bonjour et merci d'avance besoin aide décontamination

[AGECOBOY]

je bois tes paroles et fait ce que tu me dis ,je te remercie et à demain donc......

amicalement

[AGECOBOY]

je bois tes paroles et fait ce que tu me dis ,je te remercie et à demain donc......

amicalement

comment désinstaller toolbar ,pas dans la liste de ccleaner ,je klik droit sur le bureau et je fais supprimer?

désolé

[no.ppp]

Re,

 

Oui, tu le supprimes sur le Bureau.

 

Fais le scan RSIT, Toolbar SD ça peut attendre.

[AGECOBOY]

Re,

 

Oui, tu le supprimes sur le Bureau.

 

Fais le scan RSIT, Toolbar SD ça peut attendre.

merci buenas noches

[AGECOBOY]

donc pour demain:

1

 

Logfile of random's system information tool 1.04 (written by random/random)

Run by Eric at 2008-12-08 22:39:17

Microsoft Windows XP Professionnel Service Pack 3

System drive C: has 392 GB (83%) free of 472 GB

Total RAM: 2046 MB (74% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 22:39:29, on 08/12/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\oodag.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\ehome\ehtray.exe

C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe

C:\WINDOWS\system32\CTHELPER.EXE

C:\WINDOWS\system32\CTXFIHLP.EXE

C:\WINDOWS\eHome\ehmsas.exe

C:\WINDOWS\system32\Rundll32.exe

C:\WINDOWS\SYSTEM32\CTXFISPI.EXE

C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe

C:\WINDOWS\osd.exe

C:\WINDOWS\Resources\Themes\VistaXP\vt\VisualToolTip.exe

C:\Program Files\HP\HP Software Update\HPWuSchd.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Hercules\WiFi Station\WifiStation.exe

C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Documents and Settings\Eric\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe

C:\PROGRA~1\INCRED~1\bin\IMApp.exe

C:\Documents and Settings\Eric\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Java\jre1.6.0_04\bin\jucheck.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\Documents and Settings\Eric\Bureau\RSIT.exe

C:\Program Files\trend micro\Eric.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.neuf.fr

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neuf.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"

O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE

O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe

O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper

O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [OSD] C:\WINDOWS\osd.exe

O4 - HKLM\..\Run: [VisualTooltip] C:\WINDOWS\Resources\Themes\VistaXP\vt\VisualToolTip.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"

O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c

O4 - HKCU\..\Run: [CTRegRun] C:\WINDOWS\CTRegRun.EXE

O4 - HKCU\..\Run: [setDefaultMIDI] MIDIDef.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - S-1-5-18 Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Eric\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe (User 'SYSTEM')

O4 - .DEFAULT Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Eric\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe (User 'Default user')

O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Eric\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: WiFi Station.lnk = ?

O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll

O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Documents and Settings\Eric\Mes documents\mes logiciels\Titan Poker\casino.exe

O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Documents and Settings\Eric\Mes documents\mes logiciels\Titan Poker\casino.exe

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O15 - Trusted Zone: *.sony-europe.com

O15 - Trusted Zone: *.sonystyle-europe.com

O15 - Trusted Zone: *.vaio-link.com

O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15031/CTSUEng.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V02002/ocx/15033/CTPID.cab

O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll

O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

 

--

End of file - 9586 bytes

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]

C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2004-05-12 744960]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

SSVHelper Class - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll [2007-12-14 509328]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-10-27 2436160]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-11-29 737776]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]

"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe [2007-12-14 144784]

"CTHelper"=C:\WINDOWS\system32\CTHELPER.EXE [2006-11-28 19456]

"CTxfiHlp"=C:\WINDOWS\system32\CTXFIHLP.EXE [2006-11-28 20480]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-10-10 39792]

"DXDllRegExe"=dxdllreg.exe []

"P17Helper"=Rundll32 P17.dll []

"CTSysVol"=C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe [2005-10-31 57344]

"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]

"OSD"=C:\WINDOWS\osd.exe [2007-01-21 86016]

"VisualTooltip"=C:\WINDOWS\Resources\Themes\VistaXP\vt\VisualToolTip.exe [2007-04-25 956928]

"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-07-08 7110656]

"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-15 153136]

"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd.exe [2003-08-04 49152]

"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664]

"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2007-11-19 214456]

"CTRegRun"=C:\WINDOWS\CTRegRun.EXE [2006-10-06 53248]

"SetDefaultMIDI"=C:\WINDOWS\MIDIDef.exe [2006-08-17 25600]

"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]

 

