exe 2009-06-15 17:19:17 ----D---- C:\Documents and Settings\cedric\Application Data\AVS4YOU 2009-06-15 17:19:10 ----D---- C:\Documents and Settings\All Users\Application Data\AVS4YOU 2009-06-15 17:13:59 ----D---- C:\Program Files\Fichiers communs\AVSMedia 2009-06-15 17:13:59 ----D---- C:\Program Files\AVS4YOU 2009-06-11 00:01:03 ----HD---- C:\WINDOWS\$NtUninstallKB961501$ 2009-06-11 00:00:46 ----HD---- C:\WINDOWS\$NtUninstallKB969897$ 2009-06-11 00:00:38 ----HD---- C:\WINDOWS\$NtUninstallKB969898$ 2009-06-10 23:59:04 ----HD---- C:\WINDOWS\$NtUninstallKB970238$ 2009-06-10 23:59:00 ----A---- C:\WINDOWS\imsins.BAK 2009-06-10 23:58:55 ----HD---- C:\WINDOWS\$NtUninstallKB968537$ 2009-06-10 13:15:56 ----SHD---- C:\FOUND.045 2009-06-08 11:13:18 ----SHD---- C:\FOUND.044 2009-05-29 09:13:49 ----A---- C:\WINDOWS\system32\deploytk.dll 2009-05-18 13:45:38 ----SHD---- C:\FOUND.043 ======List of files/folders modified in the last 1 months====== 2009-06-16 13:18:50 ----A---- C:\WINDOWS\lexstat.ini 2009-06-15 17:44:56 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-06-15 12:11:38 ----A---- C:\WINDOWS\NeroDigital.ini 2009-06-01 18:51:12 ----A---- C:\WINDOWS\system32\MRT.exe 2009-05-29 09:13:46 ----A---- C:\WINDOWS\system32\javaws.exe 2009-05-29 09:13:46 ----A---- C:\WINDOWS\system32\javaw.exe 2009-05-29 09:13:46 ----A---- C:\WINDOWS\system32\java.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2001-02-01 25244] R1 driverdrv;driverdrv; \??\C:\Program Files\driver\driver.sys [] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320] R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2004-10-05 62799] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-11-16 21361] R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys [] R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-09-02 13059] R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-08-27 12288] R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2004-09-10 84064] R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys [] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-11-05 2284864] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-02-12 986624] R3 CLEDX;Team H2O CLEDX service; C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 33792] R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080] R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-09-02 1041536] R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-09-02 200064] R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824] R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 SMCIRDA;SMSC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2005-01-09 46592] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-12-22 186240] R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2005-01-08 51582] R3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2005-01-17 98304] R3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2004-07-09 36531] R3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2004-11-16 50048] R3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-07 18612] R3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2004-12-22 34816] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] R3 w29n51;Pilote de carte de connexion réseau Intel® PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2007-07-25 2210048] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-09-02 685056] R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\yukonwxp.sys [2004-06-01 142464] S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848] S1 PDIDRV;PDIDRV; C:\WINDOWS\system32\drivers\PDIDRV.sys [] S2 Nsynas32;Nsynas32; C:\WINDOWS\system32\drivers\Nsynas32.sys [2001-04-09 17784] S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2004-08-03 48128] S3 Asushwio;Asushwio; \??\C:\WINDOWS\system32\drivers\Asushwio.sys [] S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2004-08-03 38912] S3 AVCSTRM;AVC Streaming Filter Driver; C:\WINDOWS\system32\DRIVERS\avcstrm.sys [2004-08-03 13696] S3 camvid20;Philips ToUcam Camera; Video; C:\WINDOWS\system32\DRIVERS\camdrv21.sys [2001-08-17 223232] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 CO_Mon;CO_Mon; \??