Problème d'accent circonflexe! Virus? Mon log HJCK

[Julian84]

Je redémarre apres France-Suède

[Julian84]

C'est bon

 

Go.cmd à bien voulu démarrer même si j'ai 50 fenetres de threat remove xD

 

je poste le rapport ensuite!

[Julian84]

DiagHelp version v1.4 - http://www.malekal.com

excute le jeu. 21/08/2008 à 12:58:30,04

 

 

Liste des derniers fichies modifies/crees dans windir\system32 et prefetch

C:\Windows\prefetch\CHCP.COM-950EAF32.pf -->21/08/2008 12:58:28

C:\Windows\prefetch\SEARCHFILTERHOST.EXE-AA7A1FDD.pf -->21/08/2008 12:58:17

C:\Windows\prefetch\WINRAR.EXE-6F42D4E7.pf -->21/08/2008 12:58:11

C:\Windows\prefetch\WMIPRVSE.EXE-43972D0F.pf -->21/08/2008 12:58:00

C:\Windows\prefetch\DLLHOST.EXE-71214090.pf -->21/08/2008 12:57:49

C:\Windows\prefetch\VERCLSID.EXE-4D95F5A7.pf -->21/08/2008 12:57:43

C:\Windows\prefetch\USNSVC.EXE-42F10D33.pf -->21/08/2008 12:56:28

C:\Windows\prefetch\AVGUPD.EXE-A930AEA7.pf -->21/08/2008 12:56:15

C:\Windows\prefetch\SEARCHPROTOCOLHOST.EXE-AFAD3EF9.pf -->21/08/2008 12:56:11

C:\Windows\prefetch\AVGCMGR.EXE-556E623C.pf -->21/08/2008 12:56:00

 

C:\Windows\System32\drivers\gmer.sys -->20/08/2008 18:41:12

C:\Windows\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf -->14/07/2008 20:25:28

C:\Windows\System32\drivers\hamachi.sys -->13/07/2008 21:22:10

C:\Windows\System32\drivers\PnkBstrK.sys -->11/07/2008 21:00:18

C:\Windows\System32\drivers\avgmfx86.sys -->3/07/2008 23:08:35

C:\Windows\System32\drivers\avgldx86.sys -->3/07/2008 23:08:35

C:\Windows\System32\drivers\sptd.sys -->14/05/2008 19:31:43

 

C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -->21/08/2008 12:54:59

C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -->21/08/2008 12:54:59

C:\Windows\System32\PerfStringBackup.INI -->19/08/2008 15:14:33

C:\Windows\System32\perfh00C.dat -->19/08/2008 15:14:33

C:\Windows\System32\perfh009.dat -->19/08/2008 15:14:33

C:\Windows\System32\perfc00C.dat -->19/08/2008 15:14:33

C:\Windows\System32\perfc009.dat -->19/08/2008 15:14:33

C:\Windows\System32\mrt.exe -->5/08/2008 20:11:01

C:\Windows\System32\libsyslic1.ls -->16/07/2008 12:21:12

C:\Windows\System32\libsyslic1.pd -->16/07/2008 12:21:09

C:\Windows\System32\iconv.dll -->16/07/2008 12:21:09

C:\Windows\System32\libxslt.dll -->16/07/2008 12:21:08

C:\Windows\System32\libxml2.dll -->16/07/2008 12:21:08

C:\Windows\System32\libexslt.dll -->16/07/2008 12:21:07

C:\Windows\System32\tzres.dll -->16/07/2008 3:32:44

C:\Windows\System32\FNTCACHE.DAT -->13/07/2008 0:08:10

C:\Windows\System32\PnkBstrB.exe -->11/07/2008 21:00:11

C:\Windows\System32\avgrsstx.dll -->3/07/2008 23:08:36

C:\Windows\System32\wininet.dll -->27/06/2008 6:15:28

C:\Windows\System32\urlmon.dll -->27/06/2008 6:15:28

C:\Windows\System32\mstime.dll -->27/06/2008 6:15:25

C:\Windows\System32\mshtml.dll -->27/06/2008 6:15:24

C:\Windows\System32\jsproxy.dll -->27/06/2008 6:15:24

C:\Windows\System32\ieframe.dll -->27/06/2008 6:15:23

C:\Windows\System32\mshtml.tlb -->27/06/2008 3:55:13

 

C:\Windows\QTFont.qfn -->21/08/2008 12:55:20

C:\Windows\QTFont.for -->21/08/2008 12:55:20

C:\Windows\bootstat.dat -->21/08/2008 12:54:56

C:\Windows\WindowsUpdate.log -->21/08/2008 12:53:35

C:\Windows\gmer.ini -->20/08/2008 19:08:56

C:\Windows\gmer_uninstall.cmd -->20/08/2008 18:41:12

C:\Windows\gmer.dll -->20/08/2008 18:41:12

C:\Windows\setupact.log -->19/08/2008 22:50:03

C:\Windows\PFRO.log -->19/08/2008 17:18:06

C:\Windows\DirectX.log -->7/08/2008 13:05:06

C:\Windows\LDPINST.LOG -->14/07/2008 20:35:00

C:\Windows\DPINST.LOG -->14/07/2008 19:36:19

C:\Windows\KE.log -->14/07/2008 19:23:32

C:\Windows\KB893803v2.log -->14/07/2008 19:22:59

C:\Windows\NeroDigital.ini -->13/07/2008 13:31:54

 

winlogon.exe

Verified: Signed

svchost.exe

Verified: Signed

ws2_32.dll

Verified: Signed

user32.dll

Verified: Signed

tcpip.sys

Verified: Signed

ndis.sys

Verified: Signed

null.sys

Verified: Signed

 

 

ListDLLs v2.25 - DLL lister for Win9x/NT

Copyright © 1997-2004 Mark Russinovich

Sysinternals - www.sysinternals.com

 

------------------------------------------------------------------------------

explorer.exe pid: 3016

Command line: C:\Windows\Explorer.EXE

 

Base Size Version Path

0x00360000 0x2cd000 6.00.6001.18000 C:\Windows\Explorer.EXE

0x76f80000 0x127000 6.00.6001.18000 C:\Windows\system32\ntdll.dll

0x75810000 0xdb000 6.00.6001.18000 C:\Windows\system32\kernel32.dll

0x75c00000 0xc6000 6.00.6001.18000 C:\Windows\system32\ADVAPI32.dll

0x76ba0000 0xc2000 6.00.6001.18051 C:\Windows\system32\RPCRT4.dll

0x77190000 0x4b000 6.00.6001.18023 C:\Windows\system32\GDI32.dll

0x75a00000 0x9d000 6.00.6001.18000 C:\Windows\system32\USER32.dll

0x76da0000 0xaa000 7.00.6001.18000 C:\Windows\system32\msvcrt.dll

0x76c70000 0x58000 6.00.6001.18000 C:\Windows\system32\SHLWAPI.dll

0x75ea0000 0xb0f000 6.00.6001.18062 C:\Windows\system32\SHELL32.dll

0x75d50000 0x144000 6.00.6001.18000 C:\Windows\system32\ole32.dll

0x75b70000 0x8d000 6.00.6001.18000 C:\Windows\system32\OLEAUT32.dll

0x70630000 0x107000 6.00.6001.18000 C:\Windows\system32\SHDOCVW.dll

0x73ad0000 0x3f000 6.00.6001.18000 C:\Windows\system32\UxTheme.dll

0x74a60000 0x1a000 6.00.6001.18000 C:\Windows\system32\POWRPROF.dll

0x71010000 0xc000 6.00.6001.18000 C:\Windows\system32\dwmapi.dll

0x73b40000 0x1ab000 5.02.6001.18000 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18000_none_9e752e5a

c9c619f3\gdiplus.dll

0x75050000 0x3a000 6.00.6001.18000 C:\Windows\system32\slc.dll

0x74060000 0xbb000 7.00.6001.16503 C:\Windows\system32\PROPSYS.dll

0x704d0000 0x146000 6.00.6001.18000 C:\Windows\system32\BROWSEUI.dll

0x759e0000 0x1e000 6.00.6001.18000 C:\Windows\system32\IMM32.dll

0x76cd0000 0xc8000 6.00.6001.18000 C:\Windows\system32\MSCTF.dll

0x73b10000 0x30000 6.00.6001.18000 C:\Windows\system32\DUser.dll

0x75800000 0x9000 6.00.6001.18000 C:\Windows\system32\LPK.DLL

0x770b0000 0x7d000 1.626.6001.18000 C:\Windows\system32\USP10.dll

0x10000000 0x5000 8.00.0000.0134 C:\Windows\system32\avgrsstx.dll

0x746c0000 0x19e000 6.10.6001.18000 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll

0x71080000 0xb3000 6.00.6001.18000 C:\Windows\system32\WindowsCodecs.dll

0x70440000 0x6000 6.00.6000.16386 C:\Windows\system32\IconCodecService.dll

0x75690000 0x14000 6.00.6001.18000 C:\Windows\system32\Secur32.dll

0x75920000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL

0x74b30000 0x3b000 6.00.6001.18000 C:\Windows\system32\rsaenh.dll

0x70160000 0xb2000 6.00.6001.18000 C:\Windows\system32\timedate.cpl

0x74570000 0x14000 3.05.2284.0000 C:\Windows\system32\ATL.DLL

0x75460000 0x75000 6.00.6001.18000 C:\Windows\system32\NETAPI32.dll

0x75760000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL

0x73a90000 0x39000 4.02.5406.0000 C:\Windows\system32\OLEACC.dll

0x70030000 0x53000 6.00.6001.18000 C:\Windows\System32\actxprxy.dll

0x756b0000 0x1e000 6.00.6001.18000 C:\Windows\system32\USERENV.dll

0x709e0000 0x2b000 6.00.6001.18000 C:\Windows\system32\msutb.dll

0x74e20000 0xa000 6.00.6001.18000 C:\Windows\system32\WTSAPI32.dll

0x74bf0000 0xd7000 6.00.6000.16386 C:\Windows\system32\WINBRAND.dll

0x71250000 0x16000 6.00.6001.18000 C:\Windows\System32\shacct.dll

0x75220000 0x11000 6.00.6001.18000 C:\Windows\System32\SAMLIB.dll

0x75630000 0x2c000 6.00.6001.18000 C:\Windows\system32\apphelp.dll

0x6fff0000 0x3c000 7.00.6001.16503 C:\Windows\System32\msshsq.dll

0x6fe50000 0xc6000 6.00.6001.18098 C:\Windows\System32\NaturalLanguage6.dll

0x75090000 0xf1000 6.00.6001.18000 C:\Windows\System32\CRYPT32.dll

0x75200000 0x12000 6.00.6000.16386 C:\Windows\System32\MSASN1.dll

0x6f930000 0x28c000 6.00.6001.18000 C:\Windows\System32\NLSData000c.dll

0x6ed30000 0x5f4000 6.00.6000.16386 C:\Windows\System32\NLSLexicons000c.dll

0x71430000 0x1e8000 6.00.6001.18000 C:\Windows\system32\authui.dll

0x717c0000 0x5000 6.00.6000.16386 C:\Windows\system32\MSIMG32.dll

0x70290000 0x9000 6.00.6000.16386 C:\Windows\system32\LINKINFO.dll

0x76e50000 0x129000 7.00.6001.18099 C:\Windows\system32\urlmon.dll

0x769b0000 0x45000 7.00.6001.18000 C:\Windows\system32\iertutil.dll

0x74a80000 0x21000 6.00.6001.18000 C:\Windows\system32\NTMARTA.DLL

0x77130000 0x4a000 6.00.6001.18000 C:\Windows\system32\WLDAP32.dll

0x759b0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll

0x77180000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll

0x6f360000 0x5ce000 7.00.6001.18099 C:\Windows\system32\ieframe.dll

0x712b0000 0x32000 6.00.6001.18000 C:\Windows\system32\WINMM.dll

0x71220000 0x2f000 6.00.6001.18000 C:\Windows\system32\wdmaud.drv

0x712a0000 0x4000 6.00.6000.16386 C:\Windows\system32\ksuser.dll

0x74640000 0x27000 6.00.6001.18000 C:\Windows\system32\MMDevAPI.DLL

0x74a40000 0x7000 6.00.6001.18000 C:\Windows\system32\AVRT.dll

0x76a00000 0x18a000 6.00.6001.18000 C:\Windows\system32\SETUPAPI.dll

0x748b0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WINTRUST.dll

0x758f0000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll

0x711f0000 0x21000 6.00.6001.18000 C:\Windows\system32\AUDIOSES.DLL

0x71180000 0x66000 6.00.6001.18000 C:\Windows\system32\audioeng.dll

0x6fd00000 0x4a000 6.00.6001.18000 C:\Windows\system32\ntshrui.dll

0x71d20000 0xb000 6.00.6001.18000 C:\Windows\system32\cscapi.dll

0x700e0000 0x7000 4.00.6000.16386 C:\Windows\system32\msiltcfg.dll

0x74a50000 0x8000 6.00.6001.18000 C:\Windows\system32\VERSION.dll

0x70790000 0x202000 4.00.6001.18000 C:\Windows\system32\msi.dll

0x700d0000 0x9000 6.00.6001.18000 C:\Windows\system32\ExplorerFrame.dll

0x75aa0000 0xd0000 7.00.6001.18099 C:\Windows\system32\WININET.dll

0x76b90000 0x3000 6.00.6000.16386 C:\Windows\system32\Normaliz.dll

0x71290000 0x9000 6.00.6001.18000 C:\Windows\system32\msacm32.drv

0x71160000 0x14000 6.00.6001.18000 C:\Windows\system32\MSACM32.dll

0x71020000 0x7000 6.00.6001.18000 C:\Windows\system32\midimap.dll

0x6f330000 0x30000 6.00.6001.18000 C:\Windows\system32\MLANG.dll

0x6dc10000 0x92000 6.00.6001.18000 C:\Windows\system32\stobject.dll

0x6db50000 0xb6000 6.00.6000.16386 C:\Windows\system32\BatMeter.dll

0x74ae0000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll

0x74120000 0x47000 2001.12.6931.18057 C:\Windows\system32\es.dll

0x6dde0000 0x30000 6.00.6000.16386 C:\Windows\System32\SndVolSSO.dll

0x6dd20000 0x21000 6.00.6000.16386 C:\Windows\ehome\ehSSO.dll

0x74460000 0x9000 6.00.6000.16386 C:\Windows\system32\HID.DLL

0x74990000 0x66000 6.00.6001.18000 C:\Windows\system32\FirewallAPI.dll

0x6d530000 0x30b000 6.00.6001.18000 C:\Windows\System32\netshell.dll

0x74ff0000 0x19000 6.00.6001.18000 C:\Windows\System32\IPHLPAPI.DLL

0x74fb0000 0x35000 6.00.6001.18000 C:\Windows\System32\dhcpcsvc.DLL

0x75250000 0x2c000 6.00.6001.18000 C:\Windows\System32\DNSAPI.dll

0x74fa0000 0x7000 6.00.6001.18000 C:\Windows\System32\WINNSI.DLL

0x74f70000 0x21000 6.00.6001.18000 C:\Windows\System32\dhcpcsvc6.DLL

0x74970000 0xf000 6.00.6001.18000 C:\Windows\System32\nlaapi.dll

0x6d990000 0x1bf000 6.00.6001.18000 C:\Windows\system32\pnidui.dll

0x6e340000 0x17000 6.00.6001.18000 C:\Windows\system32\QUtil.dll

0x75010000 0x40000 6.00.6001.18000 C:\Windows\system32\wevtapi.dll

0x73a50000 0x6000 6.00.6000.16386 C:\Windows\system32\wlanutil.dll

0x72cb0000 0x27000 6.00.6001.18000 C:\Windows\system32\FunDisc.dll

0x6e230000 0x9000 6.00.6000.16386 C:\Windows\system32\fdproxy.dll

0x72a50000 0x126000 8.100.1043.0000 C:\Windows\System32\msxml3.dll

0x72510000 0x8000 6.00.6000.16386 C:\Windows\System32\npmproxy.dll

0x6d850000 0x12000 6.00.6001.18000 C:\Windows\system32\Wlanapi.dll

0x73cf0000 0x17c000 6.00.6001.18000 C:\Windows\system32\OneX.DLL

0x74050000 0xe000 6.00.6001.18000 C:\Windows\system32\eappprxy.dll

0x73f60000 0x24000 6.00.6001.18000 C:\Windows\system32\eappcfg.dll

0x74ed0000 0x45000 6.00.6001.18000 C:\Windows\system32\bcrypt.dll

0x700b0000 0xd000 6.00.6000.16386 C:\Windows\System32\AltTab.dll

0x6d480000 0x23000 6.00.6001.18000 C:\Windows\system32\wpdshserviceobj.dll

0x73980000 0x5f000 6.00.6001.18000 C:\Windows\system32\WINHTTP.dll

0x6d3e0000 0x4d000 7.00.6001.16503 C:\Windows\System32\srchadmin.dll

0x6d440000 0x3c000 7.00.6001.18000 C:\Windows\system32\webcheck.dll

0x6cfa0000 0x21c000 6.00.6001.18000 C:\Windows\System32\SyncCenter.dll

0x6d4f0000 0x39000 6.00.6001.18000 C:\Windows\system32\wscntfy.dll

0x71d70000 0xb000 6.00.6001.18000 C:\Windows\system32\WSCAPI.dll

0x717d0000 0xb000 7.00.6001.16503 C:\Windows\system32\mssprxy.dll

0x6cee0000 0x51000 6.00.6001.18000 C:\Windows\system32\imapi2.dll

0x6e2a0000 0x2e000 6.00.6001.18000 C:\Windows\System32\QAgent.dll

0x735e0000 0x96000 6.00.6001.18000 C:\Windows\System32\fwpuclnt.dll

0x755d0000 0x5f000 6.00.6001.18000 C:\Windows\system32\SXS.DLL

0x72500000 0xb000 6.00.6001.18000 C:\Windows\system32\wbem\wbemprox.dll

0x72450000 0x5b000 6.00.6001.18000 C:\Windows\system32\wbemcomn.dll

0x72280000 0x10000 6.00.6001.18000 C:\Windows\system32\wbem\wbemsvc.dll

0x71dd0000 0x99000 6.00.6001.18000 C:\Windows\system32\wbem\fastprox.dll

0x751e0000 0x18000 6.00.6001.18000 C:\Windows\system32\NTDSAPI.dll

0x6d300000 0x2b000 6.00.6001.18000 C:\Windows\system32\PortableDeviceTypes.dll

0x72220000 0x46000 6.00.6001.18000 C:\Windows\system32\PortableDeviceApi.dll

0x6bc90000 0xf9000 6.00.6001.18000 C:\Windows\system32\bthprops.cpl

0x74620000 0x15000 6.00.6001.18000 C:\Windows\system32\Cabinet.dll

0x75190000 0x14000 6.00.6001.18000 C:\Windows\system32\MPR.dll

0x6e1a0000 0x13000 6.00.6001.18000 C:\Windows\System32\ntlanman.dll

0x6e320000 0x8000 6.00.6000.16386 C:\Windows\System32\drprov.dll

0x6e310000 0xf000 6.00.6000.16386 C:\Windows\System32\davclnt.dll

0x69340000 0x57000 6.00.6001.18000 C:\Windows\system32\zipfldr.dll

0x03ec0000 0x2e000 C:\Program Files\WinRAR\rarext.dll

0x69630000 0x60000 6.00.6001.18000 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll

0x72d10000 0x2f000 1.02.1009.0000 C:\Windows\system32\xmllite.dll

0x6ae60000 0x16000 6.00.6001.18000 C:\Windows\system32\thumbcache.dll

 

ListDLLs v2.25 - DLL lister for Win9x/NT

Copyright © 1997-2004 Mark Russinovich

Sysinternals - www.sysinternals.com

 

------------------------------------------------------------------------------

winlogon.exe pid: 744

Command line: winlogon.exe

 

Base Size Version Path

0x001d0000 0x50000 6.00.6001.18000 C:\Windows\system32\winlogon.exe

0x76f80000 0x127000 6.00.6001.18000 C:\Windows\system32\ntdll.dll

0x75810000 0xdb000 6.00.6001.18000 C:\Windows\system32\kernel32.dll

0x75c00000 0xc6000 6.00.6001.18000 C:\Windows\system32\ADVAPI32.dll

0x76ba0000 0xc2000 6.00.6001.18051 C:\Windows\system32\RPCRT4.dll

0x75a00000 0x9d000 6.00.6001.18000 C:\Windows\system32\USER32.dll

0x77190000 0x4b000 6.00.6001.18023 C:\Windows\system32\GDI32.dll

0x76da0000 0xaa000 7.00.6001.18000 C:\Windows\system32\msvcrt.dll

0x75690000 0x14000 6.00.6001.18000 C:\Windows\system32\Secur32.dll

0x74ae0000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll

0x75760000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL

0x756b0000 0x1e000 6.00.6001.18000 C:\Windows\system32\USERENV.dll

0x759e0000 0x1e000 6.00.6001.18000 C:\Windows\system32\IMM32.DLL

0x76cd0000 0xc8000 6.00.6001.18000 C:\Windows\system32\MSCTF.dll

0x75800000 0x9000 6.00.6001.18000 C:\Windows\system32\LPK.DLL

0x770b0000 0x7d000 1.626.6001.18000 C:\Windows\system32\USP10.dll

0x10000000 0x5000 8.00.0000.0134 C:\Windows\system32\avgrsstx.dll

0x75630000 0x2c000 6.00.6001.18000 C:\Windows\system32\apphelp.dll

0x74a80000 0x21000 6.00.6001.18000 C:\Windows\system32\NTMARTA.DLL

0x77130000 0x4a000 6.00.6001.18000 C:\Windows\system32\WLDAP32.dll

0x759b0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll

0x77180000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll

0x75220000 0x11000 6.00.6001.18000 C:\Windows\system32\SAMLIB.dll

0x75d50000 0x144000 6.00.6001.18000 C:\Windows\system32\ole32.dll

0x741c0000 0x3e000 6.00.6001.18000 C:\Windows\system32\SHSVCS.dll

0x73ad0000 0x3f000 6.00.6001.18000 C:\Windows\system32\uxtheme.dll

0x74b30000 0x3b000 6.00.6001.18000 C:\Windows\system32\rsaenh.dll

0x71080000 0xb3000 6.00.6001.18000 C:\Windows\system32\WindowsCodecs.dll

0x75460000 0x75000 6.00.6001.18000 C:\Windows\system32\NETAPI32.dll

0x75050000 0x3a000 6.00.6001.18000 C:\Windows\system32\slc.dll

0x75190000 0x14000 6.00.6001.18000 C:\Windows\system32\MPR.dll

 

 

Le volume dans le lecteur C n'a pas de nom.

Le numéro de série du volume est 1411-2FA7

 

Répertoire de C:\Windows\system32

 

21/01/2008 04:24 6.144 csrss.exe

1 fichier(s) 6.144 octets

0 Rép(s) 136.446.205.952 octets libres

 

Contenu de Downloaded Program Files

Le volume dans le lecteur C n'a pas de nom.

Le numéro de série du volume est 1411-2FA7

 

Répertoire de C:\Windows\Downloaded Program Files

 

19/08/2008 21:45 <REP> .

19/08/2008 21:45 <REP> ..

08/05/2008 20:50 <REP> CONFLICT.1

18/09/2006 23:26 65 desktop.ini

25/07/2002 18:13 24.576 dwusplay.dll

25/07/2002 18:13 196.608 dwusplay.exe

24/03/2008 19:33 1.527.056 FP_AX_CAB_INSTALLER.exe

28/09/2007 04:41 381.960 GAME_UNO1.dll

17/01/2007 15:44 316 GAME_UNO1.INF

07/05/2008 19:35 5.981.728 gopets.ocx

28/06/2007 14:18 907 GoPetsWeb.inf

29/06/2007 22:34 448.024 GoPetsWeb.ocx

20/03/2006 17:34 484.272 isusweb.dll

13/08/2008 15:03 575 kavwebscan.inf

22/02/2007 23:41 304.544 MessengerStatsPAClient.dll

28/02/2007 14:21 130.472 MineSweeper.dll

28/02/2007 14:21 131.472 msgrchkr.dll

24/03/2008 19:18 247 swflash.inf

15 fichier(s) 9.612.822 octets

 

Répertoire de C:\Windows\Downloaded Program Files\CONFLICT.1

 

08/05/2008 20:50 <REP> .