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage

HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

WiFi Station.lnk - C:\Program Files\Hercules\WiFi Station\WifiStation.exe

Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

 

C:\Documents and Settings\Eric\Menu Démarrer\Programmes\Démarrage

Outil de notification Live Search.lnk - C:\Documents and Settings\Eric\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\GoToAssist]

C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll [2007-10-17 10792]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles

"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"

"C:\Program Files\Dofus-Arena beta 2\DofusArena.exe"="C:\Program Files\Dofus-Arena beta 2\DofusArena.exe:*:Enabled:Dofus Arena Client"

"C:\WINDOWS\system32\java.exe"="C:\WINDOWS\system32\java.exe:*:Enabled:Java Platform SE binary"

"C:\Documents and Settings\Eric\Mes documents\mes logiciels\incredimail_install.exe"="C:\Documents and Settings\Eric\Mes documents\mes logiciels\incredimail_install.exe:*:Enabled:IncrediMail Installer"

"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"

"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"

"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"

"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"

"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"

"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"

"C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"

"C:\Documents and Settings\Eric\Local Settings\Temp\ImInstaller\incredimail_installer.exe"="C:\Documents and Settings\Eric\Local Settings\Temp\ImInstaller\incredimail_installer.exe:*:Enabled:IncrediMail Installer"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{28b87136-0b1b-11dd-be88-0060b3ce4220}]

shell\AutoRun\command - H:\start.exe

shell\iledefrance\command - H:\start.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{95c24e78-7d98-11dc-be32-0013721228db}]

shell\AutoRun\command - wd_windows_tools\setup.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e8101cce-ab10-11dc-be63-0008d3350bfe}]

shell\AutoRun\command - K:\setupSNK.exe

 

 

======List of files/folders created in the last 1 months======

 

2008-12-08 22:39:17 ----D---- C:\rsit

2008-12-08 22:39:17 ----D---- C:\Program Files\trend micro

2008-12-08 22:04:53 ----A---- C:\WINDOWS\ntbtlog.txt

2008-12-08 18:38:16 ----A---- C:\TB.txt

2008-12-08 18:37:31 ----D---- C:\ToolBar SD

2008-12-07 18:01:44 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$

2008-12-07 18:01:23 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$

2008-12-07 18:00:55 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$

2008-12-07 18:00:45 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$

2008-12-07 14:51:22 ----D---- C:\WINDOWS\SxsCaPendDel

2008-12-07 13:32:10 ----D---- C:\Program Files\Avira

2008-12-07 13:32:10 ----D---- C:\Documents and Settings\All Users\Application Data\Avira

2008-12-07 11:02:48 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2008-12-06 22:17:12 ----D---- C:\Documents and Settings\Eric\Application Data\Talkback

2008-12-06 22:16:16 ----D---- C:\Program Files\Mozilla Firefox

2008-12-06 21:22:46 ----D---- C:\Program Files\AxBx

2008-12-06 09:09:33 ----D---- C:\Documents and Settings\Eric\Application Data\Windows Search

2008-12-05 23:37:22 ----HDC---- C:\WINDOWS\$NtUninstallKB943729$

2008-12-05 23:37:18 ----D---- C:\Program Files\Microsoft Silverlight

2008-12-05 23:36:45 ----D---- C:\Documents and Settings\Eric\Application Data\Windows Desktop Search