\C:\WINDOWS\system32\Drivers\CO_Mon.sys [] S3 cxwibu;Team H2O WIBU Driver; \??\C:\Program Files\WIBUKEY\H2O\cxwibu.sys [] S3 EchoIndigoIO;Echo Indigo io Service; C:\WINDOWS\system32\drivers\echondgo.sys [2003-08-25 124160] S3 hdsp;RME Hammerfall Audio Device; C:\WINDOWS\system32\DRIVERS\hdsp.sys [] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2007-04-20 100992] S3 IKFileSec;File Security Driver; C:\WINDOWS\system32\drivers\ikfilesec.sys [2009-01-13 40840] S3 IKSysFlt;System Filter Driver; C:\WINDOWS\system32\drivers\iksysflt.sys [2009-01-13 66952] S3 IKSysSec;System Security Driver; C:\WINDOWS\system32\drivers\iksyssec.sys [2009-01-13 81288] S3 LMASFltr;LMASFltr; C:\WINDOWS\system32\drivers\LMASFltr.sys [] S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-04-01 22016] S3 massfilter;ZTE Mass Storage Filter Driver; C:\WINDOWS\system32\drivers\massfilter.sys [] S3 MMAUSB;M-Audio USB ASIO Driver; C:\WINDOWS\System32\Drivers\MMAUSB.SYS [] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-03 15360] S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2004-08-03 51328] S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2004-08-03 22016] S3 MSTAPE;Microsoft AV/C Tape Subunit Device; C:\WINDOWS\system32\DRIVERS\mstape.sys [2004-08-03 49024] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-05 40320] S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2005-04-01 7072] S3 phil2vid;Appareil photo VGA USB Philips PCVC690; C:\WINDOWS\system32\DRIVERS\philcam2.sys [2001-08-17 173696] S3 PID_08A0;Labtec WebCam(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2005-04-01 913280] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2002-10-17 2851] S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2004-12-16 50048] S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2005-10-21 12800] S3 USB28xxBGA;Pinnacle PCTV DVB-T USB Stick; C:\WINDOWS\system32\DRIVERS\emBDA.sys [2005-11-22 209408] S3 USB28xxOEM;USB 28xx OEM Filter; C:\WINDOWS\system32\DRIVERS\emOEM.sys [2005-11-22 17792] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024] S3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-04-10 104576] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\cedric\LOCALS~1\Temp\mc25.tmp [] S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-02-12 344064] R2 AvidSDMService;Avid SDM Service; C:\WINDOWS\system32\AvidSDMService.exe [2003-05-01 57344] R2 driver;driver; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336] R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-10-08 794624] R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-29 152984] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-10-08 483328] R2 S24EventMonitor;Intel® PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-10-08 1183744] R2 SimpTcp;Services TCP/IP simplifiés; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-05 19456] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912] S2 AvidStartup;Avid Startup; C:\WINDOWS\system32\AvidStartup.exe [2003-07-02 241664] S2 gupdate1c985d81c5efe6c;Google Update Service (gupdate1c985d81c5efe6c); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-03 133104] S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-08-07 68096] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-02 29744] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2008-06-13 356920] S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2009-01-13 1079176] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136] S4 Aspmpusb;Aspmpusb; C:\WINDOWS\system32\drivers\msfs.sys [2004-08-05 19072] S4 vwservice;vwservice; C:\WINDOWS\system32\vwsrv.exe [] -----------------EOF----------------- info.txt logfile of random's system information tool 1.06 2009-06-17 11:18:24 ======Uninstall