Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Infecte par Zlob

davidoux

Par davidoux
dans Analyses et éradication malwares

 Partager

Messages recommandés

davidoux Junior Member

davidoux

Posté(e)
  • Auteur
Posté(e)

LOG.TXT :

 

**************************************

Logfile of random's system information tool 1.04 (written by random/random)

Run by David at 2008-12-10 17:36:40

Microsoft® Windows Vista Ultimate Service Pack 1

System drive C: has 149 GB (74%) free of 200 GB

Total RAM: 3325 MB (84% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:37:47, on 10/12/2008

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Safe mode with network support

 

Running processes:

C:\Windows\Explorer.EXE

C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe

C:\Program Files\TortoiseSVN\bin\TSVNCache.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\explorer.exe

C:\Users\David\Desktop\RSIT.exe

C:\Users\David\Downloads\David.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe

O4 - HKLM\..\Run: [sigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"

O4 - HKLM\..\Run: [PMX Daemon] ICO.EXE

O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"

O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\RunOnce: [GrpConv] grpconv -o

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe

O4 - HKCU\..\Run: [Google Update] "C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [HansoftProjectManagerClient] "C:\Program Files\Hansoft\Project Manager Server\HPMClient.exe" -AutoStart

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: CCTray.lnk = C:\Program Files\CCTray\cctray.exe

O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: PDFCreator.lnk = C:\Program Files\PDFCreator\PDFCreator.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: (no name) - {3B8FB116-D358-48A3-A5C7-DB84F15CBB04} - http://www.iexplorsecurity.com/redirect.php (file missing)

O9 - Extra 'Tools' menuitem: Explorer Security - {3B8FB116-D358-48A3-A5C7-DB84F15CBB04} - http://www.iexplorsecurity.com/redirect.php (file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = mydomain.local

O17 - HKLM\Software\..\Telephony: DomainName = mydomain.local

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = mydomain.local

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: CruiseControl.NET Server (CCService) - ThoughtWorks - C:\Program Files\CruiseControl.NET\server\ccservice.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Hansoft Project Server (HPServer) - Hansoft AB - C:/Program Files/Hansoft/Project Manager Server/HPMServer_x86.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe

O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe

O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe

O23 - Service: SessionLauncher - Unknown owner - C:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe (file missing)

O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe

O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE

O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe

 

--

End of file - 8448 bytes

 

======Scheduled tasks folder======

 

C:\Windows\tasks\GoogleUpdateTaskUser.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

SSVHelper Class - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2008-08-26 2549368]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [2008-08-08 325048]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]

CBrowserHelperObject Object - C:\Program Files\Dell\BAE\BAE.dll [2006-11-09 98304]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2008-08-26 2549368]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

"ECenter"=C:\Dell\E-Center\EULALauncher.exe [2008-02-29 17920]

"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [2007-09-12 405504]

"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-10-25 86016]

"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-10-25 8530464]

"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-10-25 81920]

"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784]

"PMX Daemon"=C:\Windows\system32\ICO.EXE [2006-11-08 49152]

"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-10-03 178712]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]

"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-08 29744]

"dscactivate"=C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2008-03-11 16384]

""= []

"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe [2008-05-14 244208]

"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2008-08-11 115560]

"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]

"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"GrpConv"=grpconv -o []

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-08-08 68856]

"AdobeUpdater"=C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2007-03-01 2321600]

"Google Update"=C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-03 133104]

"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

"HansoftProjectManagerClient"=C:\Program Files\Hansoft\Project Manager Server\HPMClient.exe [2008-10-23 229576]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

PDFCreator.lnk - C:\Program Files\PDFCreator\PDFCreator.exe

 

C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

CCTray.lnk - C:\Program Files\CCTray\cctray.exe

OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antvirus]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ccEvtMgr]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ccSetMgr]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmcService]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Symantec Antivirus]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Symantec Antvirus]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"EnableLUA"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoWelcomeScreen"=

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e8cbd7c9-7a89-11dd-aa11-001ec9529201}]

shell\AutoRun\command - J:\LaunchU3.exe -a

 

 

======List of files/folders created in the last 1 months======

 