2008-12-05 23:36:10 ----HD---- C:\WINDOWS\system32\GroupPolicy

2008-12-05 23:36:10 ----D---- C:\Program Files\Windows Desktop Search

2008-12-05 23:35:57 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$

2008-12-05 23:35:50 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$

2008-12-05 23:35:13 ----N---- C:\WINDOWS\system32\spmsg.dll

2008-12-05 23:35:12 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$

2008-12-05 23:34:41 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$

2008-12-05 23:33:37 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$

2008-12-05 23:33:01 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$

2008-12-05 23:32:16 ----HDC---- C:\WINDOWS\$NtUninstallKB925766$

2008-12-05 21:02:24 ----SHD---- C:\Config.Msi

2008-12-05 08:12:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$

2008-12-05 08:12:11 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$

2008-12-04 20:03:46 ----D---- C:\WINDOWS\system32\logs

2008-12-04 20:03:22 ----D---- C:\Program Files\BitDefender

2008-12-04 20:02:03 ----D---- C:\Program Files\Fichiers communs\BitDefender

2008-12-04 19:52:46 ----D---- C:\WINDOWS\BDOSCAN8

2008-12-04 13:41:58 ----A---- C:\WINDOWS\OEWABLog.txt

2008-12-04 13:41:40 ----D---- C:\WINDOWS\Prefetch

2008-12-04 13:11:27 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$

2008-12-04 13:11:22 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$

2008-12-04 13:11:17 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$

2008-12-04 13:11:10 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$

2008-12-04 13:11:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$

2008-12-04 13:10:57 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$

2008-12-04 13:10:52 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$

2008-12-04 13:10:46 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$

2008-12-04 13:10:40 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$

2008-12-04 13:10:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$

2008-12-04 13:10:28 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$

2008-12-04 13:10:23 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$

2008-12-04 13:10:17 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$

2008-12-04 13:10:10 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$

2008-12-04 13:10:05 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$

2008-12-04 13:10:00 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$

2008-12-04 13:09:53 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$

2008-12-04 13:09:49 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$

2008-12-04 13:08:19 ----A---- C:\WINDOWS\setuplog.txt

2008-12-04 13:07:48 ----D---- C:\WINDOWS\system32\fr

2008-12-04 13:07:48 ----D---- C:\WINDOWS\system32\bits

2008-12-04 13:07:48 ----D---- C:\WINDOWS\l2schemas

2008-12-04 13:06:44 ----D---- C:\WINDOWS\ServicePackFiles

2008-12-04 13:05:17 ----A---- C:\WINDOWS\imsins.BAK

2008-12-04 13:04:16 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$

2008-12-01 09:00:32 ----A---- C:\WINDOWS\system32\TDSSubgj.dll

2008-12-01 09:00:26 ----A---- C:\WINDOWS\system32\TDSSyoqu.dll

2008-12-01 09:00:25 ----A---- C:\WINDOWS\system32\TDSSkrrx.dll

2008-12-01 09:00:21 ----A---- C:\WINDOWS\system32\TDSSottu.dll

2008-11-24 21:35:58 ----A---- C:\WINDOWS\system32\ltclr13n.dll

2008-11-24 21:35:58 ----A---- C:\WINDOWS\system32\lftif13n.dll

2008-11-24 21:35:58 ----A---- C:\WINDOWS\system32\lffax13n.dll

2008-11-16 14:16:10 ----D---- C:\Program Files\Free Video Converter

2008-11-12 18:01:31 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$

2008-11-12 18:01:02 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$

2008-11-11 19:17:28 ----D---- C:\Program Files\CapAlpha

 

======List of files/folders modified in the last 1 months======

 

2008-12-08 22:39:17 ----RD---- C:\Program Files

2008-12-08 22:11:49 ----D---- C:\WINDOWS\Temp

2008-12-08 22:11:49 ----A---- C:\WINDOWS\lvkosd.ini

2008-12-08 22:11:41 ----D---- C:\WINDOWS\Registration

2008-12-08 22:11:31 ----D---- C:\WINDOWS

2008-12-08 22:04:06 ----A---- C:\WINDOWS\SchedLgU.Txt

2008-12-08 21:48:39 ----D---- C:\WINDOWS\system32

2008-12-08 21:47:43 ----D---- C:\WINDOWS\system32\CatRoot2

2008-12-08 19:24:06 ----SHD---- C:\WINDOWS\Installer

2008-12-07 18:01:48 ----HD---- C:\WINDOWS\inf

2008-12-07 18:01:46 ----RSHDC---- C:\WINDOWS\system32\dllcache

2008-12-07 18:00:51 ----D---- C:\WINDOWS\system32\CatRoot

2008-12-07 14:55:12 ----D---- C:\WINDOWS\system32\drivers

2008-12-07 14:51:22 ----D---- C:\WINDOWS\WinSxS

2008-12-07 12:14:01 ----D---- C:\WINDOWS\system32\oodag

2008-12-07 11:18:28 ----D---- C:\Program Files\Yahoo!

2008-12-06 22:26:52 ----D---- C:\Documents and Settings\Eric\Application Data\Mozilla

2008-12-06 19:30:01 ----D---- C:\WINDOWS\Minidump

2008-12-06 18:23:52 ----A---- C:\WINDOWS\NeroDigital.ini

2008-12-06 00:01:00 ----D---- C:\WINDOWS\ehome

2008-12-05 23:37:25 ----D---- C:\WINDOWS\system32\wbem

2008-12-05 23:37:06 ----RSD---- C:\WINDOWS\assembly

2008-12-05 23:36:24 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft

2008-12-05 23:36:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2008-12-05 23:36:13 ----D---- C:\WINDOWS\system32\fr-fr