list====== -->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER -->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu -->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\system32\UninstIPP.isu -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL -->C:\WINDOWS\UNNMP.exe /UNINSTALL -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 3.0.1.2-->"C:\WINDOWS\unins000.exe" 3Prong AVX Plug-Ins-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\3PV101.INF, DefaultUninstall.ntx86 4Front Mastering Bundle DX VST v1.0-->C:\PROGRA~1\STEINB~1\VSTPLU~1\4FRONT\MASTER~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\4FRONT\MASTER~1\INSTALL.LOG 4Front Piano Module 1.0 VSTi-->"C:\Program Files\Steinberg\VSTPlugins\unins000.exe" 7-Zip 4.42-->"C:\Program Files\7-Zip\Uninstall.exe" Ad-Aware SE Personal-->MsiExec.exe /X{78CC3BAB-DE2A-4FB4-8FBB-E4DADDC26747} Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll" Adobe AIR-->C:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E} Adobe Atmosphere Player for Acrobat and Adobe Reader-->C:\WINDOWS\atmoUn.exe Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Photoshop CS-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x9 Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003} Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log AgileMessenger-->C:\Program Files\Microsoft ActiveSync\AgileMessenger\Uninstall.exe AgileMessenger AIDA32 v3.93-->"C:\Program Files\AIDA32 - Personal System Information\unins000.exe" Algorithmix Plugin Bundle 1.3-->C:\PROGRA~1\ALGORI~1\ALGORI~1\UNINST~1\UNWISE.EXE C:\PROGRA~1\ALGORI~1\ALGORI~1\UNINST~1\INSTALL.LOG Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe ArtsAcoustic Reverb 1.1.1-->C:\Program Files\ArtsAcoustic Reverb\uninst.exe Arturia Moog Modular V2 v1.0-->C:\PROGRA~1\ARTURIA\MOOGMO~1\UNWISE.EXE C:\PROGRA~1\ARTURIA\MOOGMO~1\INSTALL.LOG ASUS Live Update-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ASUS\ASUS Live Update\Uninst.isu" -c"C:\Program Files\ASUS\ASUS Live Update\Uninst.dll" ASUS Probe V2.11-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ASUS\ASUS Probe\Uninst.isu" ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean ATK0100 ACPI UTILITY-->C:\WINDOWS\ATK0100\XPunin.exe Audacity Recovery Utility-->"C:\Program Files\Audacity Recovery Utility\unins000.exe" Avid Codecs LE-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE64A793-CD35-4950-B878-C9D1A4AC9ECC}\SETUP.exe" -l0x9 -removeonly Avid Xpress Pro-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE858D4-4C6B-4454-9A99-811AC3C476A8}\SETUP.EXE" -l0x9 Avidemux 2.4-->C:\Program Files\Avidemux 2.4\uninstall.exe Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6} Camtasia Studio 5-->MsiExec.exe /I{7BB40A22-8D98-43F9-A08A-E7EFF5AB1324} Canopus Codec Option-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{772E9146-D676-4869-A298-047FF2A2B92D}\setup.exe" -l0x9 CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Correctif Windows XP - KB873333-->C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe Correctif Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe Correctif Windows XP - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe Correctif Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe Correctif Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe Correctif Windows XP - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe Correctif Windows XP - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe Correctif Windows XP - KB887742-->C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe Correctif Windows XP - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe Correctif Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe Correctif Windows XP - KB890175-->C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe" Correctif Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe Correctif Windows XP - KB893086-->"C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe" discoDSP Discovery v2.6-->"C:\Program