Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Résolu MERCI

Fotomaximus

Par Fotomaximus
dans Analyses et éradication malwares

 Partager

Messages recommandés

Fotomaximus Member

Fotomaximus

Posté(e)
Posté(e) (modifié)

Bonjour

 

J'ai des soucis, un genre lancements difficiles de IE, il semblerait qu'il y en ait 2 en même temps d'ou blocage, des moments ou la souris ne répond plus bien...

J'ai donc exécuté les divers manips Avira et autres et voici mon rapport

La mise à joue Microsft ne se faisant plus avec un message me disant de sélectionner la MAJ auto alors que celle-ci est bien sélectionnés.

 

Alors je vous remercie d'avance de votre aide.

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 15:44:27, on 24/01/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Memeo\AutoBackup\MemeoService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\Program Files\BUFFALO\NASNAVI\nassvc.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe

C:\WINDOWS\system32\PSIService.exe

E:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\atwtusb.exe

E:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe

C:\Program Files\SMSC\Seticon.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\TBLMOUSE.EXE

C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Saitek\Software\Profiler.exe

C:\Program Files\Saitek\Software\SaiSmart.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Memeo\AutoBackup\MemeoBackup.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe

O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "E:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [setIcon] \Program Files\SMSC\Seticon.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [Adobe Photo Downloader] "E:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Profiler] C:\Program Files\Saitek\Software\Profiler.exe

O4 - HKLM\..\Run: [saiSmart] C:\Program Files\Saitek\Software\SaiSmart.exe

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE

O4 - HKLM\..\Run: [Video File] ldc26.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Fichiers communs\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup

O4 - HKLM\..\RunServices: [Video File] ldc26.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"

O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [MsgCenterExe] "C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe" -osboot

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: BUFFALO NAS Navigator.lnk = C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe

O4 - Startup: Memeo AutoBackup Launcher.lnk = C:\Program Files\Memeo\AutoBackup\MemeoLauncher.exe

O4 - Startup: NAS Scheduler.lnk = C:\Program Files\BUFFALO\NASNAVI\nassche.exe

O4 - Global Startup: Logo Calibration Loader.lnk = C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: ProfileReminder.lnk = C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe

O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm

O8 - Extra context menu item: Ajouter au fichier PDF existant - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir en Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000

O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll

O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O15 - Trusted Zone: http://www.redshift.maris.com

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwared...on_2_0_4_10.cab

O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} - http://www.photodex.com/pxplay.cab

O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contrôleur de DownloadManager) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.1.6.cab

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe (file missing)

O23 - Service: MEMEOI~1|Memeo AutoBackup (BMUService) - Memeo - C:\Program Files\Memeo\AutoBackup\MemeoService.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: NAS PM Service (NasPmService) - BUFFALO INC. - C:\Program Files\BUFFALO\NASNAVI\nassvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe

O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe

O23 - Service: ScsiAccess - Unknown owner - E:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe

 

--

End of file - 14340 bytes

Modifié par Fotomaximus

Falkra Devil Member !

Falkra

Posté(e)
Posté(e)

Bonsoir, :P

 

Messages : 1

Si jamais tu as besoin de quelques infos :

Comment participer à un forum

Retrouver ses messages

 

 

Relance HijackThis, clique sur "Do a system scan only" puis coche ceci et clique sur le bouton "Fix checked", en bas à gauche :

O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contrôleur de DownloadManager) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.1.6.cab

 

Télécharge Malwarebytes' Anti-Malware (MBAM)

 

  • Double clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
  • Sélectionne "Exécuter un examen rapide"
  • Clique sur "Rechercher"
  • L'analyse démarre, le scan est relativement long, c'est normal.
  • A la fin de l'analyse, un message s'affiche :
    L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.
    Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
    Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.

 

NB : Si MBAM te demande à redémarrer, fais-le.

Fotomaximus Member

Fotomaximus

Posté(e)
  • Auteur
Posté(e)

Voilà c'est fait.

Merci de ton aide...

 

Malwarebytes' Anti-Malware 1.33

Version de la base de données: 1690

Windows 5.1.2600 Service Pack 3

 

25/01/2009 02:05:06

mbam-log-2009-01-25 (02-05-06).txt

 

Type de recherche: Examen rapide

Eléments examinés: 62474

Temps écoulé: 5 minute(s), 13 second(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 2

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

C:\WINDOWS\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.

C:\WINDOWS\spoolsv.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

Falkra Devil Member !

Falkra

Posté(e)
Posté(e)

Et deux de moins. :P

 

Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

  • Double-clique sur RSIT.exe afin de lancer RSIT.
  • Clique Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché) ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
  • NB : Les rapports sont sauvegardés dans le dossier C:\rsit
    Ca fait deux rapports donc. :P

Fotomaximus Member

Fotomaximus

Posté(e)
  • Auteur
Posté(e)

Les voici, cela te fait de la lecture .......

 

Logfile of random's system information tool 1.05 (written by random/random)

Run by Al at 2009-01-25 13:48:20

Microsoft Windows XP Édition familiale Service Pack 3

System drive C: has 9 GB (6%) free of 153 GB

Total RAM: 3071 MB (78% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 13:48:26, on 25/01/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18241)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Memeo\AutoBackup\MemeoService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\Program Files\BUFFALO\NASNAVI\nassvc.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe

C:\WINDOWS\system32\PSIService.exe

E:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\atwtusb.exe

E:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe

C:\Program Files\SMSC\Seticon.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\TBLMOUSE.EXE

C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

E:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Saitek\Software\Profiler.exe

C:\Program Files\Saitek\Software\SaiSmart.exe

C:\Program Files\PowerISO\PWRISOVM.EXE

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\Program Files\Fichiers communs\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE

C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Memeo\AutoBackup\MemeoBackup.exe

c:\program files\fichiers communs\installshield\updateservice\isuspm.exe

C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\agent.exe

C:\Program Files\IncrediMail\bin\IMApp.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Documents and Settings\Al\Local Settings\Temporary Internet Files\Content.IE5\EGLNRFBX\RSIT[1].exe

C:\Program Files\Trend Micro\HijackThis\Al.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe

O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "E:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [setIcon] \Program Files\SMSC\Seticon.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [Adobe Photo Downloader] "E:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Profiler] C:\Program Files\Saitek\Software\Profiler.exe

O4 - HKLM\..\Run: [saiSmart] C:\Program Files\Saitek\Software\SaiSmart.exe

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE

O4 - HKLM\..\Run: [Video File] ldc26.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Fichiers communs\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup

O4 - HKLM\..\RunServices: [Video File] ldc26.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"

O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [MsgCenterExe] "C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe" -osboot

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: BUFFALO NAS Navigator.lnk = C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe

O4 - Startup: Memeo AutoBackup Launcher.lnk = C:\Program Files\Memeo\AutoBackup\MemeoLauncher.exe

O4 - Startup: NAS Scheduler.lnk = C:\Program Files\BUFFALO\NASNAVI\nassche.exe

O4 - Global Startup: Logo Calibration Loader.lnk = C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: ProfileReminder.lnk = C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe

O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm

O8 - Extra context menu item: Ajouter au fichier PDF existant - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir en Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000

O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll

O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O15 - Trusted Zone: http://www.redshift.maris.com

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwared...on_2_0_4_10.cab

O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} - http://www.photodex.com/pxplay.cab

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe

O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe (file missing)

O23 - Service: MEMEOI~1|Memeo AutoBackup (BMUService) - Memeo - C:\Program Files\Memeo\AutoBackup\MemeoService.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: NAS PM Service (NasPmService) - BUFFALO INC. - C:\Program Files\BUFFALO\NASNAVI\nassvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe

O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe

O23 - Service: ScsiAccess - Unknown owner - E:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe

 

--

End of file - 15325 bytes

 

======Scheduled tasks folder======

 

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

C:\WINDOWS\tasks\HPpromotions journeysoftware.job

C:\WINDOWS\tasks\User_Feed_Synchronization-{97A10ED4-7245-475B-B83B-51000F2468F6}.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]

RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-07-12 308856]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]

Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-01-28 1554256]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-12 320920]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-21 251504]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]

Adobe PDF Conversion Toolbar Helper - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2008-12-21 657904]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-12 34816]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-12 73728]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-21 251504]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Raccourci vers la page des propriétés de High Definition Audio"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]

"Adobe_ID0EYTHM"=C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2007-03-20 1884160]

"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

"atwtusb"=atwtusb.exe beta []

"Acrobat Assistant 8.0"=E:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2008-10-14 623992]

"SetIcon"=\Program Files\SMSC\Seticon.exe [2004-04-02 46080]

"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-12 136600]

"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-16 13529088]

"nwiz"=nwiz.exe /install []

"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-06-29 14720000]

"ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-08-09 221184]

"ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2004-08-09 81920]

"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-16 86016]

"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]

"Adobe Photo Downloader"=E:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe [2008-04-01 61440]

"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]

"Profiler"=C:\Program Files\Saitek\Software\Profiler.exe [2004-07-20 159744]

"SaiSmart"=C:\Program Files\Saitek\Software\SaiSmart.exe [2004-07-20 98304]

"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2008-11-02 167936]

"Video File"=ldc26.exe []

"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

"Corel Photo Downloader"=C:\Program Files\Fichiers communs\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [2007-08-28 531272]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2006-04-21 94208]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-10-27 68856]

"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE [2005-01-19 405583]

"Gadwin PrintScreen"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2007-08-20 495616]

"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-01-28 2097488]

"AdobeBridge"= []

"MsgCenterExe"=C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe [2008-07-12 69632]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

 

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage

Logo Calibration Loader.lnk - C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe

Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

ProfileReminder.lnk - C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe

 

C:\Documents and Settings\Al\Menu Démarrer\Programmes\Démarrage

BUFFALO NAS Navigator.lnk - C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe

Memeo AutoBackup Launcher.lnk - C:\Program Files\Memeo\AutoBackup\MemeoLauncher.exe

NAS Scheduler.lnk - C:\Program Files\BUFFALO\NASNAVI\nassche.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe"="C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server"

"C:\WINDOWS\Temp\NavBrowser.exe"="C:\WINDOWS\Temp\NavBrowser.exe:*:Enabled:NAVBrowser"

"E:\Program Files\e-on software\Vue 6 xStream\Application\Vue 6 xStream.eon"="E:\Program Files\e-on software\Vue 6 xStream\Application\Vue 6 xStream.eon:*:Enabled:Vue 6 xStream"

"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"

"E:\Program Files\Jeux\EA GAMES\MOHDA\MOHAA.exe"="E:\Program Files\Jeux\EA GAMES\MOHDA\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault"

"E:\Program Files\Jeux\EA GAMES\MOHDA\moh_spearhead.exe"="E:\Program Files\Jeux\EA GAMES\MOHDA\moh_spearhead.exe:*:Enabled:Medal of Honor Allied Assault Spearhead"

"E:\Program Files\Jeux\EA GAMES\MOHDA\moh_Breakthrough.exe"="E:\Program Files\Jeux\EA GAMES\MOHDA\moh_Breakthrough.exe:*:Enabled:Medal of Honor Allied Assault Breakthrough"

"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:*:Enabled:ActiveSync Connection Manager"

"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:*:Enabled:ActiveSync Application"

"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare"

