Trop de publicités lorsque j'ouvre une page internet sur mon PC

Thanos · le 9 septembre 2009

salut

j'ai telechargé antivir

Tu as remplacé AVG par Antivir ? (une bonne idée!) Par contre si c'est juste pour scanner le pc, il faut en désinstaller un car il y a de forts risques de plantage\ralentissements.

Pour ce qui est du scan sur VirusTotal, il arrive parfois que le service soit saturé. Dans ce cas, il faut recommencer plus tard.

As tu utilisé le fichier UITool3-420.zip pour nettoyer les restes de F-Secure ?

pacha26 · le 10 septembre 2009

salut

Tu as remplacé AVG par Antivir ? (une bonne idée!) Par contre si c'est juste pour scanner le pc, il faut en désinstaller un car il y a de forts risques de plantage\ralentissements.

Pour ce qui est du scan sur VirusTotal, il arrive parfois que le service soit saturé. Dans ce cas, il faut recommencer plus tard.

As tu utilisé le fichier UITool3-420.zip pour nettoyer les restes de F-Secure ?

bonjour

oui j'ai utilisé le fichier UITool3-420.zip

mon pc rame grave les pages s'ouvre au ralenti il y'a un espéce de sacagement de page....

j'ai desinstallé avg a la place antivir

aucune amélioration de la vitesse

pacha26 · le 10 septembre 2009

bonjour
oui j'ai utilisé le fichier UITool3-420.zip

mon pc rame grave les pages s'ouvre au ralenti il y'a un espéce de sacagement de page....

j'ai desinstallé avg a la place antivir

aucune amélioration de la vitesse

j'ai utilisé virustotal ;message; fichier introuvable!!

Thanos · le 10 septembre 2009

salut

Poste voir un nouveau rapport Gmer stp

pacha26 · le 10 septembre 2009

salut

Poste voir un nouveau rapport Gmer stp

voila le rap:

GMER 1.0.15.15077 [gmer.exe] - http://www.gmer.net

Rootkit scan 2009-09-10 13:18:18

Windows 5.1.2600 Service Pack 3

---- System - GMER 1.0.15 ----

SSDT BAED2DE6 ZwCreateKey

SSDT BAED2DDC ZwCreateThread

SSDT BAED2DEB ZwDeleteKey

SSDT BAED2DF5 ZwDeleteValueKey

SSDT sppm.sys ZwEnumerateKey [0xBA6C7CA2]

SSDT sppm.sys ZwEnumerateValueKey [0xBA6C8030]

SSDT BAED2DFA ZwLoadKey

SSDT sppm.sys ZwOpenKey [0xBA6AA0C0]

SSDT BAED2DC8 ZwOpenProcess

SSDT BAED2DCD ZwOpenThread

SSDT sppm.sys ZwQueryKey [0xBA6C8108]

SSDT sppm.sys ZwQueryValueKey [0xBA6C7F88]

SSDT BAED2E04 ZwReplaceKey

SSDT BAED2DFF ZwRestoreKey

SSDT BAED2DF0 ZwSetValueKey

SSDT BAED2DD7 ZwTerminateProcess

INT 0x62 ? 8A5E5BF8

INT 0x73 ? 8A597BF8

INT 0x74 ? 8A597BF8

INT 0x84 ? 8A597BF8

INT 0xB4 ? 8A597BF8

---- Kernel code sections - GMER 1.0.15 ----

? sppm.sys Le fichier spécifié est introuvable. !

.text USBPORT.SYS!DllUnload BA1808AC 5 Bytes JMP 8A5971D8

.text afvwgv26.SYS BA0AF384 1 Byte [20]

.text afvwgv26.SYS BA0AF384 37 Bytes [20, 00, 00, 68, 00, 00, 00, ...]

.text afvwgv26.SYS BA0AF3AA 24 Bytes [00, 00, 20, 00, 00, E0, 00, ...]

.text afvwgv26.SYS BA0AF3C4 3 Bytes [00, 00, 00]

.text afvwgv26.SYS BA0AF3C9 1 Byte [00]

.text ...