2008-12-05 23:35:06 ----A---- C:\WINDOWS\win.ini

2008-12-05 23:34:50 ----D---- C:\Program Files\Windows Media Connect 2

2008-12-05 23:34:49 ----D---- C:\Program Files\Windows Media Player

2008-12-05 23:34:47 ----D---- C:\WINDOWS\Help

2008-12-05 23:33:05 ----D---- C:\WINDOWS\system32\LogFiles

2008-12-05 22:57:26 ----D---- C:\WINDOWS\network diagnostic

2008-12-05 05:00:53 ----HD---- C:\WINDOWS\$hf_mig$

2008-12-04 20:02:03 ----D---- C:\Program Files\Fichiers communs

2008-12-04 19:52:48 ----SD---- C:\WINDOWS\Downloaded Program Files

2008-12-04 13:44:06 ----D---- C:\WINDOWS\Debug

2008-12-04 13:20:30 ----RSD---- C:\WINDOWS\Fonts

2008-12-04 13:20:30 ----D---- C:\WINDOWS\system32\Setup

2008-12-04 13:20:30 ----D---- C:\WINDOWS\AppPatch

2008-12-04 13:19:49 ----D---- C:\WINDOWS\security

2008-12-04 13:09:54 ----D---- C:\Program Files\Messenger

2008-12-04 13:07:55 ----D---- C:\WINDOWS\system32\inetsrv

2008-12-04 13:07:54 ----D---- C:\WINDOWS\ime

2008-12-04 13:07:48 ----D---- C:\WINDOWS\system32\usmt

2008-12-04 13:07:48 ----D---- C:\WINDOWS\PeerNet

2008-12-04 13:07:48 ----D---- C:\Program Files\Movie Maker

2008-12-04 13:06:39 ----D---- C:\WINDOWS\system32\Restore

2008-12-04 13:06:38 ----D---- C:\WINDOWS\system32\npp

2008-12-04 13:06:38 ----D---- C:\WINDOWS\msagent

2008-12-04 13:06:37 ----D---- C:\WINDOWS\srchasst

2008-12-04 13:06:37 ----D---- C:\Program Files\NetMeeting

2008-12-04 13:06:36 ----D---- C:\WINDOWS\system32\Com

2008-12-04 13:06:35 ----D---- C:\Program Files\Windows NT

2008-12-04 13:06:35 ----D---- C:\Program Files\Outlook Express

2008-12-04 13:06:33 ----D---- C:\Program Files\Fichiers communs\System

2008-12-04 13:06:25 ----D---- C:\WINDOWS\system32\oobe

2008-12-04 13:06:24 ----D---- C:\WINDOWS\system

2008-12-03 19:43:00 ----SD---- C:\WINDOWS\Tasks

2008-12-01 16:21:02 ----D---- C:\Documents and Settings\Eric\Application Data\OpenOffice.org2

2008-12-01 09:13:49 ----D---- C:\Documents and Settings\Eric\Application Data\Azureus

2008-11-30 16:03:04 ----A---- C:\WINDOWS\avisplitter.INI

2008-11-16 20:39:48 ----D---- C:\Program Files\iWizz

2008-11-15 22:39:18 ----A---- C:\WINDOWS\PhotoSnapViewer.INI

2008-11-11 17:18:16 ----D---- C:\WINDOWS\Downloaded Installations

2008-11-10 15:42:19 ----D---- C:\Program Files\adslTV

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2007-12-19 43488]

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []

R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072]

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]

R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]

R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]

R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-10-27 20747]

R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2004-09-24 15781]

R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]

R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []

R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\system32\drivers\ctac32k.sys [2006-08-17 502272]

R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2006-08-17 500480]

R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\system32\drivers\ctprxy2k.sys [2006-08-17 7168]

R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\drivers\ctsfm2k.sys [2006-08-17 143872]

R3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2005-03-31 180736]

R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\system32\drivers\emupia2k.sys [2006-08-17 78336]

R3 ha20x2k;Creative 20X HAL Driver; C:\WINDOWS\system32\drivers\ha20x2k.sys [2006-08-17 1110528]

R3 HidIr;Pilote HID infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\hidir.sys [2008-04-13 19200]

R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 IrBus;Pilote de filtre de bus infrarouge pour les contrôles distants eHome; C:\WINDOWS\system32\DRIVERS\IrBus.sys [2008-04-13 46592]

R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-10 12288]

R3 NBXG7031;NB 802.11g XG703 SP1 Driver; C:\WINDOWS\system32\DRIVERS\WlanUIG.sys [2004-09-24 381312]

R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]

R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-07-08 3198304]

R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2006-08-17 116224]