"C:\Program Files\IncrediMail\bin\IMApp.exe"="C:\Program Files\IncrediMail\bin\IMApp.exe:*:Enabled:IncrediMail"

"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"

"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"

"C:\Documents and Settings\Al\Local Settings\Temporary Internet Files\Content.IE5\E6N4090Y\incredimail_install[1].exe"="C:\Documents and Settings\Al\Local Settings\Temporary Internet Files\Content.IE5\E6N4090Y\incredimail_install[1].exe:*:Enabled:IncrediMail Installer"

"C:\Documents and Settings\Al\Local Settings\Temp\32exmdnk30.exe"="C:\Documents and Settings\Al\Local Settings\Temp\32exmdnk30.exe:*:Disabled:32exmdnk30"

"E:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe"="E:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe:*:Enabled:Microsoft Flight Simulator"

"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"

"E:\Program Files\Activision Value\Soldier of Fortune Payback\sof3.exe"="E:\Program Files\Activision Value\Soldier of Fortune Payback\sof3.exe:*:Enabled:sof3"

"C:\Documents and Settings\Al\Local Settings\Temp\86exmdnk35.exe"="C:\Documents and Settings\Al\Local Settings\Temp\86exmdnk35.exe:*:Disabled:86exmdnk35"

"C:\Program Files\Opera\Opera.exe"="C:\Program Files\Opera\Opera.exe:*:Enabled:Opera Internet Browser"

"E:\Program Files\e-on software\VUE5 infinite\Application\Vue 5 Infinite.eon"="E:\Program Files\e-on software\VUE5 infinite\Application\Vue 5 Infinite.eon:*:Enabled:Vue 5 Infinite"

"E:\Program Files\e-on software\Vue 5 Infinite\Application\Vue 5 Infinite.eon"="E:\Program Files\e-on software\Vue 5 Infinite\Application\Vue 5 Infinite.eon:*:Enabled:Vue 5 Infinite"

"C:\Documents and Settings\Al\Local Settings\Temp\79exmdnk42.exe"="C:\Documents and Settings\Al\Local Settings\Temp\79exmdnk42.exe:*:Disabled:79exmdnk42"

"C:\Documents and Settings\Al\Local Settings\Temp\80exmdnk42.exe"="C:\Documents and Settings\Al\Local Settings\Temp\80exmdnk42.exe:*:Disabled:80exmdnk42"

"C:\Documents and Settings\Al\Local Settings\Temp\96exmdnk42.exe"="C:\Documents and Settings\Al\Local Settings\Temp\96exmdnk42.exe:*:Disabled:96exmdnk42"

"C:\Program Files\BitDownload\BitDownload.exe"="C:\Program Files\BitDownload\BitDownload.exe:*:Enabled:Torrent P2P application"

"C:\Documents and Settings\Al\Local Settings\Temp\11exmdnk42.exe"="C:\Documents and Settings\Al\Local Settings\Temp\11exmdnk42.exe:*:Disabled:11exmdnk42"

"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"

"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

"C:\Documents and Settings\Al\Local Settings\Temp\97exmdnk43.exe"="C:\Documents and Settings\Al\Local Settings\Temp\97exmdnk43.exe:*:Disabled:97exmdnk43"

"C:\Documents and Settings\Al\Local Settings\Temp\49exmdnk43.exe"="C:\Documents and Settings\Al\Local Settings\Temp\49exmdnk43.exe:*:Disabled:49exmdnk43"

"C:\Program Files\IncrediMail\bin\ImLc.exe"="C:\Program Files\IncrediMail\bin\ImLc.exe:*:Enabled:IncrediMail"

"C:\Program Files\IncrediMail\bin\ImPackr.exe"="C:\Program Files\IncrediMail\bin\ImPackr.exe:*:Enabled:IncrediMail"

"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

"E:\Program Files\Microsoft Games\Flight Simulator 9\FS9-1NoCD.EXE"="E:\Program Files\Microsoft Games\Flight Simulator 9\FS9-1NoCD.EXE:*:Enabled:Microsoft Flight Simulator"

"C:\Program Files\Kanopea Antispam\kaapp.exe"="C:\Program Files\Kanopea Antispam\kaapp.exe:*:Disabled:Kanopea Antispam Application"

"C:\Documents and Settings\Al\Local Settings\Temp\11exmdnk30.exe"="C:\Documents and Settings\Al\Local Settings\Temp\11exmdnk30.exe:*:Disabled:11exmdnk30"

"C:\Documents and Settings\Al\Local Settings\Temp\17exmdnk42.exe"="C:\Documents and Settings\Al\Local Settings\Temp\17exmdnk42.exe:*:Disabled:17exmdnk42"

"C:\Documents and Settings\Al\Local Settings\Temp\32exmdnk36.exe"="C:\Documents and Settings\Al\Local Settings\Temp\32exmdnk36.exe:*:Disabled:32exmdnk36"

"C:\Documents and Settings\Al\Local Settings\Temp\45exmdnk36.exe"="C:\Documents and Settings\Al\Local Settings\Temp\45exmdnk36.exe:*:Disabled:45exmdnk36"

"C:\Documents and Settings\Al\Local Settings\Temp\54exmdnk42.exe"="C:\Documents and Settings\Al\Local Settings\Temp\54exmdnk42.exe:*:Disabled:54exmdnk42"

"C:\Documents and Settings\Al\Local Settings\Temp\55exmdnk43.exe"="C:\Documents and Settings\Al\Local Settings\Temp\55exmdnk43.exe:*:Disabled:55exmdnk43"

"C:\Documents and Settings\Al\Local Settings\Temp\76exmdnk42.exe"="C:\Documents and Settings\Al\Local Settings\Temp\76exmdnk42.exe:*:Disabled:76exmdnk42"

"C:\Documents and Settings\Al\Local Settings\Temp\92exmdnk33.exe"="C:\Documents and Settings\Al\Local Settings\Temp\92exmdnk33.exe:*:Disabled:92exmdnk33"

"C:\Program Files\Magentic\bin\MgImp.exe"="C:\Program Files\Magentic\bin\MgImp.exe:*:Disabled:Magentic"

"C:\Program Files\Magentic\bin\MgApp.exe"="C:\Program Files\Magentic\bin\MgApp.exe:*:Disabled:Magentic"

"C:\Program Files\Magentic\bin\Magentic.exe"="C:\Program Files\Magentic\bin\Magentic.exe:*:Disabled:Magentic"

"C:\Program Files\SPAMfighter\SPAMCFG.exe"="C:\Program Files\SPAMfighter\SPAMCFG.exe:*:Enabled:Paramètres"

"C:\Program Files\Ultra Fractal 4\Uf4.exe"="C:\Program Files\Ultra Fractal 4\Uf4.exe:*:Enabled:Ultra Fractal 4"

"C:\Program Files\Activision Value\Battle for the Pacific\bftp.exe"="C:\Program Files\Activision Value\Battle for the Pacific\bftp.exe:*:Disabled:bftp"

"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\Binaries\MOHA.exe"="C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\Binaries\MOHA.exe:*:Enabled:Medal of Honor Airborne"

"E:\Program Files\e-on software\Application\Vue 5 Infinite.eon"="E:\Program Files\e-on software\Application\Vue 5 Infinite.eon:*:Enabled:Vue 5 Infinite"

"C:\Documents and Settings\Al\Mes documents\Temp\Jeux\nexuiz-242\Nexuiz\nexuiz.exe"="C:\Documents and Settings\Al\Mes documents\Temp\Jeux\nexuiz-242\Nexuiz\nexuiz.exe:*:Enabled:Nexuiz"

"E:\Program Files\Jeux\MAIET\Gunz\GunzLauncher.exe"="E:\Program Files\Jeux\MAIET\Gunz\GunzLauncher.exe:*:Enabled:GunzLauncher"

"C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe"="C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe:*:Enabled:Microsoft Flight Simulator"

"E:\Program Files\Microsoft Games\FS9\fs9.exe"="E:\Program Files\Microsoft Games\FS9\fs9.exe:*:Enabled:Microsoft Flight Simulator"

"C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe"="C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty® - World at War"

"C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe"="C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty® - World at War"

"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"

"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"

"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"

"C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe"="C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe:*:Enabled:BUFFALO NASNavigator2"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{673e5658-c981-11dc-8579-0014856896d0}]

shell\Auto\command - AdobeR.exe e

shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

 

 

======File associations======

 

.js - open - "E:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"

.reg - open - regedit.exe "%1" %*

.scr - open - "%1" %*

 

======List of files/folders created in the last 1 months======

 

2009-01-25 13:48:20 ----D---- C:\rsit

2009-01-25 02:25:05 ----HDC---- C:\WINDOWS\ie8

2009-01-24 15:46:48 ----D---- C:\Program Files\Avira

2009-01-24 15:46:48 ----D---- C:\Documents and Settings\All Users\Application Data\Avira

2009-01-24 08:56:54 ----D---- C:\Program Files\Trend Micro

2009-01-19 09:18:08 ----A---- C:\WINDOWS\ntbtlog.txt

2009-01-18 16:27:00 ----D---- C:\Program Files\splus

2009-01-18 03:04:42 ----A---- C:\WINDOWS\system32\wpcap.dll

2009-01-18 03:04:42 ----A---- C:\WINDOWS\system32\packet.dll

2009-01-17 16:15:41 ----D---- C:\Program Files\Fichiers communs\Corel

2009-01-17 15:43:25 ----D---- C:\Documents and Settings\Al\Application Data\Corel

2009-01-17 15:43:17 ----D---- C:\Documents and Settings\All Users\Application Data\Corel

2009-01-17 14:49:59 ----A---- C:\WINDOWS\WD120VM.DLL

2009-01-17 14:49:59 ----A---- C:\WINDOWS\WD120TEST.DLL

2009-01-17 14:49:59 ----A---- C:\WINDOWS\WD120STD.DLL

2009-01-17 14:49:59 ----A---- C:\WINDOWS\WD120IMG2.DLL

2009-01-17 14:49:59 ----A---- C:\WINDOWS\WD120IMG.DLL

2009-01-17 14:49:59 ----A---- C:\WINDOWS\WD120CPL.DLL

2009-01-17 14:49:59 ----A---- C:\WINDOWS\WD120COM.DLL

2009-01-17 06:21:15 ----D---- C:\Battle of Britain II

2009-01-17 06:14:04 ----A---- C:\tmp_err.txt

2009-01-17 06:14:04 ----A---- C:\bob_err.txt

2009-01-16 03:03:43 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$

2009-01-04 19:14:37 ----D---- C:\Program Files\Nufsoft

2009-01-04 10:29:37 ----D---- C:\Program Files\DVD Audio Extractor

2009-01-04 08:31:44 ----D---- C:\Documents and Settings\All Users\Application Data\Fallout3

2009-01-04 08:29:53 ----D---- C:\WINDOWS\system32\xlive

2009-01-02 19:06:55 ----D---- C:\Program Files\PowerISO

2009-01-02 10:56:50 ----D---- C:\Documents and Settings\Al\Application Data\FastStone