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] kernel32.dll!LoadResource 7C80A055 7 Bytes JMP 28001E20 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] kernel32.dll!FindResourceExW 7C80AD28 7 Bytes JMP 28001C60 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] kernel32.dll!FindResourceW 7C80BC6E 7 Bytes JMP 28001BE0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] kernel32.dll!SizeofResource 7C80BD09 7 Bytes JMP 28001EE0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] kernel32.dll!FindResourceA 7C80BF29 7 Bytes JMP 28001CF0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] kernel32.dll!LockResource 7C80CD37 5 Bytes JMP 28001F50 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] kernel32.dll!CreateEventA 7C8308B5 5 Bytes JMP 28001840 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] kernel32.dll!FindResourceExA 7C835FA8 7 Bytes JMP 28001D80 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] ADVAPI32.dll!CryptDeriveKey 77DB9FFD 7 Bytes JMP 28001000 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] ADVAPI32.dll!CryptDecrypt 77DBA129 7 Bytes JMP 28001060 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] USER32.dll!GetWindowLongW 7E3988A6 7 Bytes JMP 28006B00 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] USER32.dll!PeekMessageW 7E39929B 5 Bytes JMP 280046C0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] USER32.dll!SetWindowPlacement 7E39DE46 5 Bytes JMP 28005EA0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] USER32.dll!CreateDialogParamW 7E39EA3B 5 Bytes JMP 28006120 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] USER32.dll!LoadImageW 7E3A7B97 5 Bytes JMP 28006770 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] USER32.dll!CreateWindowExW 7E3AD0A3 5 Bytes JMP 28003CF0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] USER32.dll!SetWindowRgn 7E3AE528 7 Bytes JMP 28005FE0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] USER32.dll!LoadIconW 7E3AE8BC 5 Bytes JMP 28006960 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] USER32.dll!MessageBoxIndirectW 7E3E64D5 5 Bytes JMP 28006310 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] USER32.dll!TrackPopupMenuEx 7E3ECF62 5 Bytes JMP 28004FA0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] WS2_32.dll!closesocket 719F3E2B 5 Bytes JMP 2800BB90 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] WS2_32.dll!send 719F4C27 5 Bytes JMP 2800B770 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] WS2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 2800B550 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] WS2_32.dll!recv 719F676F 5 Bytes JMP 2800B3B0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] WS2_32.dll!WSASend 719F68FA 5 Bytes JMP 2800B950 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] SHELL32.dll!Shell_NotifyIconW 7CA3A5BF 5 Bytes JMP 28003440 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] ole32.dll!CoInitializeEx 774BEF7B 5 Bytes JMP 28002260 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] ole32.dll!CoCreateInstance 774C057E 5 Bytes JMP 28002600 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] ole32.dll!CoRegisterClassObject 774D7E90 5 Bytes JMP 28002360 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] WININET.dll!InternetReadFile 404B654B 5 Bytes JMP 2800A3B0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] WININET.dll!InternetCloseHandle 404B9088 5 Bytes JMP 2800A560 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] WININET.dll!HttpOpenRequestA 404BD508 5 Bytes JMP 2800A220 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] WININET.dll!HttpSendRequestA 404CEE81 5 Bytes JMP 2800A490 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Internet Explorer\iexplore.exe[3224] USER32.dll!DialogBoxParamW 7E3A47AB 5 Bytes JMP 40D851FD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3224] USER32.dll!SetWindowsHookExW 7E3A820F 5 Bytes JMP 40E59521 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3224] USER32.dll!CallNextHookEx 7E3AB3C6 5 Bytes JMP 40E4CB69 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3224] USER32.dll!CreateWindowExW 7E3AD0A3 5 Bytes JMP 40E5D3AC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3224] USER32.dll!UnhookWindowsHookEx 7E3AD5F3 5 Bytes JMP 40DC43F6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3224] USER32.dll!DialogBoxIndirectParamW 7E3B2072 5 Bytes JMP 40F53C10 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3224] USER32.dll!MessageBoxIndirectA 7E3BA082 5 Bytes JMP 40F53B42 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3224] USER32.dll!DialogBoxParamA 7E3BB144 5 Bytes JMP 40F53BAD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3224] USER32.dll!MessageBoxExW 7E3D0838 5 Bytes JMP 40F53A13 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3224] USER32.dll!MessageBoxExA 7E3D085C 5 Bytes JMP 40F53A75 