2008-12-10 17:36:40 ----D---- C:\rsit

2008-12-10 17:00:43 ----A---- C:\Users\David\AppData\Roaming\SetValue.bat

2008-12-10 17:00:43 ----A---- C:\Users\David\AppData\Roaming\GetValue.vbs

2008-12-10 15:49:26 ----A---- C:\Windows\system32\tmp.txt

2008-12-10 15:49:24 ----A---- C:\rapport.txt

2008-12-10 14:39:21 ----D---- C:\ProgramData\Avira

2008-12-10 14:39:21 ----D---- C:\Program Files\Avira

2008-12-10 11:29:46 ----A---- C:\Windows\ntbtlog.txt

2008-12-10 03:03:10 ----A---- C:\Windows\system32\gdi32.dll

2008-12-10 03:02:54 ----SHD---- C:\Config.Msi

2008-12-10 03:02:23 ----A---- C:\Windows\system32\shell32.dll

2008-12-10 03:02:10 ----A---- C:\Windows\explorer.exe

2008-12-10 03:01:39 ----A---- C:\Windows\system32\mshtml.dll

2008-12-10 03:01:39 ----A---- C:\Windows\system32\jsproxy.dll

2008-12-10 03:01:38 ----A---- C:\Windows\system32\mstime.dll

2008-12-10 03:01:38 ----A---- C:\Windows\system32\iertutil.dll

2008-12-10 03:01:37 ----A---- C:\Windows\system32\wininet.dll

2008-12-10 03:01:37 ----A---- C:\Windows\system32\urlmon.dll

2008-12-10 03:01:35 ----A---- C:\Windows\system32\ieframe.dll

2008-12-10 03:01:09 ----A---- C:\Windows\system32\WMVCORE.DLL

2008-12-10 03:01:09 ----A---- C:\Windows\system32\WMNetMgr.dll

2008-12-10 03:01:09 ----A---- C:\Windows\system32\mf.dll

2008-12-10 03:01:09 ----A---- C:\Windows\system32\logagent.exe

2008-11-26 11:44:29 ----A---- C:\Windows\WORDPAD.INI

2008-11-25 15:39:21 ----D---- C:\DUMMY

2008-11-21 14:26:14 ----D---- C:\Program Files\SoftK

2008-11-17 16:52:58 ----D---- C:\Program Files\SystemRequirementsLab

2008-11-17 16:52:03 ----D---- C:\Users\David\AppData\Roaming\SystemRequirementsLab

2008-11-17 16:49:54 ----D---- C:\Users\David\AppData\Roaming\Download Manager

2008-11-14 11:28:39 ----D---- C:\Windows\system32\win32deps

2008-11-14 11:28:37 ----D---- C:\Windows\system32\osxdeps

2008-11-14 11:28:26 ----D---- C:\Program Files\TaoFramework

2008-11-13 16:01:04 ----A---- C:\Windows\system32\XAudio2_1.dll

2008-11-13 16:01:04 ----A---- C:\Windows\system32\XAPOFX1_0.dll

2008-11-13 16:01:04 ----A---- C:\Windows\system32\X3DAudio1_4.dll

2008-11-13 16:00:24 ----D---- C:\Windows\system32\xlive

2008-11-13 16:00:13 ----D---- C:\Program Files\Microsoft XNA

2008-11-13 11:52:15 ----D---- C:\Program Files\7-Zip

2008-11-12 15:35:04 ----D---- C:\Users\David\AppData\Roaming\DAEMON Tools

2008-11-12 03:01:22 ----A---- C:\Windows\system32\msxml3.dll

2008-11-12 03:00:33 ----A---- C:\Windows\system32\msxml6.dll

 

======List of files/folders modified in the last 1 months======

 

2008-12-10 17:35:17 ----D---- C:\Program Files\Mozilla Firefox

2008-12-10 17:34:02 ----D---- C:\Windows\Temp

2008-12-10 17:15:17 ----D---- C:\Windows\System32

2008-12-10 17:15:17 ----D---- C:\Windows\inf

2008-12-10 17:15:17 ----A---- C:\Windows\system32\PerfStringBackup.INI

2008-12-10 17:10:01 ----D---- C:\Windows\system32\inetsrv

2008-12-10 14:39:21 ----RD---- C:\Program Files

2008-12-10 14:39:21 ----HD---- C:\ProgramData

2008-12-10 14:39:21 ----D---- C:\Windows\system32\drivers

2008-12-10 11:29:46 ----D---- C:\Windows

2008-12-10 10:03:01 ----D---- C:\Windows\Prefetch

2008-12-10 03:16:42 ----D---- C:\Windows\system32\catroot2

2008-12-10 03:04:03 ----SHD---- C:\Windows\Installer

2008-12-10 03:03:55 ----D---- C:\ProgramData\Microsoft Help

2008-12-10 03:03:15 ----D---- C:\Windows\winsxs

2008-12-10 03:03:14 ----D---- C:\Windows\system32\catroot

2008-12-10 03:00:35 ----SHD---- C:\System Volume Information

2008-11-27 16:03:48 ----D---- C:\RELEASE

2008-11-25 14:34:56 ----D---- C:\Depends

2008-11-21 14:26:20 ----D---- C:\Program Files\Common Files\microsoft shared

2008-11-19 22:48:33 ----D---- C:\Windows\Tasks

2008-11-18 16:56:31 ----RSD---- C:\Windows\assembly

2008-11-13 16:01:26 ----RSD---- C:\Windows\Fonts

2008-11-13 16:00:55 ----D---- C:\Windows\Logs

2008-11-12 03:08:22 ----D---- C:\Users\David\AppData\Roaming\TortoiseSVN

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2008-01-21 350720]