2009-01-01 12:46:22 ----D---- C:\~QTWTMP.TMP

2009-01-01 12:38:13 ----A---- C:\WINDOWS\DIAMAR.INI

2009-01-01 12:37:13 ----A---- C:\WINDOWS\uninst.exe

2008-12-30 22:29:52 ----A---- C:\WINDOWS\system32\REnum.exe

2008-12-30 22:29:51 ----A---- C:\WINDOWS\system32\SAIKICK.dll

2008-12-30 22:29:51 ----A---- C:\WINDOWS\system32\SAIHOOK.dll

2008-12-30 22:29:51 ----A---- C:\WINDOWS\system32\SAICFG.dll

2008-12-30 22:29:51 ----A---- C:\WINDOWS\system32\PrfAct.exe

2008-12-30 22:29:51 ----A---- C:\WINDOWS\system32\Nx.exe

2008-12-30 22:29:43 ----D---- C:\Program Files\Saitek

2008-12-30 22:29:43 ----A---- C:\WINDOWS\system32\atl70.dll

2008-12-30 22:26:50 ----RA---- C:\WINDOWS\system32\immpid.dll

2008-12-30 22:26:49 ----RA---- C:\WINDOWS\system32\immcpl.dll

2008-12-30 22:26:49 ----RA---- C:\WINDOWS\system32\imm_fre.dll

2008-12-30 22:26:49 ----RA---- C:\WINDOWS\system32\IFC23.dll

2008-12-30 22:26:48 ----RA---- C:\WINDOWS\system32\SaiFFB5.dll

2008-12-30 20:10:34 ----D---- C:\Program Files\BUFFALO

2008-12-30 20:09:49 ----D---- C:\Program Files\Memeo

2008-12-30 20:09:49 ----D---- C:\Documents and Settings\All Users\Application Data\Tanagra

2008-12-28 11:45:23 ----D---- C:\Documents and Settings\All Users\Application Data\DxO_Labs

2008-12-28 10:57:19 ----A---- C:\WINDOWS\system32\tsccvid.dll

2008-12-28 10:56:55 ----D---- C:\Program Files\XviD

2008-12-27 12:04:22 ----A---- C:\WINDOWS\RUN32TEST.DLL

2008-12-27 12:04:21 ----A---- C:\WINDOWS\RUN327.DLL

2008-12-27 12:04:20 ----A---- C:\WINDOWS\RUN326.DLL

2008-12-27 12:04:19 ----A---- C:\WINDOWS\RUN325.DLL

2008-12-27 12:04:17 ----A---- C:\WINDOWS\RUN324.DLL

2008-12-27 12:04:16 ----A---- C:\WINDOWS\RUN323.DLL

2008-12-27 12:04:12 ----A---- C:\WINDOWS\RUN322.DLL

2008-12-27 12:04:11 ----A---- C:\WINDOWS\RUN321.DLL

2008-12-27 08:41:52 ----A---- C:\WINDOWS\Adobe Photoshop CS4 Extended x32 and x64 with Activation_crack_multilanguage_tested_ok.exe

 

======List of files/folders modified in the last 1 months======

 

2009-01-25 13:48:25 ----D---- C:\WINDOWS\Prefetch

2009-01-25 12:15:32 ----D---- C:\WINDOWS\Temp

2009-01-25 12:12:19 ----D---- C:\WINDOWS

2009-01-25 09:25:59 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

2009-01-25 09:24:14 ----D---- C:\WINDOWS\system32\Lang

2009-01-25 09:24:06 ----D---- C:\WINDOWS\system32

2009-01-25 03:49:35 ----A---- C:\WINDOWS\SchedLgU.Txt

2009-01-25 02:32:51 ----SD---- C:\WINDOWS\Tasks

2009-01-25 02:29:06 ----D---- C:\WINDOWS\system32\fr-fr

2009-01-25 02:29:05 ----RSHDC---- C:\WINDOWS\system32\dllcache

2009-01-25 02:29:05 ----HD---- C:\WINDOWS\inf

2009-01-25 02:29:05 ----D---- C:\WINDOWS\Media

2009-01-25 02:29:05 ----D---- C:\WINDOWS\Help

2009-01-25 02:29:05 ----D---- C:\Program Files\Internet Explorer

2009-01-25 02:27:30 ----D---- C:\WINDOWS\system32\CatRoot2

2009-01-25 02:22:47 ----D---- C:\WINDOWS\Debug

2009-01-25 01:56:09 ----SD---- C:\WINDOWS\Downloaded Program Files

2009-01-25 01:54:47 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater

2009-01-24 19:27:35 ----A---- C:\WINDOWS\aiptbl.ini

2009-01-24 15:46:51 ----D---- C:\WINDOWS\system32\drivers

2009-01-24 15:46:48 ----RD---- C:\Program Files

2009-01-19 19:06:48 ----D---- C:\Documents and Settings\Al\Application Data\Mozilla

2009-01-19 09:15:13 ----D---- C:\Documents and Settings\Al\Application Data\Adobe

2009-01-19 09:08:26 ----SHD---- C:\WINDOWS\Installer

2009-01-19 09:08:26 ----HD---- C:\Config.Msi

2009-01-18 15:43:52 ----D---- C:\WINDOWS\WinSxS

2009-01-18 15:11:46 ----D---- C:\Documents and Settings\Al\Application Data\uTorrent

2009-01-18 04:54:47 ----D---- C:\Documents and Settings\Al\Application Data\bibble

2009-01-18 03:07:53 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP

2009-01-17 17:03:09 ----D---- C:\Program Files\Adobe

2009-01-17 17:00:05 ----D---- C:\Program Files\Fichiers communs\Adobe

2009-01-17 16:46:16 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe

2009-01-17 16:15:41 ----D---- C:\Program Files\Fichiers communs

2009-01-17 15:33:39 ----D---- C:\Documents and Settings\Al\Application Data\U3

2009-01-17 14:32:30 ----D---- C:\Program Files\DOFMaster

2009-01-17 11:04:15 ----D---- C:\WINDOWS\system

2009-01-17 09:45:00 ----D---- C:\Program Files\Ultra Fractal 4

2009-01-17 09:33:58 ----RSD---- C:\WINDOWS\Fonts

2009-01-17 09:13:33 ----D---- C:\Lop SD

2009-01-17 08:10:24 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2009-01-17 03:31:17 ----D---- C:\Program Files\eMule

2009-01-16 03:03:13 ----HD---- C:\WINDOWS\$hf_mig$

2009-01-15 17:43:20 ----D---- C:\Program Files\CCleaner

2009-01-10 19:54:39 ----ASD---- C:\Documents and Settings\All Users\Application Data\Microsoft

2009-01-10 19:54:39 ----AHD---- C:\Program Files\WindowsUpdate

2009-01-10 19:54:39 ----AD---- C:\Program Files\Outlook Express

2009-01-10 19:54:39 ----AD---- C:\Program Files\Fichiers communs\Microsoft Shared

2009-01-10 02:35:28 ----A---- C:\WINDOWS\system32\MRT.exe

2009-01-04 08:31:51 ----HD---- C:\Program Files\InstallShield Installation Information

2009-01-04 08:31:43 ----D---- C:\WINDOWS\system32\DirectX

2009-01-04 08:31:21 ----RSD---- C:\WINDOWS\assembly

2009-01-04 08:08:14 ----A---- C:\WINDOWS\NeroDigital.ini

2009-01-02 19:37:18 ----D---- C:\Program Files\WinRAR

2009-01-01 13:50:57 ----D---- C:\Program Files\Microsoft Games

2009-01-01 13:40:26 ----SD---- C:\Documents and Settings\Al\Application Data\Microsoft

2008-12-31 17:39:26 ----A---- C:\WINDOWS\NAVIGMA.INI

2008-12-30 22:26:47 ----D---- C:\WINDOWS\system32\ReinstallBackups

2008-12-27 08:43:35 ----A---- C:\WINDOWS\SP96.DLL

2008-12-27 08:43:35 ----A---- C:\WINDOWS\SP53.DLL

2008-12-27 08:43:35 ----A---- C:\WINDOWS\SP44.DLL

2008-12-27 08:43:34 ----A---- C:\WINDOWS\WD120OLE.DLL

2008-12-27 08:43:34 ----A---- C:\WINDOWS\SP88.DLL

2008-12-27 08:43:33 ----A---- C:\WINDOWS\WD120OBJ.DLL

2008-12-27 08:43:05 ----A---- C:\WINDOWS\SP86.DLL

2008-12-27 08:42:30 ----A---- C:\WINDOWS\SP45.DLL

2008-12-27 08:42:28 ----A---- C:\WINDOWS\SP25.DLL

2008-12-27 08:42:27 ----A---- C:\WINDOWS\SP12.DLL

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []

R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072]

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]

R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]

R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-11-02 56572]

R1 sonypvf2;sonypvf2; C:\WINDOWS\system32\drivers\sonypvf2.sys [2003-08-20 635012]

R1 sonypvt2;sonypvt2; C:\WINDOWS\system32\drivers\sonypvt2.sys [2003-08-20 431236]

R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]

R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CDAC15BA.SYS []

R2 PDIHWCTL;PDIHWCTL; \??\C:\WINDOWS\system32\drivers\pdihwctl.sys []

R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]

R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []

R3 E100B;Intel® PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2005-03-05 157696]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]

R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]

R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]

R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]

R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-06-29 3173888]

R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12288]

R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]

R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-16 6557408]

R3 P1120VID;Creative WebCam NX Ultra; C:\WINDOWS\system32\DRIVERS\P1120Vid.sys [2004-01-12 1252474]

R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-10-27 47360]

R3 SaiMini;SaiMini; C:\WINDOWS\system32\DRIVERS\SaiMini.sys [2004-07-20 15616]

R3 SaiNtBus;SaiNtBus; C:\WINDOWS\system32\drivers\SaiNtBus.sys [2004-07-20 26752]

R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]

R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

S2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys []

S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]

S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-12-05 2782208]

S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]

S3 catchme;catchme; \??\C:\DOCUME~1\Al\LOCALS~1\Temp\catchme.sys []

S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []

S3 eyeonedp;eye-one display; C:\WINDOWS\system32\DRIVERS\eyeonedp.sys [2006-01-30 44344]

S3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]

S3 i1display;i1 Display; C:\WINDOWS\System32\Drivers\i1display.sys [2004-10-15 44344]

S3 imhidusb;Immersion's HID USB Driver; C:\WINDOWS\system32\DRIVERS\imhidusb.sys [2004-08-16 30984]

S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]

S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]

S3 NPF;Netgroup Packet Filter; C:\WINDOWS\system32\drivers\npf.sys [2009-01-18 42512]

S3 SaiHFFB5;SaiHFFB5; C:\WINDOWS\system32\DRIVERS\SaiHFFB5.sys [2004-08-16 56576]

S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2004-06-28 42752]

S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]

S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]

S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-03-02 32128]

S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]

R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]

R2 BMUService;MEMEOI~1|Memeo AutoBackup; C:\Program Files\Memeo\AutoBackup\MemeoService.exe [2007-04-07 31768]

R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]

R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2007-01-31 96370]

R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-25 168432]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-12 152984]

R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]

R2 NasPmService;NAS PM Service; C:\Program Files\BUFFALO\NASNAVI\nassvc.exe [2008-02-29 245760]

R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-16 159812]

R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]

R2 PnkBstrA;PunkBuster; C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe [2007-08-15 63040]

R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2006-11-02 174656]

R2 ScsiAccess;ScsiAccess; E:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe [2007-12-18 181312]

R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-12-25 655624]

R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]

S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe []

S2 P1C1394;Phase One 1394 Camera Driver; C:\WINDOWS\System32\Drivers\p1c1394.sys []

S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-10-27 72704]

S3 Adobe Version Cue CS3;Adobe Version Cue CS3 {fr_FR} ; C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [2007-03-20 153792]

S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]

S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]

S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

 

-----------------EOF-----------------

 

 

info.txt logfile of random's system information tool 1.05 2009-01-25 13:48:31

 

======Uninstall list======

 

-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL

-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\NewSoft\Presto! BizCard Fre\Uninst.isu" -c"C:\WINDOWS\StiRegstFre.dll"

-->C:\WINDOWS\uninst.exe -f"e:\program files\Cours photo\DeIsL1.isu"

-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL

-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL

-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL

-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL

-->C:\WINDOWS\UNRecode.exe /UNINSTALL

-->MsiExec /X{65F1CF63-31E0-450B-96F3-4A88BE7361A6}

-->MsiExec.exe /X{57922B53-02D4-4DFC-AC24-A3519DC1F49A}

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

55mm v5 for Adobe Photoshop & Compatible Applications-->C:\WINDOWS\unvise32.exe E:\PROGRAM FILES\ADOBE\ADOBE PHOTOSHOP CS3\MODULES EXTERNES\55mm_v5_uninstal.log

ABBYY FineReader 5.0 Sprint-->MsiExec.exe /X{D1696920-9794-4BBC-8A30-7A88763DE5A2}

Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}

Adobe After Effects CS3 Presets-->MsiExec.exe /I{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}

Adobe After Effects CS3 Third Party Content-->MsiExec.exe /I{7ECEF10B-F1C2-4FD5-861F-A3FCB4653304}

Adobe After Effects CS3-->C:\Program Files\Fichiers communs\Adobe\Installers\5d83aea83f5009a0d267d337e3f55fe\Setup.exe

Adobe After Effects CS3-->MsiExec.exe /I{EB0202F7-016A-410C-ADE4-40F848CCC661}

Adobe AIR-->C:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall

Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}

Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}

Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}

Adobe Bridge 1.0-->MsiExec.exe /I{AE3D38A6-13B1-40B3-9423-D1FA9982FB6A}

Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}

Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}

Adobe BridgeTalk Plugin CS3-->MsiExec.exe /I{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}

Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}

Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}

Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}

Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}

Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2}

Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}

Adobe Color NA Extra Settings-->MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}

Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}

Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5102}

Adobe Creative Suite 3 Design Premium-->MsiExec.exe /I{B1EF7B00-8FCC-4209-BFB6-37C50B354B2A}

Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}

Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}

Adobe Dreamweaver CS3-->MsiExec.exe /I{4BDB76C6-902E-41D5-9064-68768E02886B}

Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}

Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}

Adobe Flash CS3-->MsiExec.exe /I{80FD3971-8482-49C8-BA8C-B6464A15882F}

Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Flash Video Encoder-->MsiExec.exe /I{1B0BCA28-1F11-4D60-8A2F-DEBE04B5341E}

Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}

Adobe Help Center 2.0-->MsiExec.exe /I{8FFC924C-ED06-44CB-8867-3CA778ECE903}

Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}

Adobe Illustrator CS3-->MsiExec.exe /I{6E08CE13-C2AB-4749-9335-5900B958929E}

Adobe InDesign CS3 Icon Handler-->MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}

Adobe InDesign CS3-->MsiExec.exe /I{FE8327F9-3AC1-4586-8C7E-3DEE2BC92441}

Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}

Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}

Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}

Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}

Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}

Adobe Photoshop Lightroom 2.2-->MsiExec.exe /I{A4EE4223-98B1-4874-BA6E-E8A574F9C0FF}

Adobe Premiere Pro 2.0-->msiexec /I {FA17A726-B229-4116-B793-A2AB1A4EAE2E}

Adobe Premiere Pro CS3 Functional Content-->MsiExec.exe /I{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}

Adobe Premiere Pro CS3 Third Party Content-->MsiExec.exe /I{485ACF57-F364-440A-8496-E1E81C8FA1AA}

Adobe Premiere Pro CS3-->C:\Program Files\Fichiers communs\Adobe\Installers\32fdd767b4383606e8168e834af5d90\Setup.exe

Adobe Premiere Pro CS3-->MsiExec.exe /I{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}

Adobe Setup-->MsiExec.exe /I{84D58782-A2F0-47D4-A557-3041363893CF}

Adobe Setup-->MsiExec.exe /I{9D3F3D5A-BE6D-48C4-B51E-E2D6753ABCDE}

Adobe Setup-->MsiExec.exe /I{BB81360F-041C-4CF7-B15E-71380D154244}

Adobe Setup-->MsiExec.exe /I{F1C9C7F7-0D56-40B2-A276-152762D39BCA}

Adobe SING CS3-->MsiExec.exe /I{B671CBFD-4109-4D35-9252-3062D3CCB7B2}

Adobe Soundbooth CS3 Codecs-->MsiExec.exe /I{0327FA9D-975C-448C-A086-577D57BB25B8}

Adobe Soundbooth CS3-->C:\Program Files\Fichiers communs\Adobe\Installers\a2d19e6e015da53f697cb97ae89ca85\Setup.exe

Adobe Soundbooth CS3-->MsiExec.exe /I{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}

Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1437-443D-B06E-79A00FE45110}

Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}

Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}

Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}

Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}

Adobe Version Cue CS3 Server-->MsiExec.exe /I{1D58229F-C505-45CA-8223-F35F3A34B963}

Adobe WAS CS3-->MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE}

Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}

Adobe XMP DVA Panels CS3-->MsiExec.exe /I{0224CACC-994D-45F8-B973-D65056EA9C2F}

Adobe XMP Panels CS3-->MsiExec.exe /I{D5A31AB1-345D-47C7-A87B-036A669F6DF1}

AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}

Aeroworx Beechcraft Super King Air B200-->C:\WINDOWS\iun6002.exe "E:\Program Files\Microsoft Games\Flight Simulator 9\Aeroworx\irunin.ini"

AGEIA PhysX v7.07.09-->MsiExec.exe /X{65F1CF63-31E0-450B-96F3-4A88BE7361A6}

AHV content for Acrobat and Flash-->MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}

Airbus A319 - 111-->E:\Program Files\Microsoft Games\Flight Simulator 9\Désinstaller Airbus A319 - 111.exe

Airbus A380-800 Palestinian Airlines-->E:\Program Files\Microsoft Games\Flight Simulator 9\Désinstaller Airbus A380-800 Palestinian Airlines.exe

Airbus Pro Pack V2.0-->E:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal.exe

Ajouter ou supprimer Adobe Creative Suite 3 Design Premium-->C:\Program Files\Fichiers communs\Adobe\Installers\e79070e1ef25043cbd93191267ecaf0\Setup.exe

Alien Skin Xenofex 2.0 Demo-->E:\PROGRA~1\Adobe\ADOBEP~1\MODULE~1\ALIENS~1\Unwise32.exe E:\PROGRA~1\Adobe\ADOBEP~1\MODULE~1\ALIENS~1\INSTALL.LOG

Analyseur et SDK MSXML 4.0 SP2-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}

Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}

Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}

Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe

ATR42-500-->E:\Program Files\Microsoft Games\Flight Simulator 9\ATR42-500.exe

Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE

Battle for the Pacific-->MsiExec.exe /X{3C6DDE5E-EAF8-4651-9951-ED591F6A8510}

Battle of Britain II-->E:\PROGRA~1\MICROS~1\BATTLE~1\UNWISE.EXE E:\PROGRA~1\MICROS~1\BATTLE~1\tempwp.log

Beechcraft C-45G "Expediter" USAF-->E:\Program Files\Microsoft Games\Flight Simulator 9\Désinstaller_Beechcraft_C-45G-1.exe

Beechcraft King Air Blackhawk C90BXP-->E:\Program Files\Microsoft Games\Flight Simulator 9\Beechcraft King Air Blackhawk C90BXP.exe

Bibble Pro-->C:\WINDOWS\unvise32.exe E:\Program Files\Bibble Labs\Prouninstal.log

Boeing 747-400 JAL CARGO-->E:\Program Files\Microsoft Games\Flight Simulator 9\Désinstaller Boeing 747-400 JAL CARGO.exe

Boeing 767-300ER-->E:\Program Files\Microsoft Games\Flight Simulator 9\Désinstaller Boeing 767-300ER.exe

Boeing 767-400 World Tour-->E:\Program Files\Microsoft Games\Flight Simulator 9\Désinstaller Boeing 767-400 World Tour.exe

Boeing F/A 18E Super Hornet-->E:\Program Files\Microsoft Games\Flight Simulator 9\Désinstaller Boeing F-A 18E Super Hornet.exe

Boeing iFly747-400-->E:\Program Files\Microsoft Games\Flight Simulator 9\Boeing iFly747-400.exe

Bombardier CRJ-200 Air France-->E:\Program Files\Microsoft Games\Flight Simulator 9\Désinstaller Bombardier CRJ-200 Air France.exe

Bombardier CRJ-900 House Colours-->E:\Program Files\Microsoft Games\Flight Simulator 9\Désinstaller Bombardier CRJ-900 House Colours.exe

Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}

BUFFALO LinkStation(LS-WTGL/R1) Setup Guide-->C:\WINDOWS\UN080307.EXE /U

BUFFALO NAS Navigator-->C:\WINDOWS\UN060501.EXE /U

Call of Duty® - World at War-->C:\Program Files\InstallShield Installation Information\{D80A6A73-E58A-4673-AFF5-F12D7110661F}\setup.exe -runfromtemp -l0x040c

Call of Duty® 4 - Modern Warfare-->C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x040c

Call of Duty-->E:\PROGRA~1\Jeux\CALLOF~2\Uninstall\Unwise.exe /u E:\PROGRA~1\Jeux\CALLOF~2\Uninstall\Install.log

Canon Camera Access Library-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini"

Canon Camera Support Core Library-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini"

Canon G.726 WMP-Decoder-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\G726Decoder\G726DecUnInstall.ini"

Canon i865-->C:\WINDOWS\system32\CNMCP5m.exe "-PRINTERNAMECanon i865" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon i865 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon i865 Installer\Inst2\cnmi040c.dll"

CANON iMAGE GATEWAY Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CRWUnInstall.ini"

Canon Internet Library for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CIGUnInstall.ini"

Canon MovieEdit Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\MVWUninst.ini"

Canon RAW Image Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini"

Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini"

Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"

Canon Utilities CameraWindow DC-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDC\Uninst.ini"

Canon Utilities CameraWindow-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowLauncher\Uninst.ini"

Canon Utilities Digital Photo Professional 3.2-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\Digital Photo Professional\Uninst.ini"

Canon Utilities EOS Utility-->"C:\Program Files\Fichiers communs\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini"

Canon Utilities MyCamera DC-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\MyCameraDC\Uninst.ini"

Canon Utilities MyCamera-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\MyCamera\Uninst.ini"

Canon Utilities Original Data Security Tools-->"C:\Program Files\Fichiers communs\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\Original Data Security Tools\Uninst.ini"

Canon Utilities PhotoStitch-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini"

Canon Utilities Picture Style Editor-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\Picture Style Editor\Uninst.ini"

Canon Utilities RemoteCapture DC-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureDC\Uninst.ini"

Canon Utilities RemoteCapture Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"