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3224] USER32.dll!DialogBoxIndirectParamA 7E3D6D7D 5 Bytes JMP 40F53C73 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3224] USER32.dll!MessageBoxIndirectW 7E3E64D5 5 Bytes JMP 40F53AD7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3224] ole32.dll!CoCreateInstance 774C057E 5 Bytes JMP 40E5D408 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3224] ole32.dll!OleLoadFromStream 774E9C85 5 Bytes JMP 40F53F78 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3980] USER32.dll!DialogBoxParamW 7E3A47AB 5 Bytes JMP 40D851FD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3980] USER32.dll!CreateWindowExW 7E3AD0A3 5 Bytes JMP 40E5D3AC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3980] USER32.dll!DialogBoxIndirectParamW 7E3B2072 5 Bytes JMP 40F53C10 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3980] USER32.dll!MessageBoxIndirectA 7E3BA082 5 Bytes JMP 40F53B42 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3980] USER32.dll!DialogBoxParamA 7E3BB144 5 Bytes JMP 40F53BAD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3980] USER32.dll!MessageBoxExW 7E3D0838 5 Bytes JMP 40F53A13 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3980] USER32.dll!MessageBoxExA 7E3D085C 5 Bytes JMP 40F53A75 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3980] USER32.dll!DialogBoxIndirectParamA 7E3D6D7D 5 Bytes JMP 40F53C73 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3980] USER32.dll!MessageBoxIndirectW 7E3E64D5 5 Bytes JMP 40F53AD7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3996] USER32.dll!DialogBoxParamW 7E3A47AB 5 Bytes JMP 40D851FD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3996] USER32.dll!SetWindowsHookExW 7E3A820F 5 Bytes JMP 40E59521 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3996] USER32.dll!CallNextHookEx 7E3AB3C6 5 Bytes JMP 40E4CB69 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3996] USER32.dll!CreateWindowExW 7E3AD0A3 5 Bytes JMP 40E5D3AC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3996] USER32.dll!UnhookWindowsHookEx 7E3AD5F3 5 Bytes JMP 40DC43F6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3996] USER32.dll!DialogBoxIndirectParamW 7E3B2072 5 Bytes JMP 40F53C10 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3996] USER32.dll!MessageBoxIndirectA 7E3BA082 5 Bytes JMP 40F53B42 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3996] USER32.dll!DialogBoxParamA 7E3BB144 5 Bytes JMP 40F53BAD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3996] USER32.dll!MessageBoxExW 7E3D0838 5 Bytes JMP 40F53A13 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3996] USER32.dll!MessageBoxExA 7E3D085C 5 Bytes JMP 40F53A75 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3996] USER32.dll!DialogBoxIndirectParamA 7E3D6D7D 5 Bytes JMP 40F53C73 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3996] USER32.dll!MessageBoxIndirectW 7E3E64D5 5 Bytes JMP 40F53AD7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3996] ole32.dll!CoCreateInstance 774C057E 5 Bytes JMP 40E5D408 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3996] ole32.dll!OleLoadFromStream 774E9C85 5 Bytes JMP 40F53F78 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[4068] USER32.dll!DialogBoxParamW 7E3A47AB 5 Bytes JMP 40D851FD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[4068] USER32.dll!SetWindowsHookExW 7E3A820F 5 Bytes JMP 40E59521 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[4068] USER32.dll!CallNextHookEx 7E3AB3C6 5 Bytes JMP 40E4CB69 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[4068] USER32.dll!CreateWindowExW 7E3AD0A3 5 Bytes JMP 40E5D3AC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[4068] USER32.dll!UnhookWindowsHookEx 7E3AD5F3 5 Bytes JMP 40DC43F6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[4068] USER32.dll!DialogBoxIndirectParamW 7E3B2072 5 Bytes JMP 40F53C10 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[4068] USER32.dll!MessageBoxIndirectA 7E3BA082 5 Bytes JMP 40F53B42 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[4068] USER32.dll!DialogBoxParamA 7E3BB144 5 Bytes JMP 40F53BAD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[4068] USER32.dll!MessageBoxExW 7E3D0838 5 Bytes JMP 40F53A13 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[4068] USER32.dll!MessageBoxExA 7E3D085C 5 Bytes JMP 40F53A75 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[4068] USER32.dll!DialogBoxIndirectParamA 7E3D6D7D 5 Bytes JMP 40F53C73 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[4068] USER32.dll!MessageBoxIndirectW 7E3E64D5 5 Bytes JMP 40F53AD7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[4068] ole32.dll!CoCreateInstance 774C057E 5 Bytes JMP 40E5D408 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[4068] ole32.dll!OleLoadFromStream 774E9C85 5 Bytes JMP 40F53F78 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [bA6AB046] sppm.sys

IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [bA6AB142] sppm.sys

IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [bA6AB0C4] sppm.sys

IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [bA6AB7CE] sppm.sys

IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [bA6AB6A4] sppm.sys

IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [bA6B6D7A] sppm.sys

IAT \SystemRoot\System32\Drivers\afvwgv26.SYS[HAL.dll!KfAcquireSpinLock] 00000034

IAT \SystemRoot\System32\Drivers\afvwgv26.SYS[HAL.dll!READ_PORT_UCHAR] 0000008E

IAT \SystemRoot\System32\Drivers\afvwgv26.SYS[HAL.dll!KeGetCurrentIrql] 00000043

IAT \SystemRoot\System32\Drivers\afvwgv26.SYS[HAL.dll!KfRaiseIrql] 00000044

IAT \SystemRoot\System32\Drivers\afvwgv26.SYS[HAL.dll!KfLowerIrql] 000000C4

IAT \SystemRoot\System32\Drivers\afvwgv26.SYS[HAL.dll!HalGetInterruptVector] 000000DE

IAT \SystemRoot\System32\Drivers\afvwgv26.SYS[HAL.dll!HalTranslateBusAddress] 000000E9

IAT \SystemRoot\System32\Drivers\afvwgv26.SYS[HAL.dll!KeStallExecutionProcessor] 000000CB

IAT \SystemRoot\System32\Drivers\afvwgv26.SYS[HAL.dll!KfReleaseSpinLock] 00000054

IAT \SystemRoot\System32\Drivers\afvwgv26.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] 0000007B

IAT \SystemRoot\System32\Drivers\afvwgv26.SYS[HAL.dll!READ_PORT_USHORT] 00000094

IAT \SystemRoot\System32\Drivers\afvwgv26.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 00000032

IAT \SystemRoot\System32\Drivers\afvwgv26.SYS[HAL.dll!WRITE_PORT_UCHAR] 000000A6

IAT \SystemRoot\System32\Drivers\afvwgv26.SYS[WMILIB.SYS!WmiSystemControl] 00000023

IAT \SystemRoot\System32\Drivers\afvwgv26.SYS[WMILIB.SYS!WmiCompleteRequest] 0000003D

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Internet Explorer\iexplore.exe[3224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [003F1ACB] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3996] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [003F1ACB] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[4068] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [003F1ACB] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 8898E1F8

Device \FileSystem\Fastfat \FatCdrom 8A5E41F8

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

Device \Driver\usbuhci \Device\USBPDO-0 8A57A1F8

Device \Driver\NetBT \Device\NetBT_Tcpip_{7689186F-F83D-4413-8AED-37877445DD99} 895AE1F8

Device \Driver\usbuhci \Device\USBPDO-1 8A57A1F8

Device \Driver\usbuhci \Device\USBPDO-2 8A57A1F8

Device \Driver\sptd \Device\1644309528 sppm.sys

Device \Driver\usbehci \Device\USBPDO-3 8A5791F8

Device \Driver\usbuhci \Device\USBPDO-4 8A57A1F8

Device \Driver\PCI_PNP3278 \Device\00000055 sppm.sys

Device \Driver\NetBT \Device\NetBT_Tcpip_{76FD8F72-25C8-41EE-AB2F-8923437E8BF1} 895AE1F8

AttachedDevice \Driver\Tcpip \Device\Tcp fssfltr_tdi.sys (Family Safety Filter Driver (TDI)/Microsoft Corporation)

Device \Driver\Ftdisk \Device\HarddiskVolume1 8A6541F8

Device \Driver\Ftdisk \Device\HarddiskVolume2 8A6541F8

Device \Driver\Cdrom \Device\CdRom0 8A3CB1F8

Device \Driver\Cdrom \Device\CdRom1 8A3CB1F8

Device \Driver\atapi \Device\Ide\IdePort0 8A5838E0

Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 8A5838E0

Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c 8A5838E0

Device \Driver\NetBT \Device\NetBt_Wins_Export 895AE1F8

Device \Driver\NetBT \Device\NetbiosSmb 895AE1F8

Device \Driver\NetBT \Device\NetBT_Tcpip_{8DFC1167-823A-4063-B79A-A9EE84DD6B61} 895AE1F8