R3 P17;Sound Blaster Audigy; C:\WINDOWS\system32\drivers\P17.sys [2005-07-07 1389056]

R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]

R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]

S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]

S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINDOWS\system32\drivers\ctdvda2k.sys [2006-08-17 340176]

S3 hcwPP2;Hauppauge WinTV PVR PCI II ([23|25|26]xxx); C:\WINDOWS\system32\DRIVERS\hcwPP2.sys [2005-03-15 148608]

S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-01-05 51056]

S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-01-05 16496]

S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-01-05 21488]

S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]

S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]

S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]

S3 PCANDIS5;PCANDIS5 Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []

S3 Profos;Profos; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys []

S3 RT2500USB;Hercules Wireless USB Dongle Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2006-01-12 252928]

S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]

S3 Trufos;Trufos; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys []

S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]

R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]

R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-12 44032]

R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]

R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424]

R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]

R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-07-08 127043]

R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2005-11-02 265216]

R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]

S3 GoToAssist;GoToAssist; C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe [2007-10-17 16936]

S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-10-27 138168]

S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]

S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-03-22 779824]

S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-03-22 271920]

S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-01-05 65795]

S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

 

-----------------EOF-----------------

et 2

info.txt logfile of random's system information tool 1.04 2008-12-08 22:39:32

 

======Uninstall list======

 

-->"C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x040c

-->"C:\Program Files\Creative Installation Information\CTCMSGO\Setup.exe" /remove /l0x040c

-->"C:\Program Files\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x040c

-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_CDBURNER_U\Setup.exe" /remove /l0x040c

-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_MINIDISC_U\Setup.exe" /remove /l0x040c

-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_ONLINESTORE_U\Setup.exe" /remove /l0x040c

-->"C:\Program Files\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x040c

-->"C:\Program Files\Creative\SBAudigy\Program\Setup.exe" /S /U /W /L:FRN

-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL

-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL

-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL

-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL

-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL

-->C:\WINDOWS\UNRecode.exe /UNINSTALL

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x40c

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x40c

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x40c /remove

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x40c

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x40c /remove

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34EBD418-B8E6-4E86-89C4-33B72CF5663F}\setup.exe" -l0x40c

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34EBD418-B8E6-4E86-89C4-33B72CF5663F}\setup.exe" -l0x40c /remove

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x40c

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x40c /remove

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c /remove

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x40c

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x40c /remove

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x40c

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x40c /remove

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x40c

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x40c /remove

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x40c

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x40c

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x40c /remove

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C64409FA-42A7-49C6-837A-D2E5D813BD57}\setup.exe" -l0x40c

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C64409FA-42A7-49C6-837A-D2E5D813BD57}\setup.exe" -l0x40c /remove

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C88C3C27-AECE-4137-A6CC-D7A6FFAD2F84}\setup.exe" -l0x40c

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x40c

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x40c /remove

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Reader 8.1.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003}

adsl TV-->C:\Program Files\adslTV\Uninstal.exe

Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe

Audacity 1.3.4 (Unicode)-->"C:\Program Files\Audacity 1.3 Beta (Unicode)\unins000.exe"

Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE

Bink and Smacker-->C:\PROGRA~1\RADVideo\UNWISE.EXE C:\PROGRA~1\RADVideo\INSTALL.LOG

CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"

Clock 2.3-->C:\Program Files\Clock\uninst.exe

Correctif n° 2 pour Windows XP Édition Media Center 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe

Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"

Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"

Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"

Creative Audio Console-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x40c /remove

Creative MediaSource 5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\SETUP.EXE" -l0x40c /remove

Creative Software AutoUpdate-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x40c /remove

Creative System Information-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x40c /remove

Dell Resource CD-->MsiExec.exe /X{FCD9CD52-7222-4672-94A0-A722BA702FD0}

DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"

Free Video Converter V 1.3-->"C:\Program Files\Free Video Converter\unins000.exe"

Frogger2-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Hasbro Interactive\Frogger2\Uninst.isu"

GemMaster Mystic-->"C:\Program Files\GemMasterFrench\uninstallgemmaster.exe"

Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}

Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"

GoToAssist 8.0.0.480-->C:\Program Files\Citrix\GoToAssist\480\G2AUninstaller.exe /uninstall

High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe

HijackThis 2.0.2-->"C:\DOCUME~1\Eric\LOCALS~1\Temp\Rar$EX00.063\HijackThis.exe" /uninstall

Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"

Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"

HP Image Zone 3.5-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat

HP PSC & OfficeJet 3.5-->"C:\Program Files\HP\Digital Imaging\{0FABD3D7-3036-4e78-B29D-58957ADB0A12}\setup\hpzscr01.exe" -datfile hposcr03.dat