Canon Utilities ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini"

Canon ZoomBrowser EX Memory Card Utility-->"C:\Program Files\Fichiers communs\Canon\UIW\1.3.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX MCU\Uninst.ini"

Card Reader Software-->MsiExec.exe /I{CFA9C1EE-8D76-477E-9E26-D24C26F11F47}

CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"

ContrastMaster 1.0-->"C:\Program Files\ContrastMaster\unins000.exe"

CopyRightLeft 0.4 Beta-->"E:\Program Files\CopyRightLeft\unins000.exe"

Corel Paint Shop Pro Photo X2-->MsiExec.exe /X{64E72FB1-2343-4977-B4A8-262CD53D0BD3}

Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"

Creative WebCam NX Ultra Driver (1.01.03.0112)-->C:\WINDOWS\CtDrvIns.exe -uninstall -script Pd1120.uns -unsext NT -plugin P1120Pin.dll -pluginres P1120Pin.crl

Cube-->"E:\Program Files\Jeux\Cube\uninstall.exe"

Dassault Mercure-->E:\Program Files\Microsoft Games\Flight Simulator 9\Dassault Mercure.exe

DeMoirize-->E:\PROGRA~1\Adobe\ADOBEP~1\DEMOIR~1\UNWISE.EXE E:\PROGRA~1\Adobe\ADOBEP~1\DEMOIR~1\INSTALL.LOG

DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN

DOFMaster-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\DOFMaster\Uninst.isu"

DreamSuite Series2-->C:\WINDOWS\unvise32.exe C:\DS2Uninstall.log

DVD Audio Extractor 4.5.0-->"C:\Program Files\DVD Audio Extractor\unins000.exe"

DVDFab Platinum 3.1.4.0-->"C:\Program Files\DVDFab Platinum 3\unins000.exe"

DxO FilmPack 1.2.0-->MsiExec.exe /I{0D801AB5-6FAD-40D8-86CD-F7B8963B623A}

DxO Optics Pro 5.3.1-->MsiExec.exe /X{5A0D71BC-3AB0-4BC1-B241-CABE11EEE731}

DxO Optics Pro Photoshop Import Plugin 2.0-->MsiExec.exe /I{0D801AB5-0CA0-4471-B2B6-B9F4A363EE9F}

eMule-->"C:\Program Files\eMule\Uninstall.exe"

Eye-One Diagnostics-->"C:\Program Files\GretagMacbeth\i1\Eye-One Diagnostics\unins000.exe"

Eye-One Match 3.6.2-->"C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\unins000.exe"

Eye-One Share-->C:\PROGRA~1\GRETAG~1\i1\i1Share\UNWISE.EXE C:\PROGRA~1\GRETAG~1\i1\i1Share\INSTALL.LOG

F-14d_Tomcat&Porte_avion-->E:\Program Files\Microsoft Games\Flight Simulator 9\F-14d_Tomcat&Porte_avion.exe

falcon50-->E:\Program Files\Microsoft Games\Flight Simulator 9\falcon50.exe

Fallout 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{974C4B12-4D02-4879-85E0-61C95CC63E9E}\setup.exe" -l0x9 -removeonly

FastStone Image Viewer 3.6-->E:\Program Files\FastStone Image Viewer\uninst.exe

Filters Unlimited 2.0-->"E:\Program Files\Adobe\Adobe Photoshop CS3\Modules externes\Filters Unlimited 2.0\unins000.exe"

Fly The Learjet 60-->E:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal.exe

Gadwin PrintScreen-->C:\Program Files\Gadwin Systems\PrintScreen\Uninstall.exe

Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall

Graphics-Pad MD 41217-->Rmtablet USB

guinnessDropletSaver Screen Saver-->C:\WINDOWS\guinnessDropletSaver.scr /u

guinSaver Screen Saver-->C:\WINDOWS\guinSaver.scr /u

HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

HP Deskjet 5900 series-->C:\Program Files\HP\Digital Imaging\{79546A5F-AE7C-4693-8670-A3401B43ABD2}\setup\hpzscr01.exe -datfile hpfscr05.dat

HP Image Zone 5.0-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat

HP Imaging Device Functions 7.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat

HP Product Assistant-->MsiExec.exe /I{36FDBE6E-6684-462B-AE98-9A39A1B200CC}

HP Scanjet G4000 series 8.0-->C:\Program Files\HP\Digital Imaging\{38D56396-298F-4874-B4EC-16B530B07879}\setup\hpzscr01.exe -datfile hpgscr17.dat

HP Solution Center 7.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat

HP Update-->MsiExec.exe /X{FE57DE70-95DE-4B64-9266-84DA811053DB}

i1ColorPoint 1.0-->C:\PROGRA~1\GRETAG~1\i1\I1COLO~1\UNWISE.EXE C:\PROGRA~1\GRETAG~1\i1\I1COLO~1\INSTALL.LOG

IncrediMail-->C:\Program Files\IncrediMail\bin\ImSetup.exe /remove /addon:IncrediMail /log:IncMail.log

INFORAD MANAGER 3.3-->"C:\Program Files\INFORAD\unins000.exe"

Intel® PRO Network Connections Drivers-->Prounstl.exe

Interlok driver setup x32-->MsiExec.exe /X{25613C10-27D2-410B-942B-D922D5C3A7BE}

IsoBuster 2.3-->"C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"

iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}

J2SE Runtime Environment 5.0-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000}

Java 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}

Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}

Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}

Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}

Just Flight Traffic 2004 v1.01-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8652A40B-E11E-4A8C-BD41-D279363D1C32}\setup.exe" -l0x40c

Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

Lightroom-->MsiExec.exe /I{D4134B0B-EA9B-4835-A77A-60BEE6277101}

Livebox-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe" -l0x40c

Ma-Config.com plugin-->MsiExec.exe /I{BC2D90DE-8D75-4DEB-8865-B4F710CD4ABA}

Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

Mask Pro 4.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2DFAC810-6DD8-4E23-96A4-BEB118408203}\setup.exe" -l0x9 -uninst -removeonly

Medal of Honor Airborne-->MsiExec.exe /X{25F28E39-FDBB-11DB-8314-0800200C9A66}

Medal of Honor Débarquement allié En Formation-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7914BE1E-F186-4790-B8F4-9F63C52A41C1}\Setup.exe" -l0x40c

Medal of Honor Débarquement Allié l'Offensive-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{823A68CC-3049-4A6B-8F63-7DC85E4BB1C9}\Setup.exe" -l0x40c

Medal of Honor débarquement allié-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DEA94ED-915A-4834-A87E-388D012C8E02}\Setup.exe" -l0x40c

Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}

Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"

Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}

Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}

Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}

Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}

Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}

Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

Microsoft ActiveSync 3.8-->"C:\WINDOWS\ISUN040C.EXE" -f"C:\Program Files\Microsoft ActiveSync\DeIsL1.isu" -c"C:\Program Files\Microsoft ActiveSync\ceuninst.dll"

Microsoft Combat Flight Simulator 2-->"C:\Program Files\Microsoft Games\Combat Flight Simulator 2\UNINSTAL.EXE" /runtemp /addremove

Microsoft Flight Simulator 2004 Un siècle d'aviation-->"E:\Program Files\Microsoft Games\Flight Simulator 9\UNINSTAL.EXE" /runtemp /addremove

Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}

Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"

Microsoft Money-->C:\Program Files\Microsoft Money 2005\MNYCoreFiles\Setup\uninst.exe /s:120

Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"

Microsoft Office XP Professional-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0050048383C9}

Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}

Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"

Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"

Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe

MP Manager-->MsiExec.exe /X{F5ABDD2A-122C-4B61-8074-22E84D0F4B39}

MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}

Nature Illusion Studio-->"C:\Program Files\Nufsoft\NatureStudio\Uninstall.exe"

Navilog1 3.5.8-->"C:\Program Files\Navilog1\unins000.exe"

Nero 7 Premium-->MsiExec.exe /I{70AB1576-7883-2313-C650-7A71270B1036}

Noiseware Professional Plug-in-->MsiExec.exe /I{A0B70B7A-6698-4C79-8E32-EB13987066A3}

NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI

OCR Software by I.R.I.S 8.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat

Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall

Panel A380-->E:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal.exe

Parlons Anglais 7.0-->C:\PROGRA~1\LSEF7\UNWISE.EXE C:\PROGRA~1\LSEF7\INSTALL.LOG

PD Particles-->C:\WINDOWS\ST5UNST.EXE -n "C:\Program Files\PD Particles\ST5UNST.LOG"

PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}

Perf2480P_2580P Guide de réf.-->C:\Program Files\EPSON\TPMANUAL\Perf2480P_2580P\REF_G\DOCUNINS.EXE

PhotoImpression 5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{66C8BE35-8BBB-472B-96C7-C7C9A499F988}\SETUP.EXE" -l0x40c

Photomatix Pro version 2.5.3-->"E:\Program Files\Photomatix\unins000.exe"

Photomatix Pro version 3.0.2-->"E:\Program Files\Photomatix\PhotomatixPro3\unins000.exe"

PMDG - MD -11-->E:\PROGRAM FILES\MICROSOFT GAMES\FLIGHT SIMULATOR 9\Uninstal.exe

Portrait Professional 6.3-->"E:\Program Files\Portrait Professional 6\unins000.exe"

PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"

Presto! BizCard 4.1 Fre-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\NewSoft\Presto! BizCard Fre\Uninst.isu"

ProShow Producer-->E:\Program Files\Photodex\ProShowProducer\proshow.exe . -u

QuickTime 3.0-->C:\WINDOWS\unin040c.exe -f"C:\Program Files\QuickTime\DeIsL1.isu" -c"C:\WINDOWS\system32\QTUninst.dll

QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}

rafale-->E:\Program Files\Microsoft Games\Flight Simulator 9\rafale.exe

RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

REALVIZ Stitcher Unlimited 5.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF22E5F5-908B-42E3-A448-D74D42D5B290}\Setup.exe" -l0x40c UNINSTALL

RedShift 6 Découverte-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{92B8D056-3B61-40E8-97B4-062BEAFFD7AB}\Setup.EXE" -l0x40c

RescuePRO Deluxe 4.0-->C:\WINDOWS\iun507.exe D:\Program Files\RescuePRO Deluxe\irunin.ini

Rockwell OV-10C Bronco-->E:\Program Files\Microsoft Games\Flight Simulator 9\Rockwell OV-10C Bronco.exe

ScanToWeb-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\setup.exe" ADDREMOVEDLG

screensaver-->C:\WINDOWS\system32\screensaver.scr /u

Sketch-->"C:\Program Files\AKVIS\Sketch\Uninstall\Uninstall.exe" "C:\Program Files\AKVIS\Sketch\Uninstall\install.log" -u

Soldier of Fortune Payback-->MsiExec.exe /X{11BFB898-71E5-488A-A8FF-0E462667FB72}

Sony DVD Handycam USB Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6F845B05-8B76-4302-A808-7FB21E2BC5E6}\Setup.exe" UNINSTALL

Sony USB Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\Setup.exe" UNINSTALL

Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"

SST Programming Software-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{03ADCA1C-BCF0-4B12-AFCF-8EBF2CB3AB07}\setup.exe" AddRem

Styles XP (remove only)-->"C:\Program Files\tgtsoft\stylesxp\stylesxp-uninstall.exe"