Device \Driver\usbuhci \Device\USBFDO-0 8A57A1F8

Device \Driver\usbuhci \Device\USBFDO-1 8A57A1F8

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 89574500

Device \Driver\usbuhci \Device\USBFDO-2 8A57A1F8

Device \FileSystem\MRxSmb \Device\LanmanRedirector 89574500

Device \Driver\usbuhci \Device\USBFDO-3 8A57A1F8

Device \Driver\usbehci \Device\USBFDO-4 8A5791F8

Device \Driver\Ftdisk \Device\FtControl 8A6541F8

Device \Driver\afvwgv26 \Device\Scsi\afvwgv261Port1Path0Target0Lun0 8A3C81F8

Device \Driver\afvwgv26 \Device\Scsi\afvwgv261Port1Path0Target0Lun0 8A442DB0

Device \Driver\afvwgv26 \Device\Scsi\afvwgv261 8A3C81F8

Device \Driver\afvwgv26 \Device\Scsi\afvwgv261 8A442DB0

Device \FileSystem\Fastfat \Fat 8A5E41F8

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device \FileSystem\Cdfs \Cdfs 888F6500

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 52\

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x0A 0x61 0xE3 0xD4 ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x2B 0x03 0x74 0xE9 ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x6F 0x89 0xDD 0x00 ...

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 52\

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x0A 0x61 0xE3 0xD4 ...

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x2B 0x03 0x74 0xE9 ...

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x6F 0x89 0xDD 0x00 ...

Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 52\

---- EOF - GMER 1.0.15 ----

pacha26 · le 11 septembre 2009

voila le rap:

GMER 1.0.15.15077 [gmer.exe] - http://www.gmer.net

Rootkit scan 2009-09-10 13:18:18

Windows 5.1.2600 Service Pack 3

---- System - GMER 1.0.15 ----

SSDT BAED2DE6 ZwCreateKey

SSDT BAED2DDC ZwCreateThread

SSDT BAED2DEB ZwDeleteKey

SSDT BAED2DF5 ZwDeleteValueKey

SSDT sppm.sys ZwEnumerateKey [0xBA6C7CA2]

SSDT sppm.sys ZwEnumerateValueKey [0xBA6C8030]

SSDT BAED2DFA ZwLoadKey

SSDT sppm.sys ZwOpenKey [0xBA6AA0C0]

SSDT BAED2DC8 ZwOpenProcess

SSDT BAED2DCD ZwOpenThread

SSDT sppm.sys ZwQueryKey [0xBA6C8108]

SSDT sppm.sys ZwQueryValueKey [0xBA6C7F88]

SSDT BAED2E04 ZwReplaceKey

SSDT BAED2DFF ZwRestoreKey

SSDT BAED2DF0 ZwSetValueKey

SSDT BAED2DD7 ZwTerminateProcess

INT 0x62 ? 8A5E5BF8

INT 0x73 ? 8A597BF8

INT 0x74 ? 8A597BF8

INT 0x84 ? 8A597BF8

INT 0xB4 ? 8A597BF8

---- Kernel code sections - GMER 1.0.15 ----

? sppm.sys Le fichier spécifié est introuvable. !

.text USBPORT.SYS!DllUnload BA1808AC 5 Bytes JMP 8A5971D8

.text afvwgv26.SYS BA0AF384 1 Byte [20]

.text afvwgv26.SYS BA0AF384 37 Bytes [20, 00, 00, 68, 00, 00, 00, ...]

.text afvwgv26.SYS BA0AF3AA 24 Bytes [00, 00, 20, 00, 00, E0, 00, ...]

.text afvwgv26.SYS BA0AF3C4 3 Bytes [00, 00, 00]

.text afvwgv26.SYS BA0AF3C9 1 Byte [00]

.text ...