R3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2007-09-12 228224]

R3 pmxmouse;PMXMOUSE; C:\Windows\system32\DRIVERS\pmxmouse.sys [2007-06-01 18432]

R3 pmxusblf;PMXUSBLF; C:\Windows\system32\DRIVERS\pmxusblf.sys [2007-05-24 19008]

S1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840]

S1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-10-30 75072]

S1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2008-10-15 371248]

S1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2008-08-11 420400]

S1 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2008-08-11 279088]

S1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2008-08-11 43696]

S1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]

S1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2008-08-11 191536]

S3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-20 52032]

S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-09-02 99376]

S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20081209.025\NAVENG.SYS [2008-11-11 89104]

S3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20081209.025\NAVEX15.SYS [2008-11-11 876112]

S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-10-25 8224128]

S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]

S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2008-08-11 317616]

S3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-09-12 326656]

S3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2008-08-26 123952]

S3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2008-08-11 27696]

S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]

S3 VSPerfDrv90;Performance Tools Driver 9.0; \??\C:\Program Files\Microsoft Visual Studio 9.0\Team Tools\Performance Tools\VSPerfDrv90.sys [2007-09-04 55664]

S3 WinUsb;WinUsb Driver; C:\Windows\system32\DRIVERS\WinUSB.SYS [2008-01-21 31616]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-08-11 108392]

R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-08-11 108392]

R2 SmcService;Symantec Management Client; C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe [2008-08-11 2475392]

R2 Symantec AntiVirus;Symantec Endpoint Protection; C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2008-08-11 2234296]

S2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]

S2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]

S2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2008-01-21 21504]

S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-21 21504]

S2 HPServer;Hansoft Project Server; C:/Program Files/Hansoft/Project Manager Server/HPMServer_x86.exe -Service HPServer []

S2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-10-03 358936]

S2 IISADMIN;@%windir%\system32\inetsrv\iisres.dll,-30007; C:\Windows\system32\inetsrv\inetinfo.exe [2008-01-21 13824]

S2 RoxLiveShare10;LiveShare P2P Server 10; C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [2008-05-14 309744]

S2 RoxWatch10;Roxio Hard Drive Watcher 10; C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [2008-05-14 166384]

S2 SessionLauncher;SessionLauncher; C:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe []

S2 STacSV;SigmaTel Audio Service; C:\Windows\system32\STacSV.exe [2007-09-12 94208]

S2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2008-01-21 21504]

S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-21 21504]

S3 aspnet_state;@%windir%\system32\inetsrv\iisres.dll,-30009; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-01-21 33800]

S3 CCService;CruiseControl.NET Server; C:\Program Files\CruiseControl.NET\server\ccservice.exe [2008-07-29 24576]

S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-01-21 523776]

S3 GoogleDesktopManager-010708-104812;Google Desktop Manager 5.7.801.7324; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-08 29744]

S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-08 138168]

S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-08-11 3093872]

S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]

S3 MSFTPSVC;@%windir%\system32\inetsrv\iisres.dll,-30005; C:\Windows\system32\inetsrv\inetinfo.exe [2008-01-21 13824]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 RoxMediaDB10;RoxMediaDB10; C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-05-14 1120752]

S3 SNAC;Symantec Network Access Control; C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE [2008-08-11 288136]

S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2008-03-24 74384]

S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-21 21504]

S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2008-01-21 21504]

S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2008-01-21 917504]

S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

S3 WMSvc;@%windir%\system32\inetsrv\iisres.dll,-20001; C:\Windows\system32\inetsrv\wmsvc.exe [2008-01-21 11264]

S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2007-11-07 3004416]

 

-----------------EOF-----------------

 

 

 

INFO.TXT :

 

 

 

******************************************

info.txt logfile of random's system information tool 1.04 2008-12-10 17:37:48

 

======Uninstall list======

 

-->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}

2IS Software Bundle-->MsiExec.exe /X{C953138A-7A4A-4C63-B201-B7BD326A6A90}

7-Zip 4.57-->"C:\Program Files\7-Zip\Uninstall.exe"

Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Reader 8.1.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}

Advanced Port Scanner v1.3-->C:\Program Files\Advanced Port Scanner\uninstal.exe

Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE

Browser Address Error Redirector-->MsiExec.exe /I{62230596-37E5-4618-A329-0D21F529A86F}

CCNetConfig-->MsiExec.exe /I{34E14064-D387-4A1D-B5AC-EC76C7859C98}

Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}

CruiseControl.NET 1.4-->C:\Program Files\CruiseControl.NET\uninst.exe

CruiseControl.NET CCTray 1.4-->C:\Program Files\CCTray\uninst.exe

DeadLine Equation Solver-->"C:\Program Files\DeadLine\unins000.exe"

Dell Getting Started Guide-->MsiExec.exe /I{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}

Dell Support Center-->MsiExec.exe /X{E3BFEE55-39E2-4BE0-B966-89FE583822C1}

DirectXInstallService-->MsiExec.exe /X{098122AB-C605-4853-B441-C0A4EB359B75}

doxygen 1.5.6-->"C:\Program Files\doxygen\system\unins000.exe"

EDocs-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}\setup.exe"

FinalBuilder 6 Vista Compatibility-->%windir%\system32\sdbinst.exe -u "C:\Windows\AppPatch\Custom\{b1238c5d-4913-438e-889b-dcbecea68228}.sdb"

FinalBuilder 6.1.0.891-->"C:\Program Files\FinalBuilder 6\unins000.exe"

FreeFileSync-->"C:\Program Files\FreeFileSync\uninstall.exe"

Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall

Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}

Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"

GraphPlotter-->C:\Windows\unvise32.exe C:\Program Files\GraphPlotter\uninstal.log

Hansoft Project Manager Server-->"C:\Program Files\Hansoft\Project Manager Server\Uninstall.exe"

HijackThis 2.0.2-->"C:\Users\David\Downloads\HijackThis.exe" /uninstall

Hotfix for Microsoft Visual Studio Team System 2008 Development Edition - ENU (KB946040)-->C:\Windows\system32\msiexec.exe /package {6721AC10-3743-38F1-B178-C0EC6C9A4108} /uninstall {E032BB9A-1041-4CAF-BCF6-5DE6B55DB585} /qb+ REBOOTPROMPT=""

Hotfix for Microsoft Visual Studio Team System 2008 Development Edition - ENU (KB952241)-->C:\Windows\system32\msiexec.exe /package {6721AC10-3743-38F1-B178-C0EC6C9A4108} /uninstall {DC93B23E-0882-46A9-B45F-3B6F279EFB39} /qb+ REBOOTPROMPT=""

HTML Help Workshop-->C:\Program Files\HTML Help Workshop\setup.exe Uninstall

Intel® Matrix Storage Manager-->C:\Windows\System32\Imsmudlg.exe

Intel® PRO Network Connections 12.1.12.4-->MsiExec.exe /i{777CA40C-0206-4EF6-A0FC-618BF06BF8D0} ARPREMOVE=1

Intel® PRO Network Connections 12.1.12.4-->MsiExec.exe /i{777CA40C-0206-4EF6-A0FC-618BF06BF8D0} ARPREMOVE=1

Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}

JIRA Professional Edition 3.13.1-->C:\Program Files\JIRA-Professional-3.13.1\uninstall.exe

LiveUpdate 3.3 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U

Microsoft .NET Framework 3.5-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe

Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}

Microsoft Device Emulator version 3.0 - ENU-->MsiExec.exe /X{B32E7732-B2FB-3FD0-81AC-6025B1104C66}

Microsoft Document Explorer 2008-->C:\Program Files\Common Files\Microsoft Shared\Help 9\Microsoft Document Explorer 2008\install.exe

Microsoft Document Explorer 2008-->MsiExec.exe /X{6753B40C-0FBD-3BED-8A9D-0ACAC2DCD85D}

Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}

Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}

Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}

Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISER /dll OSETUP.DLL

Microsoft Office Enterprise 2007-->MsiExec.exe /X{91120000-0030-0000-0000-0000000FF1CE}

Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}

Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}

Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}

Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}

Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}

Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}

Microsoft Office PowerPoint Viewer 2007 (English)-->MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}

Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}

Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}

Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}

Microsoft Office Visual Web Developer 2007-->MsiExec.exe /X{90120000-0021-0000-0000-0000000FF1CE}

Microsoft Office Visual Web Developer MUI (English) 2007-->MsiExec.exe /X{90120000-0021-0409-0000-0000000FF1CE}

Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}

Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs-->MsiExec.exe /X{90120000-00B2-0409-0000-0000000FF1CE}

Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft SQL Server Compact 3.5 Design Tools ENU-->MsiExec.exe /X{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}

Microsoft SQL Server Compact 3.5 ENU-->MsiExec.exe /I{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}

Microsoft SQL Server Compact 3.5 for Devices ENU-->MsiExec.exe /I{241F2BF7-69EB-42A4-9156-96B2426C7504}

Microsoft SQL Server Database Publishing Wizard 1.2-->MsiExec.exe /X{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}

Microsoft Visual Studio 2005 Tools for Office Runtime-->MsiExec.exe /X{388E4B09-3E71-4649-8921-F44A3A2954A7}

Microsoft Visual Studio 2008 Performance Collection Tools - ENU-->MsiExec.exe /I{EB3F5C2A-0754-38B8-8722-7B537006BF46}

Microsoft Visual Studio Team System 2008 Development Edition - ENU-->C:\Program Files\Microsoft Visual Studio 9.0\Microsoft Visual Studio Team System 2008 Development Edition - ENU\setup.exe

Microsoft Visual Studio Web Authoring Component-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall VISUALWEBDEVELOPER /dll OSETUP.DLL

Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools-->MsiExec.exe /X{05EC21B8-4593-3037-A781-A6B5AFFCB19D}

Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries-->MsiExec.exe /X{842FAF7C-50EF-4463-9B8F-6222E1384D7D}

Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense-->MsiExec.exe /X{64c5b887-b5ee-42b8-8596-78905a6b5f1f}

Microsoft Windows SDK for Visual Studio 2008 Tools-->MsiExec.exe /X{CAA376AF-0DE8-4FCA-942E-C6AC579B94B3}

Microsoft Windows SDK for Visual Studio 2008 Win32 Tools-->MsiExec.exe /X{B268E9A1-04A9-40D0-9866-846BE2B74BA7}

Microsoft Works-->MsiExec.exe /I{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}

Microsoft XNA Framework Redistributable 3.0-->MsiExec.exe /I{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}

Microsoft XNA Game Studio 3.0 (ARP entry)-->MsiExec.exe /I{E1D78366-91DA-4AD0-B417-28155743CC22}

Microsoft XNA Game Studio 3.0 (devenv)-->MsiExec.exe /I{2E402AA9-5C0E-45E7-8E70-C23FA0F265D5}

Microsoft XNA Game Studio 3.0 (Platformer)-->MsiExec.exe /I{007BECB0-17DD-4230-9D2F-185287262B14}

Microsoft XNA Game Studio 3.0 (Redists)-->MsiExec.exe /I{0DC16794-7E69-4534-82FA-9DD0500FF338}

Microsoft XNA Game Studio 3.0 (Shared Components)-->MsiExec.exe /I{AF9BDE67-11A5-449A-B9F0-BE572A093DDB}

Microsoft XNA Game Studio 3.0 (XnaLiveProxy)-->MsiExec.exe /I{DFB81F19-ED3A-4DA5-AFE4-1B999E2A8DC5}

Microsoft XNA Game Studio 3.0 Documentation-->MsiExec.exe /I{7FD30AE7-281D-455F-AF9F-0C6C5E334EAD}

Microsoft XNA Game Studio 3.0-->C:\Program Files\Microsoft XNA\XNA Game Studio\v3.0\Setup\Bootstrapper.exe

Microsoft XNA Game Studio Platform Tools-->MsiExec.exe /I{AC3F9FEE-1A44-4FCE-BD72-BD27D4BC6279}

Mirdir 2.1-->C:\Windows\System32\Uninstal.exe

Mouse Suite for Desktop Computers-->C:\Program Files\InstallShield Installation Information\{448E2D77-E504-4221-B2C2-93646B344729}\setup.exe -runfromtemp -l0x0009 -removeonly

Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

Nullsoft Install System-->"C:\Program Files\NSIS\uninst-nsis.exe"

NUnit 2.4.8-->MsiExec.exe /I{02555039-4DFE-4C9C-902A-6D1E4BB973AF}

NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI

Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe

PDFCreator-->C:\Program Files\PDFCreator\unins000.exe

Python 2.5.2-->MsiExec.exe /I{6B976ADF-8AE8-434E-B282-A06C7F624D2F}

QPlot-->MsiExec.exe /X{38947C13-8FB8-4AAB-9638-F49ADA99B988}

Roxio Activation Module-->MsiExec.exe /I{EC877639-07AB-495C-BFD1-D63AF9140810}

Roxio CinePlayer Decoder Pack-->MsiExec.exe /I{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}

Roxio Creator Audio-->MsiExec.exe /I{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}

Roxio Creator Copy-->MsiExec.exe /I{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}