Files\Steinberg\VstPlugins\discoDSP\unins000.exe" DiscoDSP FX Bundle v1.0a-->C:\PROGRA~1\STEINB~1\VSTPLU~1\DISCODSP\DISCOD~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\DISCODSP\DISCOD~1\INSTALL.LOG discoDSP HighLife v1.3-->"C:\Program Files\Steinberg\VstPlugins\discoDSP\unins001.exe" DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN DJ Mix Lite-->C:\Program Files\DJ Mix Lite\uninstall.exe DVD Flick-->"C:\Program Files\DVD Flick\unins000.exe" DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe" EasyPHP 2.0b1-->"C:\Program Files\EasyPHP 2.0b1\unins000.exe" EasyRecovery Professional-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{A8BB9906-E618-406A-B161-7383AFF46C39} /l1036 Echo Indigo Driver-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{33FF64C3-1DFD-42A0-8EAE-CF2B51BDDC04} Everest Poker (Remove Only)-->C:\Program Files\Everest Poker\cstart.exe /uninstall ffdshow-->"C:\Program Files\ffdshow\uninstall.exe" FileZilla Client 3.0.4.1-->C:\Program Files\FileZilla Client\uninstall.exe FlashFXP v3-->"C:\Program Files\FlashFXP\unins000.exe" Flickr Uploadr 3.0.2-->"C:\Program Files\Flickr Uploadr\uninstall.exe" Fontlist-->"C:\Program Files\FontList\uninstall.exe" Fraps-->"C:\Program Files\fraps\uninstall.exe" FreeDial-->"C:\Program Files\FreeDial\FreeDial.exe" -uninstall GoldWave v5.16-->"C:\Program Files\GoldWave\unstall.exe" "GoldWave v5.16" "C:\Program Files\GoldWave\unstall.log" Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall Google Earth Plugin-->MsiExec.exe /I{CFA3D1B0-415C-11DE-8251-005056806466} Google Talk Plugin-->MsiExec.exe /I{5012BC0C-7E1A-329A-8F02-B6846070C5F8} Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_BDA1448D3D255554.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} GRM TOOLS Classic v1.6-->C:\PROGRA~1\STEINB~1\VSTPLU~1\GRMTOO~1\GRMCLA~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\GRMTOO~1\GRMCLA~1\INSTALL.LOG GRM TOOLS ST v1.6-->C:\PROGRA~1\STEINB~1\VSTPLU~1\GRMTOO~2\GRMST~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\GRMTOO~2\GRMST~1\INSTALL.LOG Hercules Mobile DJ Mix 1.0.7-->"C:\Program Files\Hercules\MobileDJMix\unins000.exe" HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall Hotfix for Windows XP (KB909394)-->"C:\WINDOWS\$NtUninstallKB909394$\spuninst\spuninst.exe" Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe" J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110} Java 2 Runtime Environment Standard Edition v1.3.0_02-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\JavaSoft\JRE\1.3.0_02\Uninst.isu" Java 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF} Knoll Light Factory AVX-->C:\WINDOWS\IsUninst.exe -f"c:\program files\avid\avx_plug-ins\Uninst.isu" Knoll Light Factory EZ AVX-->C:\WINDOWS\IsUninst.exe -f"c:\program files\avid\avx_plug-ins\Uninst.isu" Korg_Legacy_Collection_v1.1.6-PLZ-->C:\PROGRA~1\KORG\LEGACY~1\UNWISE.EXE C:\PROGRA~1\KORG\LEGACY~1\INSTALL.LOG KRISTAL Audio Engine-->C:\Program Files\Kreatives.org\KRISTAL Audio Engine\Uninstall.exe Le Centre de Contrôle de Licences de Syncrosoft-->C:\PROGRA~1\SYNCRO~1\UNWISE.EXE C:\PROGRA~1\SYNCRO~1\INSTALL.LOG Lecteur Windows Media 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Lexmark 2200 Series-->C:\WINDOWS\system32\spool\drivers\w32x86\3\LXBVUN5C.EXE -dLexmark 2200 Series Linplug Albino VSTi v2.02-->C:\PROGRA~1\STEINB~1\VSTPLU~1\ALBINO~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\ALBINO~1\INSTALL.LOG LinPlug CronoX VSTi v3.02-->C:\PROGRA~1\STEINB~1\VSTPLU~1\CRONOX~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\CRONOX~1\INSTALL.LOG Logiciel Intel® PROSet/Wireless-->C:\WINDOWS\Installer\iProInst.exe Logiciel WebCam de Labtec-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF45F502-D3F2-4E7C-91D8-9AA5A8141D08}\setup.exe" -l0x40c Macromedia Extension Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}\setup.exe" -l0x9 mmUninstall mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779} mDriver-->MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29} mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49} Mega