08/05/2008 20:50 <REP> ..

07/05/2008 19:35 5.981.728 gopets.ocx

1 fichier(s) 5.981.728 octets

 

Total des fichiers listés :

16 fichier(s) 15.594.550 octets

5 Rép(s) 136.446.205.952 octets libres

 

Recherche de rootkit! (Merci S!Ri)

 

Recherche d'infections connues

 

Export des clefs sensibles..

 

 

Liste des fichiers en exception sur le pare-feu XP SP2

 

"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"

 

Export de la clef SharedTaskScheduler

 

[sharedTaskScheduler]

 

 

 

exports des policies

REGEDIT4

 

[system]

"ConsentPromptBehaviorAdmin"=dword:00000002

"ConsentPromptBehaviorUser"=dword:00000001

"EnableInstallerDetection"=dword:00000001

"EnableLUA"=dword:00000000

"EnableSecureUIAPaths"=dword:00000001

"EnableVirtualization"=dword:00000001

"PromptOnSecureDesktop"=dword:00000001

"ValidateAdminCodeSignatures"=dword:00000000

"dontdisplaylastusername"=dword:00000000

"legalnoticecaption"=""

"legalnoticetext"=""

"scforceoption"=dword:00000000

"shutdownwithoutlogon"=dword:00000001

"undockwithoutlogon"=dword:00000001

"FilterAdministratorToken"=dword:00000000

"EnableUIADesktopToggle"=dword:00000000

 

[system\UIPI]

 

[system\UIPI\Clipboard]

 

[system\UIPI\Clipboard\ExceptionFormats]

"CF_TEXT"=dword:00000001

"CF_BITMAP"=dword:00000002

"CF_OEMTEXT"=dword:00000007

"CF_DIB"=dword:00000008

"CF_PALETTE"=dword:00000009

"CF_UNICODETEXT"=dword:0000000d

"CF_DIBV5"=dword:00000011

 

 

 

Export des clefs sensibles..

Rechercher adresses sensibles dans le fichier HOSTS...

catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-08-21 12:58:48

Windows 6.0.6001 Service Pack 1 NTFS

 

scanning hidden services & system hive ...

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]

"s1"=dword:2df9c43f

"s2"=dword:110480d0

"h0"=dword:00000001

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000000

"khjeh"=hex:94,dc,34,84,52,0d,13,f4,03,3e,8f,df,55,64,32,17,64,27,40,8e,33,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000000

"khjeh"=hex:94,dc,34,84,52,0d,13,f4,03,3e,8f,df,55,64,32,17,64,27,40,8e,33,..

 

scanning hidden registry entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden services: 0

hidden files: 0

 

 

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

 

Sorry, this version supports only Win2K/XP

 

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

 

Sorry, this version supports only Win2K/XP

 

Le volume dans le lecteur C n'a pas de nom.

Le numéro de série du volume est 1411-2FA7

 

Répertoire de C:\Program Files

 

19/08/2008 21:31 <REP> .

19/08/2008 21:31 <REP> ..

19/08/2008 16:55 <REP> Adobe

12/07/2008 14:11 <REP> Allok MOV Converter

05/05/2008 12:20 <REP> Analog Devices

11/05/2008 14:44 <REP> Apple Software Update

05/05/2008 12:28 <REP> ASUS

06/05/2008 16:43 <REP> AVG

25/05/2008 16:35 <REP> AviSynth 2.5

07/08/2008 13:02 <REP> Bethesda Softworks

10/05/2008 12:06 <REP> Bonjour

19/08/2008 17:00 <REP> Common Files

05/05/2008 12:21 <REP> Creative

05/05/2008 12:45 <REP> DIFX

10/05/2008 12:42 <REP> directx

08/05/2008 18:10 <REP> D-Link

16/05/2008 19:06 <REP> DNA

04/08/2008 11:40 <REP> Electronic Arts

07/05/2008 18:42 <REP> Google

05/05/2008 12:12 <REP> Intel

11/05/2008 10:58 <REP> Internet Explorer

10/05/2008 12:07 <REP> iPod

10/05/2008 12:07 <REP> iTunes

06/05/2008 22:43 <REP> Java

21/06/2008 13:59 <REP> LimeWire

17/05/2008 14:06 <REP> Linksys Wireless-G PCI Network Adapter with SpeedBooster

19/08/2008 22:49 <REP> Logitech

05/05/2008 12:27 <REP> Marvell

06/05/2008 17:10 <REP> Messenger Plus! Live

13/07/2008 13:30 <REP> Micro Application

02/11/2006 14:37 <REP> Microsoft Games

05/05/2008 12:58 <REP> Microsoft Office

05/05/2008 12:58 <REP> Microsoft Visual Studio

05/05/2008 12:58 <REP> Microsoft Works

05/05/2008 12:58 <REP> Microsoft.NET

21/01/2008 04:35 <REP> Movie Maker

21/08/2008 12:55 <REP> Mozilla Firefox

02/11/2006 14:37 <REP> MSBuild

05/05/2008 12:53 <REP> Nero

28/05/2008 19:03 <REP> PhotoFiltre Studio

05/05/2008 12:45 <REP> Pinnacle

25/05/2008 16:35 <REP> pspvideo9

10/05/2008 12:05 <REP> QuickTime

02/11/2006 14:37 <REP> Reference Assemblies

16/05/2008 18:45 <REP> Skype

19/08/2008 17:20 <REP> Steam

06/05/2008 22:44 <REP> SystemRequirementsLab

12/07/2008 00:21 <REP> Total Video Converter

08/05/2008 19:25 <REP> Trend Micro

10/07/2008 13:59 <REP> VideoLAN

21/01/2008 04:35 <REP> Windows Calendar

21/01/2008 04:35 <REP> Windows Collaboration

21/01/2008 04:35 <REP> Windows Defender

21/01/2008 04:35 <REP> Windows Journal

05/05/2008 19:49 <REP> Windows Live

15/08/2008 14:27 <REP> Windows Mail

21/01/2008 04:35 <REP> Windows Media Player

05/05/2008 11:59 <REP> Windows NT

21/01/2008 04:35 <REP> Windows Photo Gallery

21/01/2008 04:35 <REP> Windows Sidebar

06/05/2008 17:11 <REP> WinRAR

0 fichier(s) 0 octets

61 Rép(s) 136.429.785.088 octets libres

Le volume dans le lecteur C n'a pas de nom.

Le numéro de série du volume est 1411-2FA7

 

Répertoire de C:\Program Files\fichiers communs

 

Le volume dans le lecteur C n'a pas de nom.

Le numéro de série du volume est 1411-2FA7

 

Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

 

05/05/2008 12:58 <REP> .

05/05/2008 12:58 <REP> ..

05/05/2008 12:56 <REP> 1036

26/10/2006 20:12 40.256 MSOSV.DLL

1 fichier(s) 40.256 octets

3 Rép(s) 136.429.785.088 octets libres

Le volume dans le lecteur C n'a pas de nom.

Le numéro de série du volume est 1411-2FA7

 

Répertoire de C:\Program Files\common files

 

19/08/2008 17:00 <REP> .

19/08/2008 17:00 <REP> ..

19/08/2008 17:00 <REP> Adobe

05/05/2008 12:54 <REP> Ahead

10/05/2008 12:02 <REP> Apple

05/05/2008 12:58 <REP> DESIGNER

15/05/2008 20:27 <REP> FotoWire

05/05/2008 12:43 <REP> InstallShield

06/05/2008 22:41 <REP> Java

05/05/2008 12:54 <REP> LightScribe

14/07/2008 20:34 <REP> LogiShrd

06/05/2008 16:42 <REP> microsoft shared

02/11/2006 13:18 <REP> Services

16/05/2008 18:45 <REP> Skype

02/11/2006 13:18 <REP> SpeechEngines

05/08/2008 12:14 <REP> Steam

05/05/2008 12:56 <REP> System

0 fichier(s) 0 octets

17 Rép(s) 136.429.785.088 octets libres

 

 

 

 

 

****** Fin du rapport DiagHelp

Veuillez svp envoyer le fichier C:\upload_moi_PC-DE-JULIAN.tar.gz a l'adresse http://upload.malekal.com

[Falkra]

Clean. tu peux virer DiagHelp, et réactiver ton UAC.

 

Ce n'est pas viral, ton affaire.

 

Relance Hijackthis.

• Clique sur Open the misc tools sections
  
• Clique sur Open uninstall Manager
  
• Clique sur Save list
  
• Enregistre le fichier > Une fenêtre du bloc-notes va s'ouvrir, copie-colle le contenu ici.
  

 

Cela me permettra de voir les programmes installés.

[Julian84]

2007 Microsoft Office Suite Service Pack 1 (SP1)

2007 Microsoft Office Suite Service Pack 1 (SP1)

2007 Microsoft Office Suite Service Pack 1 (SP1)

2007 Microsoft Office Suite Service Pack 1 (SP1)

2007 Microsoft Office Suite Service Pack 1 (SP1)

2007 Microsoft Office Suite Service Pack 1 (SP1)

2007 Microsoft Office Suite Service Pack 1 (SP1)

2007 Microsoft Office Suite Service Pack 1 (SP1)

2007 Microsoft Office Suite Service Pack 1 (SP1)

2007 Microsoft Office Suite Service Pack 1 (SP1)

2007 Microsoft Office Suite Service Pack 1 (SP1)

2007 Microsoft Office Suite Service Pack 1 (SP1)

2007 Microsoft Office Suite Service Pack 1 (SP1)

2007 Microsoft Office Suite Service Pack 1 (SP1)

2007 Microsoft Office Suite Service Pack 1 (SP1)

2007 Microsoft Office Suite Service Pack 1 (SP1)

2007 Microsoft Office system

Adobe Color Common Settings

Adobe Color Common Settings

Adobe ExtendScript Toolkit 2

Adobe ExtendScript Toolkit 2

Adobe Flash Player ActiveX

Adobe Flash Player Plugin

Adobe Setup

Adobe Setup

Adobe Shockwave Player 11

AI Suite

Allok MOV Converter 3.4.0423

Apple Mobile Device Support

Apple Software Update

Archiveur WinRAR

AVG Free 8.0

AviSynth 2.5

Bonjour (JE PENSE QU'IL FAUT LE VIRER)

Command & Conquer 3

Composants Internet Partagés de Westwood

Counter-Strike: Source

er100LT

Half-Life 2: Lost Coast

HijackThis 2.0.2

Host OpenAL (ADI)

iTunes

Java 6 Update 5

Java 6 Update 7

LimeWire PRO 4.18.3

Linksys Wireless-G PCI Network Adapter with SpeedBooster

Logitech GamePanel Software 2.02

Logitech Print Service

Logitech SetPoint 5.00

Marvell Miniport Driver

Messenger Plus! Live

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Hotfix (KB929729)

Microsoft Office Access MUI (French) 2007

Microsoft Office Excel MUI (French) 2007

Microsoft Office Home and Student 2007

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (French) 2007

Microsoft Office Outlook MUI (French) 2007

Microsoft Office PowerPoint MUI (French) 2007

Microsoft Office Professional Hybrid 2007

Microsoft Office Proof (Arabic) 2007

Microsoft Office Proof (Dutch) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (French) 2007

Microsoft Office Publisher MUI (French) 2007

Microsoft Office Shared MUI (French) 2007

Microsoft Office Word MUI (French) 2007

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable

Mozilla Firefox (3.0.1)