Roxio Creator Data-->MsiExec.exe /I{08E81ABD-79F7-49C2-881F-FD6CB0975693}

Roxio Creator Premier 10-->MsiExec.exe /I{3FB3647F-B6A6-46B4-8613-A09BCFAB80F0}

Roxio Creator Premier-->C:\ProgramData\Uninstall\{469EF13B-4AD0-48D7-AF89-6B92278293E2}\setup.exe /x {469EF13B-4AD0-48D7-AF89-6B92278293E2}

Roxio Creator Premier-->MsiExec.exe /I{ED439A64-F018-4DD4-8BA5-328D85AB09AB}

Roxio Creator Tools-->MsiExec.exe /I{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}

Roxio Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}

Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}

Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0021-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}

Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}

Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0021-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}

Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}

Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}

Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}

Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}

Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}

Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}

Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0021-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}

Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}

Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}

Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}

Slik Subversion 1.5.2 (x86)-->MsiExec.exe /I{9E37ADF5-810C-483D-A70A-8000C728AC2E}

Subversion-->MsiExec.exe /X{79D13EA2-B565-4EC9-BBC4-C286D0421ED5}

Symantec Endpoint Protection-->MsiExec.exe /I{76B2BC31-2D96-4170-9C44-09E13B5555F3}

System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe

TaoFramework 2.1.0-->C:\Program Files\TaoFramework\uninst.exe

TortoiseSVN 1.5.2.13595 (32 bit)-->MsiExec.exe /X{687422AC-40E3-4F48-A816-20DC83F98035}

Tree Surgeon 2.0-->C:\Program Files\Tree Surgeon\uninst.exe

UDPixel_fr.exe-->"C:\Program Files\UDPixel\uninstall.exe"

Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}

Update for Office 2007 (KB946691)-->msiexec /package {90120000-0021-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}

Update for Office 2007 (KB946691)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}

Update for Outlook 2007 Junk Email Filter (kb958619)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {79B301C1-DBC0-467C-AFDA-2A6CDAFA4302}

VC Runtimes MSI-->MsiExec.exe /X{FF29527A-44CD-3422-945E-981A13584000}

Visual Studio 2005 Tools for Office Second Edition Runtime-->C:\Program Files\Common Files\Microsoft Shared\VSTO\8.0\Microsoft Visual Studio 2005 Tools for Office Runtime\install.exe

Visual Studio Tools for the Office system 3.0 Runtime-->C:\Program Files\Common Files\Microsoft Shared\VSTO\9.0\Visual Studio Tools for the Office system 3.0 Runtime\install.exe

Visual Studio Tools for the Office system 3.0 Runtime-->MsiExec.exe /X{8FB53850-246A-3507-8ADE-0060093FFEA6}

Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}

Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}

Windows Mobile 5.0 SDK R2 for Pocket PC-->MsiExec.exe /I{6C9F6D23-E9AD-43C9-B43A-011562AAF876}

Windows Mobile 5.0 SDK R2 for Smartphone-->MsiExec.exe /I{9656F3AC-6BA9-43F0-ABED-F214B5DAB27B}

XPS MiniView Gadget-->MsiExec.exe /I{A73BDB2A-E4A7-4FE8-960E-6A5C8BF76FCB}

 

=====HijackThis Backups=====

 

O2 - BHO: (no name) - {64466B8E-20A7-4A4A-AFF4-AAD9CA68B52C} - C:\Program Files\WebMediaViewer\hpmun.dll (file missing)

 

======Security center information======

 

AV: Symantec Endpoint Protection (disabled)

AS: Symantec Endpoint Protection (disabled)

AS: Windows Defender

 

======Environment variables======

 

"APR_ICONV_PATH"=C:\Program Files\Subversion\iconv

"ComSpec"=%SystemRoot%\system32\cmd.exe

"DependenciesDir"=D:\DevRoot\Dependencies

"DevRoot"=D:\DevRoot

"DFSTRACINGON"=FALSE

"EMC_AUTOPLAY"=C:\Program Files\Common Files\Roxio Shared\

"FP_NO_HOST_CHECK"=NO

"IISU_BIN_DIR"=D:\DevRoot\bin

"NUMBER_OF_PROCESSORS"=4

"OS"=Windows_NT

"PATH"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Intel\DMIX;C:\Program Files\Common Files\Roxio Shared\10.0\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\10.0\DLLShared\;C:\Program Files\TortoiseSVN\bin;%QTDIR%/bin;C:\Program Files\Graphviz2.20\Bin;C:\Program Files\doxygen\bin;C:\Program Files\Subversion\bin;C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE;C:\Program Files\NSIS