Manager-->C:\Program Files\InstallShield Installation Information\{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}\setup.exe -runfromtemp -l0x0009 -removeonly Megaupload Toolbar-->C:\Program Files\MegauploadToolbar\uninstall.exe mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68} Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28} Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE} Microsoft FrontPage Express-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\fpxpress.inf, Uninstall Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office 2000 CD-ROM 2-->MsiExec.exe /I{0004040C-78E1-11D2-B60F-006097C998E7} Microsoft Office 2000 Professional-->MsiExec.exe /I{0001040C-78E1-11D2-B60F-006097C998E7} Microsoft Pocket MSN-->MsiExec.exe /X{747BE46E-39CE-4FC1-B6FD-5851B4B176C5} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ Run Time Lib Setup-->MsiExec.exe /X{AAF4238F-7C29-451D-9925-C753271A5728} Mise à jour de sécurité pour Lecteur Windows Media (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe" Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB883939)-->"C:\WINDOWS\$NtUninstallKB883939$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB893066)-->"C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB899588)-->"C:\WINDOWS\$NtUninstallKB899588$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB901190)-->"C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB903235)-->"C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923694)-->"C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB928090)-->"C:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB929969)-->"C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB931768)-->"C:\WINDOWS\$NtUninstallKB931768$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB933566)-->"C:\WINDOWS\$NtUninstallKB933566$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB937143)-->"C:\WINDOWS\$NtUninstallKB937143$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB937894)-->"C:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938127)-->"C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB939653)-->"C:\WINDOWS\$NtUninstallKB939653$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB944338-v2)-->"C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB896727)-->"C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB929338)-->"C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB931836)-->"C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB933360)-->"C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB936357)-->"C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F} mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7} mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5} Motamo 4.22-->"C:\Program Files\Motamo\unins000.exe" mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5} mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9} mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83} mSCfg-->MsiExec.exe /I{829CD169-E692-48E8-9BDE-A3E8D8B65538} MSN Messenger for Pocket PC 2002-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{AB433D28-2588-4EB8-9502-FBE3F88F2E8B} MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96} mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4} MX Skype Recorder v3.2.1-->C:\Program Files\MXSkypeRec\uninstall.exe mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023} Nero Suite-->C:\Program Files\Fichiers communs\Ahead\Uninstall\Setup.exe /uninstall Norton Security Scan (Symantec Corporation)-->"C:\Program Files\Fichiers communs\Symantec Shared\NSSSetup\{1E86581C-2858-4094-AB8B-D005EF96D4AC}_2_0_0\NSSSetup.exe" /X Norton Security Scan-->MsiExec.exe /X{1E86581C-2858-4094-AB8B-D005EF96D4AC} Notepad++-->C:\Program Files\Notepad++\uninstall.exe NSIS Mixxx-->"C:\Program Files\Mixxx\uninstall.exe" Ohmforce Ohmboyz PRO VST