Suppress plus 1.8-->"C:\Program Files\splus\unins000.exe"

TeLL me More-->"C:\TELL ME MORE SI\Bin\unsetup.exe" -file "C:\TELL ME MORE SI\unsetup.aui"

Texture Maker-->E:\Program Files\Texture Maker\uninstall.exe

The Ultimate American A300-600R Package-->E:\Program Files\Microsoft Games\Flight Simulator 9\Désinstaller The Ultimate American A300-600R Package.exe

Topaz Vivacity-->MsiExec.exe /I{C13A8E73-7E98-4295-BA94-6931701CD1F9}

Torture Cérébrale-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1D7CA81A-E1D8-4C8E-A98E-7EBE68B137EB}\setup.exe" -l0x40c -removeonly

Ultra Fractal 4.04-->C:\Program Files\Ultra Fractal 4\Uninst.exe

Uninstall DreamSuite-->C:\WINDOWS\unvise32.exe E:\Program Files\Adobe\Adobe Photoshop CS3\Modules externes\DreamSuite\DreamSuite Uninstall.log

Uninstall Mystical-->C:\WINDOWS\unvise32.exe e:\program files\adobe\adobe photoshop cs3\Mystical\Mystical Uninstall.log

Uninstall MysticalTTC-->C:\WINDOWS\unvise32.exe E:\PROGRAM FILES\ADOBE\ADOBE PHOTOSHOP CS3\MODULES EXTERNES\MysticalTTC\MysticalTTC Uninstall.log

UxTheme Multipatcher Fr-->C:\Program Files\UxTheme Multipatcher Fr\uninstall.exe

Vertus Fluid Mask 3 2.100.2-RC2-->"E:\Program Files\Vertus Fluid Mask 3\Uninstall.exe"

VideoLAN VLC media player 0.8.6i-->C:\Program Files\VideoLAN\VLC\uninstall.exe

Visual C++ CRT 9.0-->MsiExec.exe /I{9ED38F62-7A50-4145-8C5D-0FCFFBF10A7B}

Vue 5 Infinite-->E:\Program Files\e-on software\Uninstall.exe

Vue 6 xStream 32bit-->E:\Program Files\e-on software\Vue 6 xStream\\Uninstall.exe

Vue 7-->E:\Program Files\e-on software\Vue 7\Uninstall.exe

waterzone-->E:\Program Files\Microsoft Games\Flight Simulator 9\waterzone.exe

Windows Internet Explorer 8 Beta 2-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"

Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"

Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"

Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}

Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

XSDrive Format Setup-->MsiExec.exe /I{845F2404-41D3-4573-8A2A-AE1544F42E43}

XviD MPEG-4 Video Codec-->"C:\Program Files\XviD\unins000.exe"

 

=====HijackThis Backups=====

 

O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contrôleur de DownloadManager) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.1.6.cab

 

======Security center information======

 

AV: Avira AntiVir PersonalEdition Classic

 

System event log

 

Computer Name: ALAIN

Event Code: 51

Message: Une erreur a été détectée sur le périphérique \Device\Harddisk3\D au cours d'une opération de pagination.

 

Record Number: 204023

Source Name: Disk

Time Written: 20081228013053.000000+060

Event Type: Avertissement

User:

 

Computer Name: ALAIN

Event Code: 51

Message: Une erreur a été détectée sur le périphérique \Device\Harddisk3\D au cours d'une opération de pagination.

 

Record Number: 204022

Source Name: Disk

Time Written: 20081228013053.000000+060

Event Type: Avertissement

User:

 

Computer Name: ALAIN

Event Code: 51

Message: Une erreur a été détectée sur le périphérique \Device\Harddisk3\D au cours d'une opération de pagination.

 

Record Number: 204021

Source Name: Disk

Time Written: 20081228013053.000000+060

Event Type: Avertissement

User:

 

Computer Name: ALAIN

Event Code: 51

Message: Une erreur a été détectée sur le périphérique \Device\Harddisk3\D au cours d'une opération de pagination.

 

Record Number: 204020

Source Name: Disk

Time Written: 20081228013053.000000+060

Event Type: Avertissement

User:

 

Computer Name: ALAIN

Event Code: 51

Message: Une erreur a été détectée sur le périphérique \Device\Harddisk3\D au cours d'une opération de pagination.

 

Record Number: 204019

Source Name: Disk

Time Written: 20081228013053.000000+060

Event Type: Avertissement

User:

 

Application event log

 

Computer Name: ALAIN

Event Code: 4096

Message: Le service AntiVir a bien démarré!

 

Record Number: 3468

Source Name: Avira AntiVir

Time Written: 20080430181757.000000+120

Event Type: Informations

User: AUTORITE NT\SYSTEM

 

Computer Name: ALAIN

Event Code: 1800

Message: Le service Centre de sécurité Windows a démarré.

 

Record Number: 3467

Source Name: SecurityCenter

Time Written: 20080428184913.000000+120

Event Type: Informations

User:

 

Computer Name: ALAIN

Event Code: 0

Message:

Record Number: 3466

Source Name: gusvc

Time Written: 20080428184909.000000+120

Event Type: Informations

User:

 

Computer Name: ALAIN

Event Code: 1

Message:

Record Number: 3465

Source Name: Bonjour Service

Time Written: 20080428184909.000000+120

Event Type: Informations

User:

 

Computer Name: ALAIN

Event Code: 4096

Message: Le service AntiVir a bien démarré!

 

Record Number: 3464

Source Name: Avira AntiVir

Time Written: 20080428184906.000000+120

Event Type: Informations

User: AUTORITE NT\SYSTEM

 

======Environment variables======

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;C:\Program Files\Fichiers communs\Adobe\AGL;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Smart Projects\IsoBuster;C:\Program Files\QuickTime\QTSystem\

"windir"=%SystemRoot%

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=15

"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 4, GenuineIntel

"PROCESSOR_REVISION"=0404

"NUMBER_OF_PROCESSORS"=2

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

 

-----------------EOF-----------------

 

Falkra Devil Member !

Falkra

Posté(e)
Posté(e)

Il y a plein de choses à faire.

Fan d'Adobe, lol. Espérons pour ta machine que ce soit sans cracks, sinon ça pourrait venir de là, l'infection.

 

Le logiciel qui suit n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.

Ne pas utiliser en dehors de ce cas de figure ou seul : dangereux.

 

Télécharge combofix.exe de sUBs et sauvegarde le sur ton bureau (et pas ailleurs).

  • Assure toi que tous les programmes sont fermés avant de commencer.
  • Double-clique combofix.exe afin de l'exécuter.
  • Clique sur "Oui" au message de Limitation de Garantie qui s'affiche.
  • Si on te propose de redémarrer parc qu'un rootkit a été trouvé, fais-le.
  • On va te proposer de télécharger et installer la console de récupération, clique sur "Oui" au message, autorise le téléchargement dans ton firewall si demandé, puis accepte le message de contrat utilisateur final.
  • Le bureau disparaît, c'est normal, et il va revenir.
  • Ne ferme pas la fenêtre qui s'ouvre, tu te retrouverais avec un bureau vide.
  • Lorsque l'analyse sera terminée, un rapport apparaîtra.
  • Copie-colle ce rapport dans ta prochaine réponse.
    Le rapport se trouve dans : C:\Combofix.txt (si jamais).

Fotomaximus Member

Fotomaximus

Posté(e)
  • Auteur
Posté(e)

Voici le rapport

 

 

ComboFix 09-01-21.04 - Al 2009-01-25 15:00:21.1 - NTFSx86

Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.3071.2556 [GMT 1:00]

Lancé depuis: c:\documents and settings\Al\Bureau\ComboFix.exe

AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\documents and settings\Al\Application Data\inst.exe

c:\program files\INSTALL.LOG

c:\windows\system32\drivers\npf.sys

c:\windows\system32\packet.dll

c:\windows\system32\wpcap.dll

E:\install.exe

 

.

((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

-------\Service_NPF

 

 

((((((((((((((((((((((((((((( Fichiers créés du 2008-12-25 au 2009-01-25 ))))))))))))))))))))))))))))))))))))

.

 

2009-01-25 14:35 . 2009-01-25 14:38 <REP> d-------- c:\documents and settings\All Users\Application Data\DxO_Labs

2009-01-25 13:48 . 2009-01-25 13:48 <REP> d-------- C:\rsit

2009-01-25 02:34 . 2009-01-25 02:34 <REP> d--hs---- c:\documents and settings\Al\PrivacIE

2009-01-25 02:25 . 2009-01-25 02:26 <REP> d--h-c--- c:\windows\ie8

2009-01-24 15:46 . 2009-01-24 15:46 <REP> d-------- c:\program files\Avira

2009-01-24 15:46 . 2009-01-24 15:46 <REP> d-------- c:\documents and settings\All Users\Application Data\Avira

2009-01-24 08:56 . 2009-01-24 08:56 <REP> d-------- c:\program files\Trend Micro

2009-01-18 16:27 . 2009-01-18 16:31 <REP> d-------- c:\program files\splus

2009-01-18 16:27 . 2005-10-17 18:13 447,488 --a------ c:\windows\system32\splus.cpl

2009-01-17 17:24 . 2009-01-17 17:47 <REP> d-------- c:\documents and settings\Al\.gimp-2.6

2009-01-17 17:24 . 2009-01-17 17:24 <REP> d-------- c:\documents and settings\Al\.gegl-0.0

2009-01-17 16:30 . 2009-01-17 16:55 <REP> d-------- c:\documents and settings\All Users\AdobeTemp

2009-01-17 16:15 . 2009-01-17 16:16 <REP> d-------- c:\program files\Fichiers communs\Corel

2009-01-17 15:45 . 2009-01-18 20:18 2,828 --ahs---- c:\windows\system32\KGyGaAvL.sys

2009-01-17 15:45 . 2009-01-17 16:17 88 -r-hs---- c:\windows\system32\E86DFE1C4B.sys

2009-01-17 15:43 . 2009-01-17 15:43 <REP> d-------- c:\documents and settings\All Users\Application Data\Corel

2009-01-17 15:43 . 2009-01-17 15:45 <REP> d-------- c:\documents and settings\Al\Application Data\Corel

2009-01-17 14:49 . 2009-01-17 14:49 1,745,408 --a------ c:\windows\WD120VM.DLL

2009-01-17 14:49 . 2009-01-17 14:49 901,120 --a------ c:\windows\WD120COM.DLL

2009-01-17 14:49 . 2009-01-17 14:49 856,064 --a------ c:\windows\WD120IMG2.DLL

2009-01-17 14:49 . 2009-01-17 14:49 675,840 --a------ c:\windows\WD120IMG.DLL

2009-01-17 14:49 . 2009-01-17 14:49 496,640 --a------ c:\windows\WD120STD.DLL

2009-01-17 14:49 . 2009-01-17 14:49 397,312 --a------ c:\windows\WD120CPL.DLL

2009-01-17 14:49 . 2009-01-17 14:49 116,224 --a------ c:\windows\WD120TEST.DLL

2009-01-17 08:10 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys

2009-01-17 06:21 . 2009-01-17 06:21 <REP> d-------- C:\Battle of Britain II

2009-01-04 19:14 . 2009-01-04 19:15 <REP> d-------- c:\program files\Nufsoft

2009-01-04 10:30 . 2009-01-04 12:16 <REP> d-------- c:\documents and settings\Al\.dvdcss