HP Software Update-->MsiExec.exe /X{34957B51-9676-41CE-9E52-44AE91B73F1C}

IncrediMail Xe-->C:\PROGRA~1\INCRED~1\bin\imsetup.exe /remove /addon:IncrediMail /log:IncMail.log

Intel® PRO Network Connections Drivers-->Prounstl.exe

iWizz-->C:\Program Files\iWizz\uninstall.exe

iWizz-->C:\Program Files\iWizz\uninstall.exe

Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}

Java 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}

K-Lite Codec Pack 3.5.7 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"

l'Aide d'Audacity-->C:\Program Files\Audacity\Aide\Uninstal.exe

Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

Les Sims Abracadabra-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A00D1BA-D03A-44E5-AF28-86A1F377DF61}\setup.exe" -l040c

Memories Disc Creator 2.0-->MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA}

Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}

Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"

Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{3F7924B9-D148-3141-87B1-68F36043A940}

Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}

Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"

Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"

Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"

Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}

Microsoft Office Word Viewer 2003-->MsiExec.exe /I{9085040C-6000-11D3-8CFE-0150048383C9}

Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"

Microsoft Zoo Tycoon-->"C:\Program Files\Microsoft Games\Zoo Tycoon\UNINSTAL.EXE" /runtemp /addremove

Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf

Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"

Mise à jour pour Lecteur Windows Media 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"

Mise à jour pour Lecteur Windows Media 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB943729)-->"C:\WINDOWS\$NtUninstallKB943729$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"

Montpellier Business Plan Classic-->MsiExec.exe /I{EDA1C1F7-F27E-4B20-B9BC-39964452DBB1}

Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP

MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MWSnap 3-->"C:\Documents and Settings\Eric\Mes documents\mes logiciels\MWSnap\uninstall.exe"

Nero 7 Essentials-->MsiExec.exe /X{282E3F81-CC37-44AF-8156-C35104D21036}

NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI

O&O Defrag Professional Edition-->MsiExec.exe /I{53480370-6CA2-47EC-BC05-02B4B9271C31}

OpenOffice.org 2.4-->MsiExec.exe /I{1E0FF527-971B-4BBF-83D1-987E8DEE437D}

Otto-->"C:\Program Files\FrenchOtto\uninstallotto.exe"

PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"

PKR-->"C:\Program Files\PKR\uninstall-pkr.exe"

Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}

Sound Blaster Audigy-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}\SETUP.EXE" -l0x40c /remove

Sound Blaster pour Media Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C88C3C27-AECE-4137-A6CC-D7A6FFAD2F84}\setup.exe" -l0x40c /remove

Spybot - Search & Destroy 1.3-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"

TerraExplorer-->C:\Program Files\Skyline\TerraExplorer\Setup.exe [OP]/U

Titan Poker-->"C:\Documents and Settings\Eric\Mes documents\mes logiciels\Titan Poker\_SetupPoker.exe" /uninstall

Turbo Lister 2-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{69640730-B830-4C24-BB5C-222DA1260548}

Utilitaire de gestion du LAN Wifi IEEE 802.11g-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8F7953DB-3529-4D69-A577-CC22D4F32C51}\setup.exe" -l0x40c

Vuze-->C:\Program Files\Azureus\uninstall.exe

WiFi Station-->C:\Program Files\InstallShield Installation Information\{DECE22F4-EEDD-4615-BC56-2F4827FAD64B}\Setup.exe -runfromtemp -l0x040c -removeonly

Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}

Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}

Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"

Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"

Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"

Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"

Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

Winmail Reader 1.1.12-->"C:\Program Files\Winmail Reader\unins000.exe"

 

======Security center information======

 

AV: Avira AntiVir PersonalEdition Classic

 

======Environment variables======

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem

"windir"=%SystemRoot%

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=15

"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 6 Stepping 2, GenuineIntel

"PROCESSOR_REVISION"=0602

"NUMBER_OF_PROCESSORS"=2

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

 

-----------------EOF-----------------

je n'ose plus dire merci mais quand mème..

[no.ppp]

Bonsoir,

 

Télécharge OTMoveIt3 (d'Old_Timer) sur ton Bureau.