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel

"PROCESSOR_LEVEL"=6

"PROCESSOR_REVISION"=0f0b

"QTDIR"=D:\DevRoot\Dependencies\Qt

"RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\10.0\Roxio Central36\

"SBSSERVER"=SOFTMASTER

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat

"USERNAME"=SYSTEM

"VS90COMNTOOLS"=c:\Program Files\Microsoft Visual Studio 9.0\Common7\Tools\

"VSPERFTOOLS_DIR"=C:\Program Files\Microsoft Visual Studio 9.0\Team Tools\Performance Tools\

"windir"=%SystemRoot%

"XNAGSShared"=C:\Program Files\Common Files\Microsoft Shared\XNA\

"XNAGSv3"=C:\Program Files\Microsoft XNA\XNA Game Studio\v3.0\

"SAFEBOOT_OPTION"=NETWORK

 

-----------------EOF-----------------

pear Devil Member !

pear

Posté(e)
Posté(e)

Dans hijackthis, cochez ves lignes puis clic surFixchecked

O9 - Extra 'Tools' menuitem: Explorer Security - {3B8FB116-D358-48A3-A5C7-DB84F15CBB04} - http://www.iexplorsecurity.com/redirect.php (file missing)

O2 - BHO: (no name) - {64466B8E-20A7-4A4A-AFF4-AAD9CA68B52C} - C:\Program Files\WebMediaViewer\hpmun.dll (file missing)

 

Copier/coller ce qui suit dans le bloc notes,

sans ligne blanche au début.

Enregistrez sur le bureau sous regis.reg.

Cliquez droit sur le fichier ->fusionner

Acceptez la modification du Régistre:

 

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64466B8E-20A7-4A4A-AFF4-AAD9CA68B52C}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64466B8E-20A7-4A4A-AFF4-AAD9CA68B52C}]

 

Téléchargez Toolbar-S&D sur le Bureau.

Si vous utilisez Spybot

Pour désactiver TeaTimer qui ne set à rien et peut faire échouer une désinfection:!

Afficher d'abord le Mode Avancé dans SpyBot

->Options Avancées :

- >menu Mode, Mode Avancé.

Une colonne de menus apparaît dans la partie gauche :

- >cliquer sur Outils,

- >cliquer sur Résident,

Dans Résident :

- >décocher Résident "TeaTimer" pour le désactiver.

  • Lancez l'installation du programme en exécutant le fichier téléchargé.
    Redémarrez en mode sans échec
  • Double-cliquez sur le raccourci de Toolbar-S&D.
  • Sélectionnez la langue souhaitée en tapant la lettre de votre choix puis en validant avec la touche Entrée.
  • Choisisssez l'option 1 (Recherche).
  • Patientez jusqu'à la fin de la recherche.
  • Postez le rapport généré. (C:\TB.txt)

 

Relancez Toolbar-S&D en double-cliquant sur le raccourci. Tapez sur "2" et validez par"Entrée".

Ne fermez pas la fenêtre lors de la suppression !

Un rapport sera généré,

postez son contenu ici.

 

NOTE : Si le Bureau ne réapparait pas, appuyer simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.

Allez à l'onglet "Processus". Cliquez en haut à gauche sur Fichier ->"Exécuter..."

Tapez explorer et validez.

 

davidoux Junior Member

davidoux

Posté(e)
  • Auteur
Posté(e)
Relancez Toolbar-S&D en double-cliquant sur le raccourci. Tapez sur "2" et validez par"Entrée".

Ne fermez pas la fenêtre lors de la suppression !

Un rapport sera généré,

postez son contenu ici.

 

[/color]

 

Voici le rapport :

 

 

-----------\\ ToolBar S&D 1.2.6 XP/Vista

 

Microsoft® Windows Vista Ultimate ( v6.0.6001 ) Service Pack 1

X86-based PC ( Multiprocessor Free : Intel® Core2 Quad CPU Q6600 @ 2.40GHz )

BIOS : Phoenix ROM BIOS PLUS Version 1.10 A04

USER : David ( Not Administrator ! )

BOOT : Fail-safe with network boot

Antivirus : Symantec Endpoint Protection 11.0.2000.1253 (Not Activated)

C:\ (Local Disk) - NTFS - Total:195 Go (Free:145 Go)

D:\ (Local Disk) - NTFS - Total:214 Go (Free:181 Go)

E:\ (CD or DVD)

F:\ (USB)

G:\ (USB)

H:\ (Local Disk) - NTFS - Total:14 Go (Free:10 Go)

 

"C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 )

Option : [1] ( mer. 10/12/2008|17:57 )

 

[ UAC => 0 ]

 

-----------\\ Recherche de Fichiers / Dossiers ...