v1.42-->C:\PROGRA~1\STEINB~1\VSTPLU~1\OHMFOR~1\OHMBOY~1\UNINST~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\OHMFOR~1\OHMBOY~1\UNINST~1\INSTALL.LOG One-click Tag Editor 1.0-->"C:\Program Files\One-click Tag Editor\unins000.exe" Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall PDFCreator-->C:\Program Files\PDFCreator\unins000.exe PHM Pocket PC PowerToys-->MsiExec.exe /I{CA20D7B8-BA4F-466A-8402-579DAAB350E0} Photorécit 3 pour Windows-->MsiExec.exe /I{4F41AD68-89F2-4262-A32C-2F70B01FCE9E} Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe" Pocket WakeUp-->C:\Program Files\Microsoft ActiveSync\Pocket WakeUp\Uninstall.exe Pocket WakeUp Power4 Gear-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4462AD13-F2AA-4CBD-9F95-293C38EED870}\setup.exe" -l0x9 PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall PPC 2003 - MSN ® Messenger Update-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{CF56B6FC-F26B-4493-802B-2E5EA74DC775} ProCoder 3-->C:\Program Files\InstallShield Installation Information\{07D97136-A219-41FE-9FF9-E18C8A312A7E}\Setup.exe -runfromtemp -l0x0009 -removeonly Programme de gestion Camera de Labtec®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT Project64 1.6-->MsiExec.exe /X{9559F7CA-5E34-4237-A2D9-D856464AD727} PSPad editor-->"C:\Program Files\PSPad editor\Uninst\unins000.exe" QuickTime-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{C21D5524-A970-42FA-AC8A-59B8C7CDCA31} /l1036 Rapture 1.0-->"C:\Program Files\Cakewalk\Rapture\unins000.exe" RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE Resolume 2.2-->"C:\Program Files\Resolume-2-2\unins000.exe" Rhino 2.0-->"C:\Program Files\Steinberg\VstPlugins\Rhino2\unins000.exe" Rolex Oyster Day-Date Screen Saver-->C:\WINDOWS\system32\Rolex Oyster Day-Date.scr /u Sentinel Protection Installer 7.0.0-->MsiExec.exe /I{547D4265-AF45-42E9-A62A-C58182AA35B9} Shrink O'Matic-->msiexec /qb /x {5E46DFB8-DE5F-44E4-66B4-F6F9EED8DD87} Shrink-O-Matic-->MsiExec.exe /I{5E46DFB8-DE5F-44E4-66B4-F6F9EED8DD87} Sibelius Scorch (ActiveX Only)-->MsiExec.exe /I{15CCBC5D-66A7-4131-8D36-E05F27B0E68F} Skype™ 3.6-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82} SoftV92 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_24C6&SUBSYS_18261043\HXFSETUP.EXE -U -Iaus1826k.inf Sorenson Squeeze 4.2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6A143FF0-BB9A-4A9C-A318-1688BA366BAE}\setup.exe" -l0x9 Spb Full Screen Keyboard-->C:\Program Files\Microsoft ActiveSync\Spb Full Screen Keyboard\Uninstall.exe Spb Full Screen Keyboard Spybot - Search & Destroy 1.4-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe" Spyware Doctor 6.0-->C:\Program Files\Spyware Doctor\unins000.exe /LOG Stabilize Effec-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{15180EA3-F23C-11D4-807E-0050DA085BFD}\setup.exe" Steinberg Cubase SX v2.2.0.35-->C:\PROGRA~1\STEINB~1\CUBASE~2\UNWISE.EXE C:\PROGRA~1\STEINB~1\CUBASE~2\INSTALL.LOG Steinberg Cubase SX v3.0.2.623-->C:\PROGRA~1\STEINB~1\CUBASE~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\CUBASE~1\INSTALL.LOG SUPER © Version 2009.bld.35 (Jan 5, 2009)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0 Super macro 3.1-->C:\Program Files\Super macro\uninst.exe SuperCopier2-->"C:\Program Files\SuperCopier2\SC2Uninst.exe" Supprimer les Doublons 3.1.0.3-->"C:\program files\Sld\unins000.exe" Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall SyncroSoft Emu (Remove only)-->C:\Program Files\SyncroSoft\Pos\H2O\Uninst.exe Titan Poker-->"C:\Poker\Titan Poker\_SetupPoker[1].exe" /uninstall TMPGEnc 3.0 XPress-->MsiExec.exe /I{D48EAA77-E526-41EB-894C-BD6A17EABD95} TMPGEnc DVD Author 1.5-->MsiExec.exe /I{49062DAB-7009-4EBD-903A-830B283407C4} TomTom HOME 2.6.2.1586-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533} TomTom HOME-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe -RESTOREKEY=tomtomhome Urban Terror 4.1-->"C:\Program Files\UrbanTerror\unins000.exe" Video URL Extractor-->MsiExec.exe /I{1FACEA04-5C3B-4F1E-BD5D-F77F027BD0B8} VideoLAN VLC