• Copie (Ctrl+C) le texte se situant ci-dessous :

  :processes
  explorer.exe
   
  :files
  C:\TB.txt
  C:\ToolBar SD
  C:\WINDOWS\system32\TDSSakao.log
  C:\WINDOWS\system32\TDSSkrrx.dll
  C:\WINDOWS\system32\TDSSottu.dll
  C:\WINDOWS\system32\TDSSubgj.dll
  C:\WINDOWS\system32\TDSSwppe.dat
  C:\WINDOWS\system32\TDSSyoqu.dll
   
  :reg
  [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV.SYS]
  [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TDSSSERV.SYS]
  [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TDSSSERV.SYS]
  [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.sys]
  [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv.sys]
  [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\TDSSserv.sys]
  [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TDSSserv.sys]
   
  :commands
  [emptytemp]
  [reboot]

• Double-clique sur OTMoveIt3.exe pour le lancer.
  
• Colle (ou Ctrl+V) le texte précédemment copié dans le cadre : Paste Instructions for Items to be Moved
  
• Clique sur MoveIt! pour lancer la suppression.
  
• Le résultat apparaîtra dans le cadre Results
  
• Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur YES..
  
• Poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
  
• Le nom du rapport correspond au moment de sa création : date_heure.log
  

Modifié le 9 décembre 2008 par no.ppp

[AGECOBOY]

salut , s'est passé la chose suivante quand j'ai lancé move it ,peu après antivir s'est lancé ,m'a trouvé un virus pss ou dans le genre puis un autre ,j'ai une fois supprimer ,ensuite tout s'est figé ,j'ai dedémarré et me voilà....

a part ca ca va toi?

[AGECOBOY]

salut , s'est passé la chose suivante quand j'ai lancé move it ,peu après antivir s'est lancé ,m'a trouvé un virus pss ou dans le genre puis un autre ,j'ai une fois supprimer ,ensuite tout s'est figé ,j'ai dedémarré et me voilà....

a part ca ca va toi?

bon je te poste ce log ,peut etre aurais je du desactiver antivir avant de lancer move it

 

========== PROCESSES ==========

Process explorer.exe killed successfully.

========== FILES ==========

C:\TB.txt moved successfully.

C:\ToolBar SD\Backup-TB\Reg moved successfully.

C:\ToolBar SD\Backup-TB\Program Files\AskSBar moved successfully.

C:\ToolBar SD\Backup-TB\Program Files moved successfully.

C:\ToolBar SD\Backup-TB moved successfully.

C:\ToolBar SD moved successfully.

C:\WINDOWS\system32\TDSSakao.log moved successfully.

LoadLibrary failed for C:\WINDOWS\system32\TDSSkrrx.dll

C:\WINDOWS\system32\TDSSkrrx.dll NOT unregistered.

C:\WINDOWS\system32\TDSSkrrx.dll moved successfully.

LoadLibrary failed for C:\WINDOWS\system32\TDSSottu.dll

C:\WINDOWS\system32\TDSSottu.dll NOT unregistered.

C:\WINDOWS\system32\TDSSottu.dll moved successfully.

LoadLibrary failed for C:\WINDOWS\system32\TDSSubgj.dll

C:\WINDOWS\system32\TDSSubgj.dll NOT unregistered.

C:\WINDOWS\system32\TDSSubgj.dll moved successfully.

C:\WINDOWS\system32\TDSSwppe.dat moved successfully.

LoadLibrary failed for C:\WINDOWS\system32\TDSSyoqu.dll

C:\WINDOWS\system32\TDSSyoqu.dll NOT unregistered.

File move failed. C:\WINDOWS\system32\TDSSyoqu.dll scheduled to be moved on reboot.

========== REGISTRY ==========

Unable to delete registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV.SYS\\ .

Unable to delete registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TDSSSERV.SYS\\ .

Unable to delete registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TDSSSERV.SYS\\ .

Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.sys\\ not found.

Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv.sys\\ not found.

Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\TDSSserv.sys\\ not found.

Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TDSSserv.sys\\ not found.

========== COMMANDS ==========

File delete failed. C:\DOCUME~1\Eric\LOCALS~1\Temp\etilqs_VV7tmhP5Qh7Dz8CNy66t scheduled to be deleted on reboot.

File delete failed. C:\DOCUME~1\Eric\LOCALS~1\Temp\~DF6A47.tmp scheduled to be deleted on reboot.

File delete failed. C:\DOCUME~1\Eric\LOCALS~1\Temp\~DF6A63.tmp scheduled to be deleted on reboot.

File delete failed. C:\DOCUME~1\Eric\LOCALS~1\Temp\~DFBDF7.tmp scheduled to be deleted on reboot.

File delete failed. C:\DOCUME~1\Eric\LOCALS~1\Temp\~DFBE09.tmp scheduled to be deleted on reboot.

User's Temp folder emptied.

User's Temporary Internet Files folder emptied.