2009-01-04 10:29 . 2009-01-04 10:29 <REP> d-------- c:\program files\DVD Audio Extractor

2009-01-04 08:31 . 2009-01-04 08:31 <REP> d-------- c:\documents and settings\All Users\Application Data\Fallout3

2009-01-04 08:29 . 2009-01-04 08:29 <REP> d-------- c:\windows\system32\xlive

2009-01-02 19:06 . 2009-01-02 19:06 <REP> d-------- c:\program files\PowerISO

2009-01-02 10:56 . 2009-01-02 10:56 <REP> d-------- c:\documents and settings\Al\Application Data\FastStone

2009-01-01 12:46 . 2009-01-01 12:46 <REP> d-------- C:\~QTWTMP.TMP

2009-01-01 12:46 . 2009-01-01 12:46 824 --a------ c:\windows\QT$INST$.~32

2009-01-01 12:38 . 2009-01-01 12:46 140 --a------ c:\windows\DIAMAR.INI

2009-01-01 12:37 . 1996-05-08 15:14 289,280 --a------ c:\windows\uninst.exe

2008-12-30 22:29 . 2008-12-30 22:29 <REP> d-------- c:\program files\Saitek

2008-12-30 22:29 . 2004-07-20 12:01 163,840 --a------ c:\windows\system32\PrfAct.exe

2008-12-30 22:29 . 2004-07-20 11:54 147,456 --a------ c:\windows\system32\SAICFG.dll

2008-12-30 22:29 . 2004-07-20 12:01 122,880 --a------ c:\windows\system32\Nx.exe

2008-12-30 22:29 . 2002-01-05 11:18 84,992 --a------ c:\windows\system32\atl70.dll

2008-12-30 22:29 . 2004-07-20 12:01 45,056 --a------ c:\windows\system32\SAIKICK.dll

2008-12-30 22:29 . 2004-07-20 12:04 45,056 --a------ c:\windows\system32\SAIHOOK.dll

2008-12-30 22:29 . 2004-07-20 12:01 40,960 --a------ c:\windows\system32\REnum.exe

2008-12-30 22:29 . 2004-07-20 11:53 26,752 --a------ c:\windows\system32\drivers\SaiNtBus.sys

2008-12-30 22:29 . 2004-07-20 11:53 15,616 --a------ c:\windows\system32\drivers\SaiMini.sys

2008-12-30 20:10 . 2008-12-30 20:10 <REP> d-------- c:\program files\BUFFALO

2008-12-30 20:09 . 2008-12-30 20:09 <REP> d-------- c:\program files\Memeo

2008-12-30 20:09 . 2008-12-30 20:09 <REP> d-------- c:\documents and settings\All Users\Application Data\Tanagra

2008-12-28 10:57 . 2003-04-16 01:10 110,592 --a------ c:\windows\system32\tsccvid.dll

2008-12-28 10:56 . 2008-12-28 10:56 <REP> d-------- c:\program files\XviD

2008-12-27 12:04 . 2009-01-17 07:29 2,511,872 --a------ c:\windows\RUN323.DLL

2008-12-27 12:04 . 2009-01-17 07:29 1,745,408 --a------ c:\windows\RUN321.DLL

2008-12-27 12:04 . 2009-01-17 07:29 901,120 --a------ c:\windows\RUN322.DLL

2008-12-27 12:04 . 2009-01-17 07:29 856,064 --a------ c:\windows\RUN327.DLL

2008-12-27 12:04 . 2009-01-17 07:29 675,840 --a------ c:\windows\RUN326.DLL

2008-12-27 12:04 . 2009-01-17 07:29 496,640 --a------ c:\windows\RUN324.DLL

2008-12-27 12:04 . 2009-01-17 07:29 397,312 --a------ c:\windows\RUN325.DLL

2008-12-27 12:04 . 2009-01-17 07:29 116,224 --a------ c:\windows\RUN32TEST.DLL

2008-12-27 08:41 . 2008-10-24 11:22 5,497,480 --a------ c:\windows\Adobe Photoshop CS4 Extended x32 and x64 with Activation_crack_multilanguage_tested_ok.exe

2008-12-25 18:54 . 2008-12-25 18:54 <REP> d-------- c:\program files\uTorrent

2008-12-25 18:53 . 2009-01-18 15:11 <REP> d-------- c:\documents and settings\Al\Application Data\uTorrent

2008-12-25 15:39 . 2008-12-25 15:39 <REP> d-------- c:\program files\Adobe Media Player

2008-12-25 15:33 . 2008-12-25 15:33 <REP> d-------- c:\program files\Fichiers communs\Adobe AIR

2008-12-25 12:45 . 2008-12-25 12:45 <REP> d-------- c:\program files\Seagate

2008-12-25 12:45 . 2008-12-25 12:45 <REP> d-------- c:\documents and settings\All Users\Application Data\Seagate

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-01-25 08:25 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

2009-01-25 00:54 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater

2009-01-18 22:37 38,112 ----a-w c:\documents and settings\Al\Application Data\GDIPFONTCACHEV1.DAT

2009-01-18 03:54 --------- d-----w c:\documents and settings\Al\Application Data\bibble

2009-01-18 02:07 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP

2009-01-17 16:00 --------- d-----w c:\program files\Fichiers communs\Adobe

2009-01-17 14:33 --------- d-----w c:\documents and settings\Al\Application Data\U3

2009-01-17 13:32 --------- d-----w c:\program files\DOFMaster

2009-01-17 08:45 --------- d-----w c:\program files\Ultra Fractal 4

2009-01-17 07:10 --------- d-----w c:\program files\Malwarebytes' Anti-Malware

2009-01-17 02:31 --------- d-----w c:\program files\eMule

2009-01-15 16:43 --------- d-----w c:\program files\CCleaner

2009-01-14 15:11 15,504 ----a-w c:\windows\system32\drivers\mbam.sys

2009-01-04 07:31 --------- d--h--w c:\program files\InstallShield Installation Information

2009-01-01 12:50 --------- d-----w c:\program files\Microsoft Games

2008-12-27 07:43 856,064 ----a-w c:\windows\SP53.DLL

2008-12-27 07:43 675,840 ----a-w c:\windows\SP96.DLL

2008-12-27 07:43 397,312 ----a-w c:\windows\SP88.DLL

2008-12-27 07:43 364,544 ----a-w c:\windows\SP86.DLL

2008-12-27 07:43 2,511,872 ----a-w c:\windows\WD120OBJ.DLL

2008-12-27 07:43 116,224 ----a-w c:\windows\SP44.DLL

2008-12-27 07:43 110,592 ----a-w c:\windows\WD120OLE.DLL

2008-12-27 07:42 901,120 ----a-w c:\windows\SP25.DLL

2008-12-27 07:42 496,640 ----a-w c:\windows\SP45.DLL

2008-12-27 07:42 1,745,408 ----a-w c:\windows\SP12.DLL

2008-12-21 17:17 --------- d-----w c:\program files\Google

2008-12-17 19:27 --------- d-----w c:\documents and settings\Al\Application Data\e-on software

2008-12-15 08:58 --------- d-----w c:\program files\Apple Software Update

2008-12-15 08:57 --------- d-----w c:\program files\iTunes

2008-12-15 08:57 --------- d-----w c:\program files\iPod

2008-12-15 08:57 --------- d-----w c:\program files\Fichiers communs\Apple

2008-12-15 08:57 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

2008-12-15 08:56 --------- d-----w c:\program files\Bonjour

2008-12-15 08:55 --------- d-----w c:\program files\QuickTime

2008-12-13 13:04 --------- d-----w c:\documents and settings\Al\Application Data\ZoomBrowser EX

2008-12-12 15:18 --------- d-----w c:\program files\Java

2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys

2008-12-06 17:21 --------- d-----w c:\program files\Activision

2008-12-06 14:26 --------- d-----w c:\program files\Fichiers communs\Bibble Labs

2008-11-30 14:08 --------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard

2008-11-30 14:08 --------- d-----w c:\program files\AI Traffic Mover

2008-11-30 10:45 --------- d-----w c:\program files\IncrediMail

2008-11-30 09:02 --------- d-----w c:\documents and settings\Al\Application Data\CameraWindowDC

2008-11-20 17:06 1,328 ----a-w C:\FSUIPC_reg.bin

2008-10-26 09:42 5,607 ----a-w c:\windows\~GLH0003.TMP

2008-10-26 09:42 26,624 ----a-w c:\windows\~GLH0002.TMP

2008-10-26 09:42 155,136 ----a-w c:\windows\~GLC0001.TMP

2008-06-08 11:04 796 --sh--w c:\documents and settings\Al\Application Data\_mslock.dat

2007-12-25 10:51 32 ----a-w c:\documents and settings\All Users\Application Data\ezsid.dat

2007-10-27 13:13 47,360 ----a-w c:\documents and settings\Al\Application Data\pcouffin.sys

2008-03-09 14:20 119 --sh--w c:\windows\cnerolf.dat

2008-10-04 15:10 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008100420081005\index.dat

.

 

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-04-21 94208]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-27 68856]

"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\WCESCOMM.EXE" [2005-01-19 405583]

"Gadwin PrintScreen"="c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2007-08-20 495616]

"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 2097488]

"MsgCenterExe"="c:\program files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe" [2008-07-12 69632]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe_ID0EYTHM"="c:\progra~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [2007-03-20 1884160]

"NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]

"Acrobat Assistant 8.0"="e:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-10-14 623992]

"SetIcon"="\Program Files\SMSC\Seticon.exe" [2004-04-02 46080]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-12 136600]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]

"ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-08-09 221184]

"ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-08-09 81920]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]

"Adobe Photo Downloader"="e:\program files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe" [2008-04-01 61440]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]

"Profiler"="c:\program files\Saitek\Software\Profiler.exe" [2004-07-20 159744]

"SaiSmart"="c:\program files\Saitek\Software\SaiSmart.exe" [2004-07-20 98304]

"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-11-02 167936]

"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]

"Corel Photo Downloader"="c:\program files\Fichiers communs\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" [2007-08-28 531272]

"Raccourci vers la page des propriétés de High Definition Audio"="HDAShCut.exe" [2005-01-07 c:\windows\system32\HdAShCut.exe]

"atwtusb"="atwtusb.exe" [2002-11-21 c:\windows\system32\atwtusb.exe]

"nwiz"="nwiz.exe" [2008-05-16 c:\windows\system32\nwiz.exe]

"RTHDCPL"="RTHDCPL.EXE" [2005-06-29 c:\windows\RTHDCPL.EXE]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

 

c:\documents and settings\Al\Menu D‚marrer\Programmes\D‚marrage\

BUFFALO NAS Navigator.lnk - c:\program files\BUFFALO\NASNAVI\NasNavi.exe [2008-12-30 1238432]

Memeo AutoBackup Launcher.lnk - c:\program files\Memeo\AutoBackup\MemeoLauncher.exe [2007-04-07 199704]

NAS Scheduler.lnk - c:\program files\BUFFALO\NASNAVI\nassche.exe [2008-12-30 200704]

 

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\

Logo Calibration Loader.lnk - c:\program files\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe [2007-12-10 708608]

Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]

ProfileReminder.lnk - c:\program files\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe [2007-12-10 954368]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"MSACM.CEGSM"= mobilev.acm