media player 0.8.5-->C:\Program Files\VideoLAN\VLC\uninstall.exe Virtual DJ - Atomix Productions-->C:\PROGRA~1\VIRTUA~2\UNWISE.EXE C:\PROGRA~1\VIRTUA~2\INSTALL.LOG Vodafone Mobile Connect Lite Runtime Components-->MsiExec.exe /X{CFA76A76-03CF-43AC-AAB4-E2E3DACE4E02} Web Stream Recorder Pro-->C:\Program Files\Sytexis Software\Web Stream Recorder Pro\uninstall.exe WengoPhone latest-->C:\Program Files\WengoPhone\uninstall.exe Wibu Emu driver v1.0-->C:\PROGRA~1\WIBUKEY\H2O\UNWISE.EXE C:\PROGRA~1\WIBUKEY\H2O\INSTALL.LOG Winamp-->"C:\Program Files\Winamp\UninstWA.exe" Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe" Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411} Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT Windows Live Sign-in Assistant-->MsiExec.exe /I{F652D238-5F29-42D5-BAF3-0115EF977EC2} Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Player 10 Hotfix - KB894476-->"C:\WINDOWS\$NtUninstallKB894476$\spuninst\spuninst.exe" WinFlash-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE10AB76-4756-4913-BE25-55D1C1051F9A}\setup.exe" -l0x9 Wireless Console-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{83F73CB1-7705-49D1-9852-84D839CA2A45}\setup.exe" -l0x9 -removeonly XviD MPEG-4 Video Codec-->"C:\Program Files\XviD\unins000.exe" ======System event log====== Computer Name: LIVE Event Code: 49157 Message: INIT: BIOS TV signature not found Record Number: 61574 Source Name: ati2mtag Time Written: 20090610131633.000000+120 Event Type: Informations User: Computer Name: LIVE Event Code: 83 Message: Port A is down Record Number: 61573 Source Name: yukonwxp Time Written: 20090610131633.000000+120 Event Type: Informations User: Computer Name: LIVE Event Code: 17 Message: Le périphérique a renvoyé une ou plusieurs réponses incorrectes après une réinitialisation du clavier. Record Number: 61572 Source Name: i8042prt Time Written: 20090610131633.000000+120 Event Type: Avertissement User: Computer Name: LIVE Event Code: 6005 Message: Le service d'Enregistrement d'événement a démarré. Record Number: 61571 Source Name: EventLog Time Written: 20090610131610.000000+120 Event Type: Informations User: Computer Name: LIVE Event Code: 6009 Message: Microsoft ® Windows ® 5.01. 2600 Service Pack 2 Uniprocessor Free. Record Number: 61570 Source Name: EventLog Time Written: 20090610131610.000000+120 Event Type: Informations User: =====Application event log===== Computer Name: LIVE Event Code: 1041 Message: Windows ne peut pas effectuer de requête sur l'entrée DllName du Registre pour {7B849a69-220F-451E-B3FE-2CB811AF94AE}. Record Number: 17805 Source Name: Userenv Time Written: 20090422113936.000000+120 Event Type: erreur User: AUTORITE NT\SYSTEM Computer Name: LIVE Event Code: 1041 Message: Windows ne peut pas effectuer de requête sur l'entrée DllName du Registre pour {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}. Record Number: 17804 Source Name: Userenv Time Written: 20090422112825.000000+120 Event Type: erreur User: AUTORITE NT\SYSTEM Computer Name: LIVE Event Code: 1041 Message: Windows ne peut pas effectuer de requête sur l'entrée DllName du Registre pour {7B849a69-220F-451E-B3FE-2CB811AF94AE}. Record Number: 17803 Source Name: Userenv Time Written: 20090422112825.000000+120 Event Type: erreur User: AUTORITE NT\SYSTEM Computer Name: LIVE Event Code: 0 Message: Record Number: 17802 Source Name: gusvc Time Written: 20090422110301.000000+120 Event Type: Informations User: Computer Name: LIVE Event Code: 0 Message: Record Number: 17801 Source Name: gusvc Time Written: 20090422110200.000000+120 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Fichiers communs\Avid;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel "PROCESSOR_REVISION"=0d08 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=.;C:\Program Files\JavaSoft\JRE\1.3.0_02\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\JavaSoft\JRE\1.3.0_02\lib\ext\QTJava.zip -----------------EOF-----------------
×
×
  • Créer...