Nero 7 Essentials

NVIDIA Drivers

OpenOffice.org Installer 1.0

Package de pilotes Windows - Philips Pinnacle Systems PCTV 3010ix, 7010ix (10/27/2006 1.0.3.3)

Package de pilotes Windows - Pinnacle Systems PCTV 100e/320e Audio (01/29/2007 5.7.0129.0)

Package de pilotes Windows - Pinnacle Systems PCTV 100i,110i,300i,310i, MCE (11/22/2006 1.3.3.5)

Package de pilotes Windows - Pinnacle Systems PCTV 320cx (02/26/2007 3.0.3.3)

Package de pilotes Windows - Pinnacle Systems PCTV 320cx Infrared receiver (11/03/2006 2.0.1)

Package de pilotes Windows - Pinnacle Systems PCTV 70e/100e/160e/170e/320e/330e/800e (01/29/2007 5.7.0129.0)

Package de pilotes Windows - Pinnacle Systems PCTV 71e (09/28/2006 6.9.28.4)

Package de pilotes Windows - Pinnacle Systems Pinnacle Systems PCTV 310c (06/02/2006 3.0.1.1)

Package de pilotes Windows - Pinnacle Systems Pinnacle Systems PCTV 310c (06/02/2006 3.0.1.1)

PhotoFiltre Studio

Pinnacle PCTV MCE

PSP Video 9 1.74

QuickTime

Security Update for 2007 Microsoft Office System (KB951596)

Security Update for 2007 Microsoft Office System (KB951596)

Security Update for Microsoft Office Excel 2007 (KB951546)

Security Update for Microsoft Office Excel 2007 (KB951546)

Security Update for Microsoft Office PowerPoint 2007 (KB951338)

Security Update for Microsoft Office PowerPoint 2007 (KB951338)

Security Update for Microsoft Office Publisher 2007 (KB950114)

Security Update for Microsoft Office system 2007 (KB951808)

Security Update for Microsoft Office system 2007 (KB951808)

Security Update for Microsoft Office Word 2007 (KB950113)

Security Update for Microsoft Office Word 2007 (KB950113)

Skype™ 3.8

SoundMAX

Source Dedicated Server

Steam

System Requirements Lab

TrackMania Nations Forever

Update for Microsoft Office Outlook 2007 (KB952142)

Update for Office 2007 (KB946691)

Update for Office 2007 (KB946691)

Update for Outlook 2007 Junk Email Filter (kb955433)

Video Converter 3

VideoLAN VLC media player 0.8.6h

WebCam for MSN Messenger

Windows Live installer

Windows Live Messenger

Windows Media Player Firefox Plugin

 

Tous ces logiciels sont légaux a part Alok MOV Converter ou une Clé à été utulisée

[Falkra]

Je cherche des logiciels infectieux, je me moque pour la désinfection de leur légalité, sauf si un crack t'infecte.

 

J'espère que tu n'as pas bidouillé la liste, de toute façon elle est clean. Bonjour ne fait pas ça. Désinstalle s'il te casse les pieds.

 

Supprime les outils spéciaux utilisés. Adresse une demande en software, ton problème n'est pas infectieux.

 

 

Et ne poste pas n'importe quoi dans les désinfections des autres...

[Julian84]

Jviens de me faire infecter

 

http://www.noelshack.com/uploads/Sanstitre083300.jpg

 

:/

[Julian84]

DiagHelp version v1.4 - http://www.malekal.com

excute le jeu. 21/08/2008 à 12:58:30,04

 

 

Liste des derniers fichies modifies/crees dans windir\system32 et prefetch

C:\Windows\prefetch\CHCP.COM-950EAF32.pf -->21/08/2008 12:58:28

C:\Windows\prefetch\SEARCHFILTERHOST.EXE-AA7A1FDD.pf -->21/08/2008 12:58:17

C:\Windows\prefetch\WINRAR.EXE-6F42D4E7.pf -->21/08/2008 12:58:11

C:\Windows\prefetch\WMIPRVSE.EXE-43972D0F.pf -->21/08/2008 12:58:00

C:\Windows\prefetch\DLLHOST.EXE-71214090.pf -->21/08/2008 12:57:49

C:\Windows\prefetch\VERCLSID.EXE-4D95F5A7.pf -->21/08/2008 12:57:43

C:\Windows\prefetch\USNSVC.EXE-42F10D33.pf -->21/08/2008 12:56:28

C:\Windows\prefetch\AVGUPD.EXE-A930AEA7.pf -->21/08/2008 12:56:15

C:\Windows\prefetch\SEARCHPROTOCOLHOST.EXE-AFAD3EF9.pf -->21/08/2008 12:56:11

C:\Windows\prefetch\AVGCMGR.EXE-556E623C.pf -->21/08/2008 12:56:00

 

C:\Windows\System32\drivers\gmer.sys -->20/08/2008 18:41:12

C:\Windows\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf -->14/07/2008 20:25:28

C:\Windows\System32\drivers\hamachi.sys -->13/07/2008 21:22:10

C:\Windows\System32\drivers\PnkBstrK.sys -->11/07/2008 21:00:18

C:\Windows\System32\drivers\avgmfx86.sys -->3/07/2008 23:08:35

C:\Windows\System32\drivers\avgldx86.sys -->3/07/2008 23:08:35

C:\Windows\System32\drivers\sptd.sys -->14/05/2008 19:31:43

 

C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -->21/08/2008 12:54:59

C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -->21/08/2008 12:54:59

C:\Windows\System32\PerfStringBackup.INI -->19/08/2008 15:14:33

C:\Windows\System32\perfh00C.dat -->19/08/2008 15:14:33

C:\Windows\System32\perfh009.dat -->19/08/2008 15:14:33

C:\Windows\System32\perfc00C.dat -->19/08/2008 15:14:33

C:\Windows\System32\perfc009.dat -->19/08/2008 15:14:33

C:\Windows\System32\mrt.exe -->5/08/2008 20:11:01

C:\Windows\System32\libsyslic1.ls -->16/07/2008 12:21:12

C:\Windows\System32\libsyslic1.pd -->16/07/2008 12:21:09

C:\Windows\System32\iconv.dll -->16/07/2008 12:21:09

C:\Windows\System32\libxslt.dll -->16/07/2008 12:21:08

C:\Windows\System32\libxml2.dll -->16/07/2008 12:21:08

C:\Windows\System32\libexslt.dll -->16/07/2008 12:21:07

C:\Windows\System32\tzres.dll -->16/07/2008 3:32:44

C:\Windows\System32\FNTCACHE.DAT -->13/07/2008 0:08:10

C:\Windows\System32\PnkBstrB.exe -->11/07/2008 21:00:11

C:\Windows\System32\avgrsstx.dll -->3/07/2008 23:08:36

C:\Windows\System32\wininet.dll -->27/06/2008 6:15:28

C:\Windows\System32\urlmon.dll -->27/06/2008 6:15:28

C:\Windows\System32\mstime.dll -->27/06/2008 6:15:25

C:\Windows\System32\mshtml.dll -->27/06/2008 6:15:24

C:\Windows\System32\jsproxy.dll -->27/06/2008 6:15:24

C:\Windows\System32\ieframe.dll -->27/06/2008 6:15:23

C:\Windows\System32\mshtml.tlb -->27/06/2008 3:55:13

 

C:\Windows\QTFont.qfn -->21/08/2008 12:55:20

C:\Windows\QTFont.for -->21/08/2008 12:55:20

C:\Windows\bootstat.dat -->21/08/2008 12:54:56

C:\Windows\WindowsUpdate.log -->21/08/2008 12:53:35

C:\Windows\gmer.ini -->20/08/2008 19:08:56

C:\Windows\gmer_uninstall.cmd -->20/08/2008 18:41:12

C:\Windows\gmer.dll -->20/08/2008 18:41:12

C:\Windows\setupact.log -->19/08/2008 22:50:03

C:\Windows\PFRO.log -->19/08/2008 17:18:06

C:\Windows\DirectX.log -->7/08/2008 13:05:06

C:\Windows\LDPINST.LOG -->14/07/2008 20:35:00

C:\Windows\DPINST.LOG -->14/07/2008 19:36:19

C:\Windows\KE.log -->14/07/2008 19:23:32

C:\Windows\KB893803v2.log -->14/07/2008 19:22:59

C:\Windows\NeroDigital.ini -->13/07/2008 13:31:54

 

winlogon.exe

Verified: Signed

svchost.exe

Verified: Signed

ws2_32.dll

Verified: Signed

user32.dll

Verified: Signed

tcpip.sys

Verified: Signed

ndis.sys

Verified: Signed

null.sys

Verified: Signed

 

 

ListDLLs v2.25 - DLL lister for Win9x/NT

Copyright © 1997-2004 Mark Russinovich

Sysinternals - www.sysinternals.com

 

------------------------------------------------------------------------------

explorer.exe pid: 3016

Command line: C:\Windows\Explorer.EXE

 

Base Size Version Path

0x00360000 0x2cd000 6.00.6001.18000 C:\Windows\Explorer.EXE

0x76f80000 0x127000 6.00.6001.18000 C:\Windows\system32\ntdll.dll

0x75810000 0xdb000 6.00.6001.18000 C:\Windows\system32\kernel32.dll

0x75c00000 0xc6000 6.00.6001.18000 C:\Windows\system32\ADVAPI32.dll

0x76ba0000 0xc2000 6.00.6001.18051 C:\Windows\system32\RPCRT4.dll

0x77190000 0x4b000 6.00.6001.18023 C:\Windows\system32\GDI32.dll

0x75a00000 0x9d000 6.00.6001.18000 C:\Windows\system32\USER32.dll

0x76da0000 0xaa000 7.00.6001.18000 C:\Windows\system32\msvcrt.dll

0x76c70000 0x58000 6.00.6001.18000 C:\Windows\system32\SHLWAPI.dll

0x75ea0000 0xb0f000 6.00.6001.18062 C:\Windows\system32\SHELL32.dll

0x75d50000 0x144000 6.00.6001.18000 C:\Windows\system32\ole32.dll

0x75b70000 0x8d000 6.00.6001.18000 C:\Windows\system32\OLEAUT32.dll

0x70630000 0x107000 6.00.6001.18000 C:\Windows\system32\SHDOCVW.dll

0x73ad0000 0x3f000 6.00.6001.18000 C:\Windows\system32\UxTheme.dll

0x74a60000 0x1a000 6.00.6001.18000 C:\Windows\system32\POWRPROF.dll

0x71010000 0xc000 6.00.6001.18000 C:\Windows\system32\dwmapi.dll

0x73b40000 0x1ab000 5.02.6001.18000 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18000_none_9e752e5a

c9c619f3\gdiplus.dll

0x75050000 0x3a000 6.00.6001.18000 C:\Windows\system32\slc.dll

0x74060000 0xbb000 7.00.6001.16503 C:\Windows\system32\PROPSYS.dll

0x704d0000 0x146000 6.00.6001.18000 C:\Windows\system32\BROWSEUI.dll

0x759e0000 0x1e000 6.00.6001.18000 C:\Windows\system32\IMM32.dll

0x76cd0000 0xc8000 6.00.6001.18000 C:\Windows\system32\MSCTF.dll

0x73b10000 0x30000 6.00.6001.18000 C:\Windows\system32\DUser.dll

0x75800000 0x9000 6.00.6001.18000 C:\Windows\system32\LPK.DLL

0x770b0000 0x7d000 1.626.6001.18000 C:\Windows\system32\USP10.dll

0x10000000 0x5000 8.00.0000.0134 C:\Windows\system32\avgrsstx.dll

0x746c0000 0x19e000 6.10.6001.18000 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll

0x71080000 0xb3000 6.00.6001.18000 C:\Windows\system32\WindowsCodecs.dll

0x70440000 0x6000 6.00.6000.16386 C:\Windows\system32\IconCodecService.dll

0x75690000 0x14000 6.00.6001.18000 C:\Windows\system32\Secur32.dll

0x75920000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL

0x74b30000 0x3b000 6.00.6001.18000 C:\Windows\system32\rsaenh.dll

0x70160000 0xb2000 6.00.6001.18000 C:\Windows\system32\timedate.cpl

0x74570000 0x14000 3.05.2284.0000 C:\Windows\system32\ATL.DLL

0x75460000 0x75000 6.00.6001.18000 C:\Windows\system32\NETAPI32.dll

0x75760000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL

0x73a90000 0x39000 4.02.5406.0000 C:\Windows\system32\OLEACC.dll

0x70030000 0x53000 6.00.6001.18000 C:\Windows\System32\actxprxy.dll

0x756b0000 0x1e000 6.00.6001.18000 C:\Windows\system32\USERENV.dll

0x709e0000 0x2b000 6.00.6001.18000 C:\Windows\system32\msutb.dll

0x74e20000 0xa000 6.00.6001.18000 C:\Windows\system32\WTSAPI32.dll

0x74bf0000 0xd7000 6.00.6000.16386 C:\Windows\system32\WINBRAND.dll

0x71250000 0x16000 6.00.6001.18000 C:\Windows\System32\shacct.dll

0x75220000 0x11000 6.00.6001.18000 C:\Windows\System32\SAMLIB.dll

0x75630000 0x2c000 6.00.6001.18000 C:\Windows\system32\apphelp.dll

0x6fff0000 0x3c000 7.00.6001.16503 C:\Windows\System32\msshsq.dll

0x6fe50000 0xc6000 6.00.6001.18098 C:\Windows\System32\NaturalLanguage6.dll

0x75090000 0xf1000 6.00.6001.18000 C:\Windows\System32\CRYPT32.dll

0x75200000 0x12000 6.00.6000.16386 C:\Windows\System32\MSASN1.dll

0x6f930000 0x28c000 6.00.6001.18000 C:\Windows\System32\NLSData000c.dll

0x6ed30000 0x5f4000 6.00.6000.16386 C:\Windows\System32\NLSLexicons000c.dll

0x71430000 0x1e8000 6.00.6001.18000 C:\Windows\system32\authui.dll

0x717c0000 0x5000 6.00.6000.16386 C:\Windows\system32\MSIMG32.dll

0x70290000 0x9000 6.00.6000.16386 C:\Windows\system32\LINKINFO.dll

0x76e50000 0x129000 7.00.6001.18099 C:\Windows\system32\urlmon.dll

0x769b0000 0x45000 7.00.6001.18000 C:\Windows\system32\iertutil.dll

0x74a80000 0x21000 6.00.6001.18000 C:\Windows\system32\NTMARTA.DLL

0x77130000 0x4a000 6.00.6001.18000 C:\Windows\system32\WLDAP32.dll

0x759b0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll

0x77180000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll

0x6f360000 0x5ce000 7.00.6001.18099 C:\Windows\system32\ieframe.dll

0x712b0000 0x32000 6.00.6001.18000 C:\Windows\system32\WINMM.dll

0x71220000 0x2f000 6.00.6001.18000 C:\Windows\system32\wdmaud.drv

0x712a0000 0x4000 6.00.6000.16386 C:\Windows\system32\ksuser.dll

0x74640000 0x27000 6.00.6001.18000 C:\Windows\system32\MMDevAPI.DLL

0x74a40000 0x7000 6.00.6001.18000 C:\Windows\system32\AVRT.dll

0x76a00000 0x18a000 6.00.6001.18000 C:\Windows\system32\SETUPAPI.dll

0x748b0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WINTRUST.dll

0x758f0000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll

0x711f0000 0x21000 6.00.6001.18000 C:\Windows\system32\AUDIOSES.DLL

0x71180000 0x66000 6.00.6001.18000 C:\Windows\system32\audioeng.dll

0x6fd00000 0x4a000 6.00.6001.18000 C:\Windows\system32\ntshrui.dll

0x71d20000 0xb000 6.00.6001.18000 C:\Windows\system32\cscapi.dll

0x700e0000 0x7000 4.00.6000.16386 C:\Windows\system32\msiltcfg.dll

0x74a50000 0x8000 6.00.6001.18000 C:\Windows\system32\VERSION.dll

0x70790000 0x202000 4.00.6001.18000 C:\Windows\system32\msi.dll

0x700d0000 0x9000 6.00.6001.18000 C:\Windows\system32\ExplorerFrame.dll

0x75aa0000 0xd0000 7.00.6001.18099 C:\Windows\system32\WININET.dll

0x76b90000 0x3000 6.00.6000.16386 C:\Windows\system32\Normaliz.dll

0x71290000 0x9000 6.00.6001.18000 C:\Windows\system32\msacm32.drv

0x71160000 0x14000 6.00.6001.18000 C:\Windows\system32\MSACM32.dll

0x71020000 0x7000 6.00.6001.18000 C:\Windows\system32\midimap.dll

0x6f330000 0x30000 6.00.6001.18000 C:\Windows\system32\MLANG.dll

0x6dc10000 0x92000 6.00.6001.18000 C:\Windows\system32\stobject.dll

0x6db50000 0xb6000 6.00.6000.16386 C:\Windows\system32\BatMeter.dll

0x74ae0000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll

0x74120000 0x47000 2001.12.6931.18057 C:\Windows\system32\es.dll

0x6dde0000 0x30000 6.00.6000.16386 C:\Windows\System32\SndVolSSO.dll

0x6dd20000 0x21000 6.00.6000.16386 C:\Windows\ehome\ehSSO.dll

0x74460000 0x9000 6.00.6000.16386 C:\Windows\system32\HID.DLL

0x74990000 0x66000 6.00.6001.18000 C:\Windows\system32\FirewallAPI.dll

0x6d530000 0x30b000 6.00.6001.18000 C:\Windows\System32\netshell.dll

0x74ff0000 0x19000 6.00.6001.18000 C:\Windows\System32\IPHLPAPI.DLL

0x74fb0000 0x35000 6.00.6001.18000 C:\Windows\System32\dhcpcsvc.DLL

0x75250000 0x2c000 6.00.6001.18000 C:\Windows\System32\DNSAPI.dll

0x74fa0000 0x7000 6.00.6001.18000 C:\Windows\System32\WINNSI.DLL

0x74f70000 0x21000 6.00.6001.18000 C:\Windows\System32\dhcpcsvc6.DLL

0x74970000 0xf000 6.00.6001.18000 C:\Windows\System32\nlaapi.dll

0x6d990000 0x1bf000 6.00.6001.18000 C:\Windows\system32\pnidui.dll

0x6e340000 0x17000 6.00.6001.18000 C:\Windows\system32\QUtil.dll

0x75010000 0x40000 6.00.6001.18000 C:\Windows\system32\wevtapi.dll

0x73a50000 0x6000 6.00.6000.16386 C:\Windows\system32\wlanutil.dll

0x72cb0000 0x27000 6.00.6001.18000 C:\Windows\system32\FunDisc.dll

0x6e230000 0x9000 6.00.6000.16386 C:\Windows\system32\fdproxy.dll

0x72a50000 0x126000 8.100.1043.0000 C:\Windows\System32\msxml3.dll

0x72510000 0x8000 6.00.6000.16386 C:\Windows\System32\npmproxy.dll

0x6d850000 0x12000 6.00.6001.18000 C:\Windows\system32\Wlanapi.dll

0x73cf0000 0x17c000 6.00.6001.18000 C:\Windows\system32\OneX.DLL

0x74050000 0xe000 6.00.6001.18000 C:\Windows\system32\eappprxy.dll

0x73f60000 0x24000 6.00.6001.18000 C:\Windows\system32\eappcfg.dll

0x74ed0000 0x45000 6.00.6001.18000 C:\Windows\system32\bcrypt.dll

0x700b0000 0xd000 6.00.6000.16386 C:\Windows\System32\AltTab.dll

0x6d480000 0x23000 6.00.6001.18000 C:\Windows\system32\wpdshserviceobj.dll

0x73980000 0x5f000 6.00.6001.18000 C:\Windows\system32\WINHTTP.dll

0x6d3e0000 0x4d000 7.00.6001.16503 C:\Windows\System32\srchadmin.dll

0x6d440000 0x3c000 7.00.6001.18000 C:\Windows\system32\webcheck.dll

0x6cfa0000 0x21c000 6.00.6001.18000 C:\Windows\System32\SyncCenter.dll

0x6d4f0000 0x39000 6.00.6001.18000 C:\Windows\system32\wscntfy.dll

0x71d70000 0xb000 6.00.6001.18000 C:\Windows\system32\WSCAPI.dll

0x717d0000 0xb000 7.00.6001.16503 C:\Windows\system32\mssprxy.dll

0x6cee0000 0x51000 6.00.6001.18000 C:\Windows\system32\imapi2.dll

0x6e2a0000 0x2e000 6.00.6001.18000 C:\Windows\System32\QAgent.dll

0x735e0000 0x96000 6.00.6001.18000 C:\Windows\System32\fwpuclnt.dll

0x755d0000 0x5f000 6.00.6001.18000 C:\Windows\system32\SXS.DLL

0x72500000 0xb000 6.00.6001.18000 C:\Windows\system32\wbem\wbemprox.dll

0x72450000 0x5b000 6.00.6001.18000 C:\Windows\system32\wbemcomn.dll

0x72280000 0x10000 6.00.6001.18000 C:\Windows\system32\wbem\wbemsvc.dll

0x71dd0000 0x99000 6.00.6001.18000 C:\Windows\system32\wbem\fastprox.dll

0x751e0000 0x18000 6.00.6001.18000 C:\Windows\system32\NTDSAPI.dll

0x6d300000 0x2b000 6.00.6001.18000 C:\Windows\system32\PortableDeviceTypes.dll

0x72220000 0x46000 6.00.6001.18000 C:\Windows\system32\PortableDeviceApi.dll

0x6bc90000 0xf9000 6.00.6001.18000 C:\Windows\system32\bthprops.cpl

0x74620000 0x15000 6.00.6001.18000 C:\Windows\system32\Cabinet.dll

0x75190000 0x14000 6.00.6001.18000 C:\Windows\system32\MPR.dll

0x6e1a0000 0x13000 6.00.6001.18000 C:\Windows\System32\ntlanman.dll

0x6e320000 0x8000 6.00.6000.16386 C:\Windows\System32\drprov.dll

0x6e310000 0xf000 6.00.6000.16386 C:\Windows\System32\davclnt.dll

0x69340000 0x57000 6.00.6001.18000 C:\Windows\system32\zipfldr.dll

0x03ec0000 0x2e000 C:\Program Files\WinRAR\rarext.dll

0x69630000 0x60000 6.00.6001.18000 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll

0x72d10000 0x2f000 1.02.1009.0000 C:\Windows\system32\xmllite.dll

0x6ae60000 0x16000 6.00.6001.18000 C:\Windows\system32\thumbcache.dll

 

ListDLLs v2.25 - DLL lister for Win9x/NT

Copyright © 1997-2004 Mark Russinovich

Sysinternals - www.sysinternals.com

 

------------------------------------------------------------------------------

winlogon.exe pid: 744

Command line: winlogon.exe

 

Base Size Version Path

0x001d0000 0x50000 6.00.6001.18000 C:\Windows\system32\winlogon.exe

0x76f80000 0x127000 6.00.6001.18000 C:\Windows\system32\ntdll.dll

0x75810000 0xdb000 6.00.6001.18000 C:\Windows\system32\kernel32.dll

0x75c00000 0xc6000 6.00.6001.18000 C:\Windows\system32\ADVAPI32.dll

0x76ba0000 0xc2000 6.00.6001.18051 C:\Windows\system32\RPCRT4.dll

0x75a00000 0x9d000 6.00.6001.18000 C:\Windows\system32\USER32.dll

0x77190000 0x4b000 6.00.6001.18023 C:\Windows\system32\GDI32.dll

0x76da0000 0xaa000 7.00.6001.18000 C:\Windows\system32\msvcrt.dll

0x75690000 0x14000 6.00.6001.18000 C:\Windows\system32\Secur32.dll

0x74ae0000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll

0x75760000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL

0x756b0000 0x1e000 6.00.6001.18000 C:\Windows\system32\USERENV.dll

0x759e0000 0x1e000 6.00.6001.18000 C:\Windows\system32\IMM32.DLL

0x76cd0000 0xc8000 6.00.6001.18000 C:\Windows\system32\MSCTF.dll

0x75800000 0x9000 6.00.6001.18000 C:\Windows\system32\LPK.DLL

0x770b0000 0x7d000 1.626.6001.18000 C:\Windows\system32\USP10.dll

0x10000000 0x5000 8.00.0000.0134 C:\Windows\system32\avgrsstx.dll

0x75630000 0x2c000 6.00.6001.18000 C:\Windows\system32\apphelp.dll

0x74a80000 0x21000 6.00.6001.18000 C:\Windows\system32\NTMARTA.DLL

0x77130000 0x4a000 6.00.6001.18000 C:\Windows\system32\WLDAP32.dll

0x759b0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll

0x77180000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll

0x75220000 0x11000 6.00.6001.18000 C:\Windows\system32\SAMLIB.dll

0x75d50000 0x144000 6.00.6001.18000 C:\Windows\system32\ole32.dll

0x741c0000 0x3e000 6.00.6001.18000 C:\Windows\system32\SHSVCS.dll

0x73ad0000 0x3f000 6.00.6001.18000 C:\Windows\system32\uxtheme.dll

0x74b30000 0x3b000 6.00.6001.18000 C:\Windows\system32\rsaenh.dll

0x71080000 0xb3000 6.00.6001.18000 C:\Windows\system32\WindowsCodecs.dll

0x75460000 0x75000 6.00.6001.18000 C:\Windows\system32\NETAPI32.dll

0x75050000 0x3a000 6.00.6001.18000 C:\Windows\system32\slc.dll

0x75190000 0x14000 6.00.6001.18000 C:\Windows\system32\MPR.dll

 

 

Le volume dans le lecteur C n'a pas de nom.