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

@=""

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]

--a------ 2008-06-12 13:28 266497 c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Fichiers communs\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=

"e:\\Program Files\\e-on software\\Vue 6 xStream\\Application\\Vue 6 xStream.eon"=

"c:\\Program Files\\eMule\\emule.exe"=

"e:\\Program Files\\Jeux\\EA GAMES\\MOHDA\\MOHAA.exe"=

"e:\\Program Files\\Jeux\\EA GAMES\\MOHDA\\moh_spearhead.exe"=

"e:\\Program Files\\Jeux\\EA GAMES\\MOHDA\\moh_Breakthrough.exe"=

"c:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"=

"c:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"=

"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=

"c:\\Program Files\\IncrediMail\\bin\\IMApp.exe"=

"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=

"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=

"e:\\Program Files\\Microsoft Games\\Flight Simulator 9\\fs9.exe"=

"c:\\WINDOWS\\system32\\dpnsvr.exe"=

"e:\\Program Files\\Activision Value\\Soldier of Fortune Payback\\sof3.exe"=

"c:\\Program Files\\DNA\\btdna.exe"=

"c:\\Program Files\\IncrediMail\\bin\\ImLc.exe"=

"c:\\Program Files\\IncrediMail\\bin\\ImPackr.exe"=

"e:\\Program Files\\Microsoft Games\\Flight Simulator 9\\FS9-1NoCD.EXE"=

"c:\\Program Files\\Ultra Fractal 4\\Uf4.exe"=

"c:\\Program Files\\Activision Value\\Battle for the Pacific\\bftp.exe"=

"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Electronic Arts\\Medal of Honor Airborne\\UnrealEngine3\\Binaries\\MOHA.exe"=

"e:\\Program Files\\e-on software\\Application\\Vue 5 Infinite.eon"=

"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"=

"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\WINDOWS\\system32\\dpvsetup.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server

"3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server

"50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server

"50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server

"51869:TCP"= 51869:TCP:Emule2

"1845:UDP"= 1845:UDP:Windows Media Format SDK (IEXPLORE.EXE)

"1844:UDP"= 1844:UDP:Windows Media Format SDK (IEXPLORE.EXE)

 

R0 sonypvl2;sonypvl2;c:\windows\system32\drivers\sonypvl2.sys [2008-01-22 19478]

R1 sonypvf2;sonypvf2;c:\windows\system32\drivers\sonypvf2.sys [2008-01-22 635012]

R1 sonypvt2;sonypvt2;c:\windows\system32\drivers\sonypvt2.sys [2008-01-22 431236]

R3 P1120VID;Creative WebCam NX Ultra;c:\windows\system32\drivers\P1120Vid.sys [2004-01-12 1252474]

R4 NasPmService;NAS PM Service;c:\program files\BUFFALO\NASNAVI\nassvc.exe -Service_Execute -dcyc=60 -dto=3 -dluc=0 -dmin=1 -dmax=60 -dflc=0 -apc=0 -log=0 -pm=1 -pall=1 -phttp=0 -pbc=0 -ppro=0 -pcyc=0 -pmin=1 -pmax=60 -pflc=0 --> c:\program files\BUFFALO\NASNAVI\nassvc.exe -Service_Execute -dcyc=60 -dto=3 -dluc=0 -dmin=1 -dmax=60 -dflc=0 -apc=0 -log=0 -pm=1 -pall=1 -phttp=0 -pbc=0 -ppro=0 -pcyc=0 -pmin=1 -pmax=60 -pflc=0 [?]

R4 PDIHWCTL;PDIHWCTL;c:\windows\system32\drivers\pdihwctl.sys [2007-12-10 14416]

S3 eyeonedp;eye-one display;c:\windows\system32\drivers\EyeOneDp.sys [2007-12-10 44344]

S3 i1display;i1 Display;c:\windows\system32\drivers\i1display.sys [2008-11-09 44344]

S3 imhidusb;Immersion's HID USB Driver;c:\windows\system32\drivers\imhidusb.sys [2008-12-30 30984]

S3 SaiHFFB5;SaiHFFB5;c:\windows\system32\drivers\SaiHFFB5.sys [2008-12-30 56576]

S4 P1C1394;Phase One 1394 Camera Driver;c:\windows\system32\Drivers\p1c1394.sys --> c:\windows\system32\Drivers\p1c1394.sys [?]

.

Contenu du dossier 'Tâches planifiées'

 

2008-12-15 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

 

2009-01-25 c:\windows\Tasks\HPpromotions journeysoftware.job

- c:\program files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe [2005-04-22 17:36]

 

2009-01-25 c:\windows\Tasks\User_Feed_Synchronization-{97A10ED4-7245-475B-B83B-51000F2468F6}.job

- c:\windows\system32\msfeedssync.exe [2008-08-22 03:05]

.

- - - - ORPHELINS SUPPRIMES - - - -

 

HKCU-Run-AdobeBridge - (no file)

HKLM-Run-Video File - ldc26.exe

HKLM-RunServices-Video File - ldc26.exe

Notify-AtiExtEvent - (no file)

 

 

.

------- Examen supplémentaire -------

.

uStart Page = hxxp://www.google.fr/

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: &Add animation to IncrediMail Style Box - c:\progra~1\INCRED~1\bin\resources\WebMenuImg.htm

IE: Ajouter au fichier PDF existant - e:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convertir en Adobe PDF - e:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convertir la cible du lien en Adobe PDF - e:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convertir la cible du lien en un fichier PDF existant - e:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convertir la sélection en Adobe PDF - e:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convertir la sélection en un fichier PDF existant - e:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convertir les liens sélectionnés en fichier Adobe PDF - e:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convertir les liens sélectionnés en un fichier PDF existant - e:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000

Trusted Zone: maris.com\www.redshift

DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab

DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - hxxp://charon777.free.fr/plugins/hardwaredetection_2_0_4_10.cab

.

 

**************************************************************************

 

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-01-25 15:09:21

Windows 5.1.2600 Service Pack 3 NTFS

 

Recherche de processus cachés ...

 

Recherche d'éléments en démarrage automatique cachés ...

 

Recherche de fichiers cachés ...

 

 

**************************************************************************

.

--------------------- CLES DE REGISTRE BLOQUEES ---------------------

 

[HKEY_LOCAL_MACHINE\software\Adobe\Premiere Pro\2.0\DefaultPreset]

@DACL=(02 0000)

@="DV - PAL\\Standard 48kHz.prpreset"

 

[HKEY_LOCAL_MACHINE\software\Adobe\Premiere Pro\2.0\Help]

@DACL=(02 0000)

"Support"="http://www.adobe.fr/support/main.html"

"Search"="e:\\Program Files\\Adobe\\Adobe Premiere Pro 2.0\\Help\\search.html"

"Keyboard"="e:\\Program Files\\Adobe\\Adobe Premiere Pro 2.0\\Help\\1_21_0_0.html"

"HowToUse"="e:\\Program Files\\Adobe\\Adobe Premiere Pro 2.0\\Help\\0_0_0_0.html"

"ExportToDVD"="e:\\Program Files\\Adobe\\Adobe Premiere Pro 2.0\\Help\\1_19_2_0.html"

"AdobeMediaEncoder"="e:\\Program Files\\Adobe\\Adobe Premiere Pro 2.0\\Help\\1_0_0_0.html"

"Contents"="e:\\Program Files\\Adobe\\Adobe Premiere Pro 2.0\\Help\\1_0_0_0.html"

"Registration"="\"http://store.adobe.com/cgi-bin/WebObjects/WEC?pageID=RegMp1\""

.

------------------------ Autres processus actifs ------------------------

.

c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe

c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe

c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

c:\program files\BUFFALO\NASNAVI\nassvc.exe

c:\windows\system32\nvsvc32.exe

c:\windows\system32\HPZipm12.exe

c:\program files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe

c:\windows\system32\PSIService.exe

e:\program files\Photodex\ProShowProducer\scsiaccess.exe

c:\program files\Canon\CAL\CALMAIN.exe

c:\windows\system32\wscntfy.exe

c:\program files\SMSC\SetIcon.exe

c:\windows\system32\tblmouse.exe

c:\windows\system32\rundll32.exe

c:\program files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

c:\program files\iPod\bin\iPodService.exe

.

**************************************************************************

.

Heure de fin: 2009-01-25 15:15:23 - La machine a redémarré [Al]

ComboFix-quarantined-files.txt 2009-01-25 14:14:05

 

Avant-CF: 8,971,243,520 octets libres

Après-CF: 9,407,971,328 octets libres

 

Current=3 Default=3 Failed=0 LastKnownGood=4 Sets=1,2,3,4

334 --- E O F --- 2009-01-16 02:03:51

Falkra Devil Member !

Falkra

Posté(e)
Posté(e)

Quand on parle de cracks...

c:\windows\Adobe Photoshop CS4 Extended x32 and x64 with Activation_crack_multilanguage_tested_ok.exe
Maintenant la plupart sont infectés, pas étonnant que tu récoltes des bestioles... débarrasse toi de ces saletés si tu ne veux pas réinfecter la machine dans 48h. :P

 

Poste un nouveau rapport HijackThis stp.

Fotomaximus Member

Fotomaximus

Posté(e)
  • Auteur
Posté(e)

Le voici...

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 15:56:44, on 25/01/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18241)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\Program Files\BUFFALO\NASNAVI\nassvc.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe

C:\WINDOWS\system32\PSIService.exe

E:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\WINDOWS\system32\wscntfy.exe

E:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe

C:\Program Files\SMSC\Seticon.exe

C:\WINDOWS\system32\TBLMOUSE.EXE

C:\Program Files\Java\jre6\bin\jusched.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Saitek\Software\Profiler.exe

C:\Program Files\Saitek\Software\SaiSmart.exe

C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe

O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "E:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [setIcon] \Program Files\SMSC\Seticon.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [Adobe Photo Downloader] "E:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Profiler] C:\Program Files\Saitek\Software\Profiler.exe

O4 - HKLM\..\Run: [saiSmart] C:\Program Files\Saitek\Software\SaiSmart.exe

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Fichiers communs\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"

O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [MsgCenterExe] "C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe" -osboot

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: BUFFALO NAS Navigator.lnk = C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe

O4 - Startup: Memeo AutoBackup Launcher.lnk = C:\Program Files\Memeo\AutoBackup\MemeoLauncher.exe

O4 - Startup: NAS Scheduler.lnk = C:\Program Files\BUFFALO\NASNAVI\nassche.exe

O4 - Global Startup: Logo Calibration Loader.lnk = C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: ProfileReminder.lnk = C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe

O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm

O8 - Extra context menu item: Ajouter au fichier PDF existant - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir en Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000

O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll

O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O15 - Trusted Zone: http://www.redshift.maris.com

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwared...on_2_0_4_10.cab

O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} - http://www.photodex.com/pxplay.cab

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe

O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe (file missing)

O23 - Service: MEMEOI~1|Memeo AutoBackup (BMUService) - Memeo - C:\Program Files\Memeo\AutoBackup\MemeoService.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: NAS PM Service (NasPmService) - BUFFALO INC. - C:\Program Files\BUFFALO\NASNAVI\nassvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe

O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe

O23 - Service: ScsiAccess - Unknown owner - E:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe

 

--

End of file - 14135 bytes

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...