User's Internet Explorer cache folder emptied.

Local Service Temp folder emptied.

File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.

Local Service Temporary Internet Files folder emptied.

Windows Temp folder emptied.

Java cache emptied.

File delete failed. C:\Documents and Settings\Eric\Local Settings\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Eric\Local Settings\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Eric\Local Settings\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Eric\Local Settings\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Eric\Local Settings\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\urlclassifier3.sqlite scheduled to be deleted on reboot.

File delete failed. C:\Documents and Settings\Eric\Local Settings\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\XUL.mfl scheduled to be deleted on reboot.

FireFox cache emptied.

Temp folders emptied.

 

OTMoveIt3 by OldTimer - Version 1.0.7.2 log created on 12092008_214536

 

Files moved on Reboot...

File C:\WINDOWS\system32\TDSSyoqu.dll not found!

File C:\DOCUME~1\Eric\LOCALS~1\Temp\etilqs_VV7tmhP5Qh7Dz8CNy66t not found!

File C:\DOCUME~1\Eric\LOCALS~1\Temp\~DF6A47.tmp not found!

File C:\DOCUME~1\Eric\LOCALS~1\Temp\~DF6A63.tmp not found!

File C:\DOCUME~1\Eric\LOCALS~1\Temp\~DFBDF7.tmp not found!

File C:\DOCUME~1\Eric\LOCALS~1\Temp\~DFBE09.tmp not found!

File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.

C:\Documents and Settings\Eric\Local Settings\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\Cache\_CACHE_001_ moved successfully.

C:\Documents and Settings\Eric\Local Settings\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\Cache\_CACHE_002_ moved successfully.

C:\Documents and Settings\Eric\Local Settings\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\Cache\_CACHE_003_ moved successfully.

C:\Documents and Settings\Eric\Local Settings\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\Cache\_CACHE_MAP_ moved successfully.

C:\Documents and Settings\Eric\Local Settings\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\urlclassifier3.sqlite moved successfully.

C:\Documents and Settings\Eric\Local Settings\Application Data\Mozilla\Firefox\Profiles\ner8aoov.default\XUL.mfl moved successfully.

[no.ppp]

Bonjour,

 

Une partie de la procédure se faisant en Mode Sans Échec, je t'invite vivement à sauvegarder la page dans un fichier car tu n'auras pas accès à Internet. Tu peux également l'enregistrer dans un fichier .txt ou l'imprimer. L'enregistrement de la page Web reste la meilleure solution car tu garderas la mise en forme du texte.

 

• Ouvre ton navigateur.
  
• Clique sur Fichier > Enregistrer sous
  
• Dans Type, choisis : Archive web, fichier seul (*.mht) ou Page Web, complète selon que tu utilises Internet Explorer ou FireFox
  
• Clique sur Enregistrer
  

 

Télécharge et installe MalwareByte's (de RubbeR DuckY)

• Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour" : si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
  Ne jamais redémarrer en mode sans échec via MSConfig
  
• Redémarre en Mode Sans Échec (tapote F8 au démarrage)
  
• Lance une analyse complète.
  
• A la fin du scan, clique sur "Afficher les résultats" > "Supprimer la sélection" ou "Remove Selected"
  
• Copie/colle le rapport final.
  

[AGECOBOY]

Bonsoir , voilà le rapport..

amicalement

Malwarebytes' Anti-Malware 1.31

Version de la base de données: 1483

Windows 5.1.2600 Service Pack 3

 

10/12/2008 21:27:46

mbam-log-2008-12-10 (21-27-46).txt

 

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|I:\|J:\|)

Eléments examinés: 224050

Temps écoulé: 37 minute(s), 49 second(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 2

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 7

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully.

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

C:\System Volume Information\_restore{984FA12E-7517-40F1-8BA7-3355EB6254A5}\RP365\A0054720.dll (Trojan.TDSS) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\TDSSmxfe.sys (Trojan.TDSS) -> Quarantined and deleted successfully.

C:\_OTMoveIt\MovedFiles\12092008_214536\WINDOWS\system32\TDSSkrrx.dll (Trojan.TDSS) -> Quarantined and deleted successfully.

C:\_OTMoveIt\MovedFiles\12092008_214536\WINDOWS\system32\TDSSottu.dll (Trojan.TDSS) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\TDSSserv.sys (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Documents and Settings\Eric\Local Settings\Temp\TDSS5c0f.tmp (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Documents and Settings\Eric\Local Settings\Temp\TDSS5c1e.tmp (Trojan.Agent) -> Quarantined and deleted successfully.