Le numéro de série du volume est 1411-2FA7

 

Répertoire de C:\Windows\system32

 

21/01/2008 04:24 6.144 csrss.exe

1 fichier(s) 6.144 octets

0 Rép(s) 136.446.205.952 octets libres

 

Contenu de Downloaded Program Files

Le volume dans le lecteur C n'a pas de nom.

Le numéro de série du volume est 1411-2FA7

 

Répertoire de C:\Windows\Downloaded Program Files

 

19/08/2008 21:45 <REP> .

19/08/2008 21:45 <REP> ..

08/05/2008 20:50 <REP> CONFLICT.1

18/09/2006 23:26 65 desktop.ini

25/07/2002 18:13 24.576 dwusplay.dll

25/07/2002 18:13 196.608 dwusplay.exe

24/03/2008 19:33 1.527.056 FP_AX_CAB_INSTALLER.exe

28/09/2007 04:41 381.960 GAME_UNO1.dll

17/01/2007 15:44 316 GAME_UNO1.INF

07/05/2008 19:35 5.981.728 gopets.ocx

28/06/2007 14:18 907 GoPetsWeb.inf

29/06/2007 22:34 448.024 GoPetsWeb.ocx

20/03/2006 17:34 484.272 isusweb.dll

13/08/2008 15:03 575 kavwebscan.inf

22/02/2007 23:41 304.544 MessengerStatsPAClient.dll

28/02/2007 14:21 130.472 MineSweeper.dll

28/02/2007 14:21 131.472 msgrchkr.dll

24/03/2008 19:18 247 swflash.inf

15 fichier(s) 9.612.822 octets

 

Répertoire de C:\Windows\Downloaded Program Files\CONFLICT.1

 

08/05/2008 20:50 <REP> .

08/05/2008 20:50 <REP> ..

07/05/2008 19:35 5.981.728 gopets.ocx

1 fichier(s) 5.981.728 octets

 

Total des fichiers listés :

16 fichier(s) 15.594.550 octets

5 Rép(s) 136.446.205.952 octets libres

 

Recherche de rootkit! (Merci S!Ri)

 

Recherche d'infections connues

 

Export des clefs sensibles..

 

 

Liste des fichiers en exception sur le pare-feu XP SP2

 

"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"

 

Export de la clef SharedTaskScheduler

 

[sharedTaskScheduler]

 

 

 

exports des policies

REGEDIT4

 

[system]

"ConsentPromptBehaviorAdmin"=dword:00000002

"ConsentPromptBehaviorUser"=dword:00000001

"EnableInstallerDetection"=dword:00000001

"EnableLUA"=dword:00000000

"EnableSecureUIAPaths"=dword:00000001

"EnableVirtualization"=dword:00000001

"PromptOnSecureDesktop"=dword:00000001

"ValidateAdminCodeSignatures"=dword:00000000

"dontdisplaylastusername"=dword:00000000

"legalnoticecaption"=""

"legalnoticetext"=""

"scforceoption"=dword:00000000

"shutdownwithoutlogon"=dword:00000001

"undockwithoutlogon"=dword:00000001

"FilterAdministratorToken"=dword:00000000

"EnableUIADesktopToggle"=dword:00000000

 

[system\UIPI]

 

[system\UIPI\Clipboard]

 

[system\UIPI\Clipboard\ExceptionFormats]

"CF_TEXT"=dword:00000001

"CF_BITMAP"=dword:00000002

"CF_OEMTEXT"=dword:00000007

"CF_DIB"=dword:00000008

"CF_PALETTE"=dword:00000009

"CF_UNICODETEXT"=dword:0000000d

"CF_DIBV5"=dword:00000011

 

 

 

Export des clefs sensibles..

Rechercher adresses sensibles dans le fichier HOSTS...

catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-08-21 12:58:48

Windows 6.0.6001 Service Pack 1 NTFS

 

scanning hidden services & system hive ...

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]

"s1"=dword:2df9c43f

"s2"=dword:110480d0

"h0"=dword:00000001

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000000

"khjeh"=hex:94,dc,34,84,52,0d,13,f4,03,3e,8f,df,55,64,32,17,64,27,40,8e,33,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]

"h0"=dword:00000000

"khjeh"=hex:94,dc,34,84,52,0d,13,f4,03,3e,8f,df,55,64,32,17,64,27,40,8e,33,..

 

scanning hidden registry entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden services: 0

hidden files: 0

 

 

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

 

Sorry, this version supports only Win2K/XP

 

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

 

Sorry, this version supports only Win2K/XP

 

Le volume dans le lecteur C n'a pas de nom.

Le numéro de série du volume est 1411-2FA7

 

Répertoire de C:\Program Files

 

19/08/2008 21:31 <REP> .

19/08/2008 21:31 <REP> ..

19/08/2008 16:55 <REP> Adobe

12/07/2008 14:11 <REP> Allok MOV Converter

05/05/2008 12:20 <REP> Analog Devices

11/05/2008 14:44 <REP> Apple Software Update

05/05/2008 12:28 <REP> ASUS

06/05/2008 16:43 <REP> AVG

25/05/2008 16:35 <REP> AviSynth 2.5

07/08/2008 13:02 <REP> Bethesda Softworks

10/05/2008 12:06 <REP> Bonjour

19/08/2008 17:00 <REP> Common Files

05/05/2008 12:21 <REP> Creative

05/05/2008 12:45 <REP> DIFX

10/05/2008 12:42 <REP> directx

08/05/2008 18:10 <REP> D-Link

16/05/2008 19:06 <REP> DNA

04/08/2008 11:40 <REP> Electronic Arts

07/05/2008 18:42 <REP> Google

05/05/2008 12:12 <REP> Intel

11/05/2008 10:58 <REP> Internet Explorer

10/05/2008 12:07 <REP> iPod

10/05/2008 12:07 <REP> iTunes

06/05/2008 22:43 <REP> Java

21/06/2008 13:59 <REP> LimeWire

17/05/2008 14:06 <REP> Linksys Wireless-G PCI Network Adapter with SpeedBooster

19/08/2008 22:49 <REP> Logitech

05/05/2008 12:27 <REP> Marvell

06/05/2008 17:10 <REP> Messenger Plus! Live

13/07/2008 13:30 <REP> Micro Application

02/11/2006 14:37 <REP> Microsoft Games

05/05/2008 12:58 <REP> Microsoft Office

05/05/2008 12:58 <REP> Microsoft Visual Studio

05/05/2008 12:58 <REP> Microsoft Works

05/05/2008 12:58 <REP> Microsoft.NET

21/01/2008 04:35 <REP> Movie Maker

21/08/2008 12:55 <REP> Mozilla Firefox

02/11/2006 14:37 <REP> MSBuild

05/05/2008 12:53 <REP> Nero

28/05/2008 19:03 <REP> PhotoFiltre Studio

05/05/2008 12:45 <REP> Pinnacle

25/05/2008 16:35 <REP> pspvideo9

10/05/2008 12:05 <REP> QuickTime

02/11/2006 14:37 <REP> Reference Assemblies

16/05/2008 18:45 <REP> Skype

19/08/2008 17:20 <REP> Steam

06/05/2008 22:44 <REP> SystemRequirementsLab

12/07/2008 00:21 <REP> Total Video Converter

08/05/2008 19:25 <REP> Trend Micro

10/07/2008 13:59 <REP> VideoLAN

21/01/2008 04:35 <REP> Windows Calendar

21/01/2008 04:35 <REP> Windows Collaboration

21/01/2008 04:35 <REP> Windows Defender

21/01/2008 04:35 <REP> Windows Journal

05/05/2008 19:49 <REP> Windows Live

15/08/2008 14:27 <REP> Windows Mail

21/01/2008 04:35 <REP> Windows Media Player

05/05/2008 11:59 <REP> Windows NT

21/01/2008 04:35 <REP> Windows Photo Gallery

21/01/2008 04:35 <REP> Windows Sidebar

06/05/2008 17:11 <REP> WinRAR

0 fichier(s) 0 octets

61 Rép(s) 136.429.785.088 octets libres

Le volume dans le lecteur C n'a pas de nom.

Le numéro de série du volume est 1411-2FA7

 

Répertoire de C:\Program Files\fichiers communs

 

Le volume dans le lecteur C n'a pas de nom.

Le numéro de série du volume est 1411-2FA7

 

Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

 

05/05/2008 12:58 <REP> .

05/05/2008 12:58 <REP> ..

05/05/2008 12:56 <REP> 1036

26/10/2006 20:12 40.256 MSOSV.DLL

1 fichier(s) 40.256 octets

3 Rép(s) 136.429.785.088 octets libres

Le volume dans le lecteur C n'a pas de nom.

Le numéro de série du volume est 1411-2FA7

 

Répertoire de C:\Program Files\common files

 

19/08/2008 17:00 <REP> .

19/08/2008 17:00 <REP> ..

19/08/2008 17:00 <REP> Adobe

05/05/2008 12:54 <REP> Ahead

10/05/2008 12:02 <REP> Apple

05/05/2008 12:58 <REP> DESIGNER

15/05/2008 20:27 <REP> FotoWire

05/05/2008 12:43 <REP> InstallShield

06/05/2008 22:41 <REP> Java

05/05/2008 12:54 <REP> LightScribe

14/07/2008 20:34 <REP> LogiShrd

06/05/2008 16:42 <REP> microsoft shared

02/11/2006 13:18 <REP> Services

16/05/2008 18:45 <REP> Skype

02/11/2006 13:18 <REP> SpeechEngines

05/08/2008 12:14 <REP> Steam

05/05/2008 12:56 <REP> System

0 fichier(s) 0 octets

17 Rép(s) 136.429.785.088 octets libres

 

 

 

 

 

****** Fin du rapport DiagHelp

Veuillez svp envoyer le fichier C:\upload_moi_PC-DE-JULIAN.tar.gz a l'adresse http://upload.malekal.com

[Falkra]

Ce n'est pas forcément infectieux, et il n'y en a aucune trace dans DiagHelp.

Et comment tu as choppé ça, en installant quoi ? (peut-être un faux positif)

 

Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

• Double-clique sur RSIT.exe afin de lancer RSIT.
  
• Clique Continue à l'écran Disclaimer.
  
• Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  
• Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
  ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
  
• NB : Les rapports sont sauvegardés dans le dossier C:\rsit
  

[Julian84]

Logfile of random's system information tool (written by random/random)

Run by XXX XXX at 2008-09-03 18:25:28

Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1

System drive C: has 128 GB (55%) free of 235 GB

Total RAM: 2046 MB (44% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:25:48, on 3/09/2008

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\ASUS\AASP\1.00.40\aaCenter.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\Analog Devices\SoundMAX\SoundTray.exe

C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe

C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe

C:\Program Files\AVG\AVG8\avgtray.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe

C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Logitech\SetPoint II\SetpointII.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\Program Files\Steam\Steam.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Hennuy Suzanne\Desktop\RSIT.exe

C:\Program Files\trend micro\Hennuy Suzanne.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.be/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O3 - Toolbar: SYSTRAN Toolbar - {95daa571-4def-4a6d-97d8-98a346672a24} - mscoree.dll (file missing)

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [soundTray] C:\Program Files\Analog Devices\SoundMAX\SoundTray.exe

O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"

O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe"

O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"

O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [FractalWP] C:\Program Files\FractalWP\FractalWP.exe -min

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - Global Startup: SetPointII.lnk = ?

O8 - Extra context menu item: Consulter les dictionnaires (SYSTRAN) - res://C:\Program Files\SYSTRAN\6\\GUIres.dll/lookup.js

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Traduire (SYSTRAN) - res://C:\Program Files\SYSTRAN\6\\GUIres.dll/translate.js

O8 - Extra context menu item: Télécharger en utilisant Download &Express - C:\Program Files\Download Express\Add_Url.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: avgrsstx.dll

O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

 

--

End of file - 9170 bytes

 

Registry dump

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]

Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-04-30 1372160]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-08-30 455960]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{95daa571-4def-4a6d-97d8-98a346672a24} - SYSTRAN Toolbar - C:\Windows\system32\mscoree.dll [2008-01-21 282112]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-06-06 1261568]

"SoundTray"=C:\Program Files\Analog Devices\SoundMAX\SoundTray.exe [2007-05-21 49152]

"Ai Nap"=C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe [2007-09-06 1426432]

"CPU Power Monitor"=C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe [2007-09-06 626688]

"Cpu Level Up help"=C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [2007-09-11 880640]

"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2006-03-20 86960]

"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-08-30 1235736]

"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-02-28 13523488]

"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-02-28 92704]

"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-03-28 413696]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-03-30 267048]

"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe []

"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2007-07-17 55824]

"Launch LCDMon"=C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2007-07-18 1687824]

"Launch LGDCore"=C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [2007-07-18 2094352]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]

"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]

"FractalWP"=C:\Program Files\FractalWP\FractalWP.exe -min []

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

SetPointII.lnk - C:\Program Files\Logitech\SetPoint II\SetpointII.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLS"="avgrsstx.dll"

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{79db8394-3544-11dd-8318-001d60d6e44c}]

shell\AutoRun\command - F:\Autorun.exe

 

 

List of files/folders created in the last three months

 

2008-09-03 18:25:28 ----D---- C:\rsit

2008-09-03 18:13:00 ----D---- C:\Users\Hennuy Suzanne\AppData\Roaming\MetaProducts

2008-09-03 18:12:58 ----D---- C:\Program Files\Download Express

2008-09-03 10:22:02 ----A---- C:\Windows\system32\wups2.dll

2008-09-03 10:22:02 ----A---- C:\Windows\system32\wucltux.dll

2008-09-03 10:22:02 ----A---- C:\Windows\system32\wuauclt.exe

2008-09-03 10:22:01 ----A---- C:\Windows\system32\wuaueng.dll

2008-09-03 10:21:42 ----A---- C:\Windows\system32\wuwebv.dll

2008-09-03 10:21:42 ----A---- C:\Windows\system32\wuapp.exe

2008-08-29 15:24:43 ----A---- C:\Windows\system32\TubeFinder.exe

2008-08-29 15:24:42 ----A---- C:\Windows\system32\VB6STKIT.DLL

2008-08-29 15:24:42 ----A---- C:\Windows\system32\VB6FR.DLL

2008-08-29 15:24:42 ----A---- C:\Windows\system32\PCCLPFR.DLL

2008-08-29 15:24:42 ----A---- C:\Windows\system32\MSCMCFR.DLL

2008-08-29 15:24:42 ----A---- C:\Windows\system32\CMDLGFR.DLL

2008-08-27 17:15:18 ----D---- C:\ProgramData\Logitech

2008-08-23 15:55:57 ----D---- C:\Program Files\StuffPlug3

2008-08-22 16:22:31 ----D---- C:\vcs5core

2008-08-22 16:22:31 ----D---- C:\AV_LOGS

2008-08-22 14:08:12 ----D---- C:\Users\Hennuy Suzanne\AppData\Roaming\teamspeak2

2008-08-22 14:08:03 ----D---- C:\Program Files\Teamspeak2_RC2

2008-08-21 13:09:28 ----D---- C:\Program Files\Sun

2008-08-21 13:09:14 ----A---- C:\Windows\system32\javaws.exe

2008-08-21 13:09:14 ----A---- C:\Windows\system32\javaw.exe

2008-08-21 13:09:14 ----A---- C:\Windows\system32\java.exe

2008-08-20 18:41:14 ----A---- C:\Windows\gmer.ini

2008-08-20 18:41:12 ----A---- C:\Windows\gmer_uninstall.cmd

2008-08-20 18:41:12 ----A---- C:\Windows\gmer.exe

2008-08-20 18:41:12 ----A---- C:\Windows\gmer.dll

2008-08-19 22:41:12 ----D---- C:\Windows\Sun

2008-08-19 21:45:04 ----D---- C:\Windows\system32\Kaspersky Lab

2008-08-19 20:55:03 ----D---- C:\Users\Hennuy Suzanne\AppData\Roaming\Malwarebytes