 

C:\Windows\System32\uninst.exe

 

-----------\\ [..\Internet Explorer\Main]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Local Page"="C:\\windows\\system32\\blank.htm"

"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"

"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

"Url"="http://go.microsoft.com/fwlink/?LinkId=44406"

"Url"="http://go.microsoft.com/fwlink/?LinkId=68928"

"Url"="http://go.microsoft.com/fwlink/?LinkId=68929"

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"

"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"

"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

"Local Page"="C:\\windows\\system32\\blank.htm"

 

 

--------------------\\ Recherche d'autres infections

 

--------------------\\ Cracks & Keygens ..

 

C:\PROGRA~2\Microsoft\Windows\Start Menu\Programs\cwRsync\Documentation\ssh_keygen.lnk

 

 

[ UAC => 1 ]

 

 

1 - "C:\ToolBar SD\TB_1.txt" - mer. 10/12/2008|17:58 - Option : [1]

 

-----------\\ Fin du rapport a 17:58:09,04

davidoux Junior Member

davidoux

Posté(e)
  • Auteur
Posté(e)
Relancez Toolbar-S&D en double-cliquant sur le raccourci. Tapez sur "2" et validez par"Entrée".

Ne fermez pas la fenêtre lors de la suppression !

Un rapport sera généré,

postez son contenu ici.

 

 

[/color]

 

Et voila :

 

 

 

-----------\\ ToolBar S&D 1.2.6 XP/Vista

 

Microsoft® Windows Vista Ultimate ( v6.0.6001 ) Service Pack 1

X86-based PC ( Multiprocessor Free : Intel® Core2 Quad CPU Q6600 @ 2.40GHz )

BIOS : Phoenix ROM BIOS PLUS Version 1.10 A04

USER : David ( Not Administrator ! )

BOOT : Fail-safe with network boot

Antivirus : Symantec Endpoint Protection 11.0.2000.1253 (Not Activated)

C:\ (Local Disk) - NTFS - Total:195 Go (Free:145 Go)

D:\ (Local Disk) - NTFS - Total:214 Go (Free:181 Go)

E:\ (CD or DVD)

F:\ (USB)

G:\ (USB)

H:\ (Local Disk) - NTFS - Total:14 Go (Free:10 Go)

 

"C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 )

Option : [2] ( mer. 10/12/2008|18:01 )

 

[ UAC => 1 ]

 

-----------\\ SUPPRESSION

 

Supprime! - C:\Windows\System32\uninst.exe

 

-----------\\ Recherche de Fichiers / Dossiers ...

 

 

-----------\\ [..\Internet Explorer\Main]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Local Page"="C:\\windows\\system32\\blank.htm"

"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"

"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

"Url"="http://go.microsoft.com/fwlink/?LinkId=44406"

"Url"="http://go.microsoft.com/fwlink/?LinkId=68928"

"Url"="http://go.microsoft.com/fwlink/?LinkId=68929"

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.msn.com/"

"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"

"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

"Local Page"="C:\\windows\\system32\\blank.htm"

 

 

--------------------\\ Recherche d'autres infections

 

--------------------\\ Cracks & Keygens ..

 

C:\PROGRA~2\Microsoft\Windows\Start Menu\Programs\cwRsync\Documentation\ssh_keygen.lnk

 

 

[ UAC => 1 ]

 

 

1 - "C:\ToolBar SD\TB_1.txt" - mer. 10/12/2008|17:58 - Option : [1]

2 - "C:\ToolBar SD\TB_2.txt" - mer. 10/12/2008|18:01 - Option : [2]

 

-----------\\ Fin du rapport a 18:01:29,73

pear Devil Member !

pear

Posté(e)
Posté(e)

Je ne vois plus rien d'anormal.

Vous avez écrit que Symantec vous fait problème.

Voulez vous le désinstaller.?

Je pense que vous pourrez le réinstaller si vous y tenez:

Comment désinstaller tous les produits Norton ?

Norton_Removal_Tool.

davidoux Junior Member

davidoux

Posté(e)
  • Auteur
Posté(e)
Je ne vois plus rien d'anormal.

Vous avez écrit que Symantec vous fait problème.

Voulez vous le désinstaller.?

Je pense que vous pourrez le réinstaller si vous y tenez:

Comment désinstaller tous les produits Norton ?

Norton_Removal_Tool.

 

L'uninstaller norton ne fonctionne pas;

 

le norton_removal_tool se lance puis , affiche une fenetre mais il semble bloque .. (apparemment)

peut etre dois je attendre longtemps ?

 

Je confirme que je ne sais tj pas me logger normalement ...

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...