2008-08-19 20:55:00 ----D---- C:\ProgramData\Malwarebytes

2008-08-19 20:45:47 ----D---- C:\ToolBar SD

2008-08-15 12:49:35 ----A---- C:\Windows\system32\tzres.dll

2008-08-14 20:22:30 ----A---- C:\Windows\system32\IPSECSVC.DLL

2008-08-14 20:22:28 ----A---- C:\Windows\system32\es.dll

2008-08-14 20:22:25 ----A---- C:\Windows\system32\mshtml.dll

2008-08-14 20:22:25 ----A---- C:\Windows\system32\ieframe.dll

2008-08-14 20:22:24 ----A---- C:\Windows\system32\wininet.dll

2008-08-14 20:22:24 ----A---- C:\Windows\system32\urlmon.dll

2008-08-14 20:22:24 ----A---- C:\Windows\system32\mstime.dll

2008-08-14 20:22:23 ----A---- C:\Windows\system32\jsproxy.dll

2008-08-14 20:21:43 ----A---- C:\Windows\system32\inetcomm.dll

2008-08-07 13:02:57 ----D---- C:\Program Files\Bethesda Softworks

2008-08-05 16:07:05 ----A---- C:\Windows\system32\msshooks.dll

2008-08-05 16:07:04 ----A---- C:\Windows\system32\msscb.dll

2008-08-05 16:07:03 ----A---- C:\Windows\system32\thawbrkr.dll

2008-08-05 16:07:03 ----A---- C:\Windows\system32\srchadmin.dll

2008-08-05 16:07:03 ----A---- C:\Windows\system32\SearchFilterHost.exe

2008-08-05 16:07:03 ----A---- C:\Windows\system32\propsys.dll

2008-08-05 16:07:03 ----A---- C:\Windows\system32\propdefs.dll

2008-08-05 16:07:03 ----A---- C:\Windows\system32\msstrc.dll

2008-08-05 16:07:03 ----A---- C:\Windows\system32\mssprxy.dll

2008-08-05 16:07:03 ----A---- C:\Windows\system32\mssitlb.dll

2008-08-05 16:07:03 ----A---- C:\Windows\system32\msshsq.dll

2008-08-05 16:07:03 ----A---- C:\Windows\system32\korwbrkr.dll

2008-08-05 16:07:02 ----A---- C:\Windows\system32\xmlfilter.dll

2008-08-05 16:07:02 ----A---- C:\Windows\system32\wsepno.dll

2008-08-05 16:07:02 ----A---- C:\Windows\system32\tquery.dll

2008-08-05 16:07:02 ----A---- C:\Windows\system32\SearchProtocolHost.exe

2008-08-05 16:07:02 ----A---- C:\Windows\system32\SearchIndexer.exe

2008-08-05 16:07:02 ----A---- C:\Windows\system32\rtffilt.dll

2008-08-05 16:07:02 ----A---- C:\Windows\system32\offfilt.dll

2008-08-05 16:07:02 ----A---- C:\Windows\system32\nlhtml.dll

2008-08-05 16:07:02 ----A---- C:\Windows\system32\mssvp.dll

2008-08-05 16:07:02 ----A---- C:\Windows\system32\mssrch.dll

2008-08-05 16:07:02 ----A---- C:\Windows\system32\mssphtb.dll

2008-08-05 16:07:02 ----A---- C:\Windows\system32\mssph.dll

2008-08-05 16:07:02 ----A---- C:\Windows\system32\msscntrs.dll

2008-08-05 16:07:02 ----A---- C:\Windows\system32\mimefilt.dll

2008-08-05 16:07:02 ----A---- C:\Windows\system32\chtbrkr.dll

2008-08-05 16:07:02 ----A---- C:\Windows\system32\chsbrkr.dll

2008-07-16 12:32:37 ----D---- C:\Users\Hennuy Suzanne\AppData\Roaming\SYSTRAN

2008-07-16 12:21:08 ----A---- C:\Windows\system32\libxslt.dll

2008-07-16 12:21:08 ----A---- C:\Windows\system32\iconv.dll

2008-07-16 12:21:07 ----A---- C:\Windows\system32\libxml2.dll

2008-07-16 12:21:07 ----A---- C:\Windows\system32\libexslt.dll

2008-07-16 12:10:40 ----RA---- C:\Windows\system32\libsyslic1.original.dll

2008-07-16 12:10:39 ----RA---- C:\Windows\system32\libsyslic1.dll

2008-07-14 20:24:42 ----D---- C:\ProgramData\LogiShrd

2008-07-14 20:16:58 ----D---- C:\Users\Hennuy Suzanne\AppData\Roaming\Leadertech

2008-07-14 20:16:58 ----D---- C:\Program Files\Common Files\LogiShrd

2008-07-14 10:25:08 ----A---- C:\Windows\system32\NlsLexicons0007.dll

2008-07-14 10:25:06 ----A---- C:\Windows\system32\NlsLexicons0009.dll

2008-07-14 10:24:56 ----A---- C:\Windows\system32\NaturalLanguage6.dll

2008-07-13 13:32:15 ----D---- C:\Temp

2008-07-13 13:30:16 ----D---- C:\Program Files\Micro Application

2008-07-12 14:07:02 ----A---- C:\Windows\system32\AVEQT.dll

2008-07-12 14:07:01 ----D---- C:\Program Files\Allok MOV Converter

2008-07-12 00:40:51 ----D---- C:\Users\Hennuy Suzanne\AppData\Roaming\STOIK

2008-07-12 00:09:57 ----D---- C:\Program Files\Total Video Converter

2008-07-10 15:22:14 ----A---- C:\Windows\NeroDigital.ini

2008-07-10 14:00:03 ----D---- C:\Users\Hennuy Suzanne\AppData\Roaming\vlc

2008-07-10 13:59:28 ----D---- C:\Program Files\VideoLAN

2008-07-09 13:03:10 ----A---- C:\Windows\system32\rpcrt4.dll

2008-07-09 13:03:10 ----A---- C:\Windows\system32\pacerprf.dll

2008-07-09 13:03:10 ----A---- C:\Windows\system32\ntoskrnl.exe

2008-07-09 13:03:10 ----A---- C:\Windows\system32\ntkrnlpa.exe

2008-07-09 13:03:10 ----A---- C:\Windows\system32\emdmgmt.dll

2008-07-09 13:03:01 ----A---- C:\Windows\system32\shell32.dll

2008-07-09 13:02:55 ----A---- C:\Windows\system32\vbscript.dll

2008-07-09 13:02:54 ----A---- C:\Windows\system32\wshext.dll

2008-07-09 13:02:54 ----A---- C:\Windows\system32\wscript.exe

2008-07-09 13:02:54 ----A---- C:\Windows\system32\scrrun.dll

2008-07-09 13:02:54 ----A---- C:\Windows\system32\scrobj.dll

2008-07-09 13:02:54 ----A---- C:\Windows\system32\jscript.dll

2008-07-09 13:02:54 ----A---- C:\Windows\system32\cscript.exe

2008-07-04 18:20:30 ----D---- C:\Westwood

2008-06-21 13:59:18 ----D---- C:\Program Files\LimeWire

2008-06-18 13:32:55 ----A---- C:\Windows\system32\PnkBstrA.exe

2008-06-18 13:32:41 ----A---- C:\Windows\system32\PnkBstrB.exe

2008-06-14 19:42:59 ----A---- C:\Windows\system32\EncDec.dll

2008-06-14 19:42:58 ----A---- C:\Windows\system32\psisdecd.dll

2008-06-11 18:32:25 ----A---- C:\Windows\system32\quartz.dll

2008-06-08 20:58:47 ----A---- C:\Windows\system32\CmdLineExt.dll

2008-06-08 20:09:18 ----A---- C:\Windows\system32\xactengine2_8.dll

2008-06-08 20:09:18 ----A---- C:\Windows\system32\x3daudio1_2.dll

2008-06-08 20:09:18 ----A---- C:\Windows\system32\d3dx10_34.dll

2008-06-08 20:09:18 ----A---- C:\Windows\system32\D3DCompiler_34.dll

2008-06-08 20:09:17 ----A---- C:\Windows\system32\xinput1_3.dll

2008-06-08 20:09:17 ----A---- C:\Windows\system32\d3dx9_34.dll

2008-06-08 20:09:16 ----A---- C:\Windows\system32\xactengine2_7.dll

2008-06-08 20:09:16 ----A---- C:\Windows\system32\d3dx9_33.dll

2008-06-08 20:09:16 ----A---- C:\Windows\system32\d3dx10_33.dll

2008-06-08 20:09:16 ----A---- C:\Windows\system32\D3DCompiler_33.dll

2008-06-08 20:09:15 ----A---- C:\Windows\system32\xactengine2_6.dll

2008-06-08 20:09:15 ----A---- C:\Windows\system32\x3daudio1_1.dll

2008-06-05 20:07:51 ----D---- C:\Windows\system32\Adobe

2008-06-04 14:06:03 ----A---- C:\Windows\MegaManager.INI

 

List of drivers

 

R1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2006-10-18 12664]

R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\system32\System32\Drivers\avgldx86.sys []

R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\system32\System32\Drivers\avgmfx86.sys []

R3 3xHybrid;Pinnacle PCTV 100i-110i-300i-310i-MCE; C:\Windows\system32\DRIVERS\3xHybrid.sys [2006-11-22 1121536]

R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2007-07-18 342528]

R3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]

R3 GEARAspiWDM;GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]

R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2007-07-17 34960]

R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2007-07-17 36240]

R3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

R3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-02-28 7603904]

R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-05-24 246784]

S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 gmer;gmer; C:\Windows\System32\DRIVERS\gmer.sys [2008-08-20 85969]

S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2008-07-13 25280]

S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2007-01-23 20496]

S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 Ph3xIB32;Philips 713x Inbox PCI TV Card; C:\Windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 1131136]

S3 RT61;D-Link Wireless Driver; C:\Windows\system32\DRIVERS\RT61.sys [2007-10-19 286208]

S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-21 73088]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\system32\drivers\errdev.sys []

S4 MegaSR;MegaSR; C:\Windows\system32\system32\drivers\megasr.sys []

S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\system32\drivers\wmiacpi.sys []

 

List of services

 

R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2007-06-07 86016]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-02-18 110592]

R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-08-30 231704]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-02-28 49152]

R3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-03-30 504104]

R3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-08-04 87288]

R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-01-21 33800]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]

S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

 

-----------------EOF-----------------

 

 

 

 

 

 

 

INFO.TXT

info.txt logfile of random's system information tool 2008-09-03 18:25:53

 

Uninstall list

 

-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL

-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL

-->C:\Windows\UNNeroShowTime.exe /UNINSTALL

-->C:\Windows\UNNeroVision.exe /UNINSTALL

-->C:\Windows\UNRecode.exe /UNINSTALL

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BA8A7C81-B0D0-422D-8FBD-BF2D25986667}\setup.exe" -l0x40c

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}

2007 Microsoft Office system-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROHYBRIDR /dll OSETUP.DLL

Adobe Color Common Settings-->C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe

Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}

Adobe ExtendScript Toolkit 2-->C:\Program Files\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe

Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}

Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Flash Player Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}

Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}

Adobe Shockwave Player 11-->C:\Windows\system32\adobe\SHOCKW~1\UNWISE.EXE C:\Windows\system32\Adobe\SHOCKW~1\Install.log

AI Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{310BC5E2-31AF-49BB-904D-E71EB93645DC}\Setup.exe" -l0x40c

Allok MOV Converter 3.4.0423-->"C:\Program Files\Allok MOV Converter\unins000.exe"

Apple Mobile Device Support-->MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}

Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}

Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe

AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL

AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"

Command & Conquer 3-->MsiExec.exe /I{B0C30E93-D3D9-4F04-A2AC-54749B573275}

Composants Internet Partagés de Westwood-->C:\Westwood\Internet\UnstllAP.EXE

Counter-Strike: Source-->MsiExec.exe /I{9580813D-94B1-4C28-9426-A441E2BB29A5}

er100LT-->MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}

Half-Life 2: Lost Coast-->"C:\Program Files\Steam\steam.exe" steam://uninstall/340

HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall

Host OpenAL (ADI)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BA8A7C81-B0D0-422D-8FBD-BF2D25986667}\setup.exe" -l0x40c /remove

iTunes-->MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}

Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}

Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}

LimeWire PRO 4.18.3-->"C:\Program Files\LimeWire\uninstall.exe"

Linksys Wireless-G PCI Network Adapter with SpeedBooster-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EAE4A00B-D290-4B65-8287-B82A80FC0619}\setup.exe" -l0x40c

Logitech GamePanel Software 2.00-->MsiExec.exe /X{948BE614-F37B-4A73-AD43-0245F23C110D}

Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG

Logitech SetPoint 5.00-->MsiExec.exe /I{D3120436-1358-4253-9EB2-257FFE8CE1D9}

Marvell Miniport Driver-->MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}

Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"

MetaProducts Download Express-->C:\Program Files\Download Express\dep.exe /UnInstall

Microsoft .NET Framework 1.1 Hotfix (KB929729)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"

Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}

Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}

Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL

Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}

Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}

Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}

Microsoft Office Professional Hybrid 2007-->MsiExec.exe /X{91120000-0031-0000-0000-0000000FF1CE}

Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}

Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}

Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}

Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}

Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}

Mozilla Firefox (3.0.1)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

Nero 7 Essentials-->MsiExec.exe /X{B28B351F-1232-46EA-85EF-B8EA91641036}

NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI

OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}

Package de pilotes Windows - Philips Pinnacle Systems PCTV 3010ix, 7010ix (10/27/2006 1.0.3.3)-->rundll32.exe C:\PROGRA~1\DIFX\4A46D8A01D3E2287\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\pctv716x.inf_38c010dc\pctv716x.inf

Package de pilotes Windows - Pinnacle Systems PCTV 100e/320e Audio (01/29/2007 5.7.0129.0)-->rundll32.exe C:\PROGRA~1\DIFX\4A46D8A01D3E2287\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\pctvempa.inf_04079692\pctvempa.inf

Package de pilotes Windows - Pinnacle Systems PCTV 100i,110i,300i,310i, MCE (11/22/2006 1.3.3.5)-->rundll32.exe C:\PROGRA~1\DIFX\4A46D8A01D3E2287\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\pctv713xi.inf_1f75d240\pctv713xi.inf

Package de pilotes Windows - Pinnacle Systems PCTV 320cx (02/26/2007 3.0.3.3)-->rundll32.exe C:\PROGRA~1\DIFX\4A46D8A01D3E2287\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\pctv320cx.inf_a2ee5007\pctv320cx.inf

Package de pilotes Windows - Pinnacle Systems PCTV 320cx Infrared receiver (11/03/2006 2.0.1)-->rundll32.exe C:\PROGRA~1\DIFX\4A46D8A01D3E2287\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\pctv320cxir.inf_2d82cc35\pctv320cxir.inf

Package de pilotes Windows - Pinnacle Systems PCTV 70e/100e/160e/170e/320e/330e/800e (01/29/2007 5.7.0129.0)-->rundll32.exe C:\PROGRA~1\DIFX\4A46D8A01D3E2287\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\pctvempv.inf_55242ca7\pctvempv.inf

Package de pilotes Windows - Pinnacle Systems PCTV 71e (09/28/2006 6.9.28.4)-->rundll32.exe C:\PROGRA~1\DIFX\4A46D8A01D3E2287\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\af15bda.inf_a6f383a0\af15bda.inf

Package de pilotes Windows - Pinnacle Systems Pinnacle Systems PCTV 310c (06/02/2006 3.0.1.1)-->rundll32.exe C:\PROGRA~1\DIFX\4A46D8A01D3E2287\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\pctv310cav.inf_eb9f3f58\pctv310cav.inf

Package de pilotes Windows - Pinnacle Systems Pinnacle Systems PCTV 310c (06/02/2006 3.0.1.1)-->rundll32.exe C:\PROGRA~1\DIFX\4A46D8A01D3E2287\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\pctv310ctv.inf_ae7fa3fd\pctv310ctv.inf

PhotoFiltre Studio-->"C:\Program Files\PhotoFiltre Studio\Uninst.exe"

Pinnacle PCTV MCE-->MsiExec.exe /X{FD54066C-59C6-475B-B8A0-A0D26969D8E2}

PSP Video 9 1.74-->C:\Program Files\pspvideo9\uninst.exe

QuickTime-->MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}

Security Update for 2007 Microsoft Office System (KB951596)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {1AFF2298-CC00-4A3B-866A-C62B8373794E}

Security Update for 2007 Microsoft Office System (KB951596)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {1AFF2298-CC00-4A3B-866A-C62B8373794E}

Security Update for Microsoft Office Excel 2007 (KB951546)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7399DD71-8E24-4E60-B6A8-6CED89C0AC26}

Security Update for Microsoft Office Excel 2007 (KB951546)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7399DD71-8E24-4E60-B6A8-6CED89C0AC26}

Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}

Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}

Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}

Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}

Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}

Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}

Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}

Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}

SoundMAX-->C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe -runfromtemp -l0x040c -removeonly

Source Dedicated Server-->"C:\Program Files\Steam\steam.exe" steam://uninstall/205

Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}

StuffPlug 3-->C:\Program Files\StuffPlug3\Uninstall.exe

System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe

TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"

TrackMania Nations Forever-->"C:\Program Files\Steam\steam.exe" steam://uninstall/11020

Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}

Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}

Update for Office 2007 (KB946691)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}

Update for Outlook 2007 Junk Email Filter (kb955433)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {D9806966-6AA1-4B55-9528-6748E37CEE86}

Video Converter 3-->C:\Program Files\Micro Application\Video Convertisseur\Uninstall.exe

VideoLAN VLC media player 0.8.6h-->C:\Program Files\VideoLAN\VLC\uninstall.exe

WebCam for MSN Messenger-->Rundll32.exe setupapi,InstallHinfSection DefaultUnInstall 128 C:\Windows\INF\Athena.inf

Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}

Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}

Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

 

Security center information

 

AV: AVG Anti-Virus Free

AS: AVG Anti-Virus Free (disabled)

AS: Windows Defender

 

Environment variables

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=x86

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel

"PROCESSOR_REVISION"=0f0b

"NUMBER_OF_PROCESSORS"=4

"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat

"DFSTRACINGON"=FALSE

"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

 

-----------------EOF-----------------

Modifié le 3 septembre 2008 par Julian84