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] kernel32.dll!LoadResource 7C80A055 7 Bytes JMP 28001E20 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] kernel32.dll!FindResourceExW 7C80AD28 7 Bytes JMP 28001C60 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] kernel32.dll!FindResourceW 7C80BC6E 7 Bytes JMP 28001BE0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] kernel32.dll!SizeofResource 7C80BD09 7 Bytes JMP 28001EE0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] kernel32.dll!FindResourceA 7C80BF29 7 Bytes JMP 28001CF0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] kernel32.dll!LockResource 7C80CD37 5 Bytes JMP 28001F50 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] kernel32.dll!CreateEventA 7C8308B5 5 Bytes JMP 28001840 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] kernel32.dll!FindResourceExA 7C835FA8 7 Bytes JMP 28001D80 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] ADVAPI32.dll!CryptDeriveKey 77DB9FFD 7 Bytes JMP 28001000 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] ADVAPI32.dll!CryptDecrypt 77DBA129 7 Bytes JMP 28001060 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] USER32.dll!GetWindowLongW 7E3988A6 7 Bytes JMP 28006B00 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] USER32.dll!PeekMessageW 7E39929B 5 Bytes JMP 280046C0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] USER32.dll!SetWindowPlacement 7E39DE46 5 Bytes JMP 28005EA0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] USER32.dll!CreateDialogParamW 7E39EA3B 5 Bytes JMP 28006120 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] USER32.dll!LoadImageW 7E3A7B97 5 Bytes JMP 28006770 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] USER32.dll!CreateWindowExW 7E3AD0A3 5 Bytes JMP 28003CF0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] USER32.dll!SetWindowRgn 7E3AE528 7 Bytes JMP 28005FE0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] USER32.dll!LoadIconW 7E3AE8BC 5 Bytes JMP 28006960 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] USER32.dll!MessageBoxIndirectW 7E3E64D5 5 Bytes JMP 28006310 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] USER32.dll!TrackPopupMenuEx 7E3ECF62 5 Bytes JMP 28004FA0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] WS2_32.dll!closesocket 719F3E2B 5 Bytes JMP 2800BB90 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] WS2_32.dll!send 719F4C27 5 Bytes JMP 2800B770 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] WS2_32.dll!WSARecv 719F4CB5 5 Bytes JMP 2800B550 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] WS2_32.dll!recv 719F676F 5 Bytes JMP 2800B3B0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] WS2_32.dll!WSASend 719F68FA 5 Bytes JMP 2800B950 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] SHELL32.dll!Shell_NotifyIconW 7CA3A5BF 5 Bytes JMP 28003440 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] ole32.dll!CoInitializeEx 774BEF7B 5 Bytes JMP 28002260 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] ole32.dll!CoCreateInstance 774C057E 5 Bytes JMP 28002600 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] ole32.dll!CoRegisterClassObject 774D7E90 5 Bytes JMP 28002360 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] WININET.dll!InternetReadFile 404B654B 5 Bytes JMP 2800A3B0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] WININET.dll!InternetCloseHandle 404B9088 5 Bytes JMP 2800A560 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] WININET.dll!HttpOpenRequestA 404BD508 5 Bytes JMP 2800A220 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2776] WININET.dll!HttpSendRequestA 404CEE81 5 Bytes JMP 2800A490 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)

.text C:\Program Files\Internet Explorer\iexplore.exe[3224] USER32.dll!DialogBoxParamW 7E3A47AB 5 Bytes JMP 40D851FD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3224] USER32.dll!SetWindowsHookExW 7E3A820F 5 Bytes JMP 40E59521 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3224] USER32.dll!CallNextHookEx 7E3AB3C6 5 Bytes JMP 40E4CB69 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3224] USER32.dll!CreateWindowExW 7E3AD0A3 5 Bytes JMP 40E5D3AC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3224] USER32.dll!UnhookWindowsHookEx 7E3AD5F3 5 Bytes JMP 40DC43F6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3224] USER32.dll!DialogBoxIndirectParamW 7E3B2072 5 Bytes JMP 40F53C10 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3224] USER32.dll!MessageBoxIndirectA 7E3BA082 5 Bytes JMP 40F53B42 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3224] USER32.dll!DialogBoxParamA 7E3BB144 5 Bytes JMP 40F53BAD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3224] USER32.dll!MessageBoxExW 7E3D0838 5 Bytes JMP 40F53A13 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3224] USER32.dll!MessageBoxExA 7E3D085C 5 Bytes JMP 40F53A75 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3224] USER32.dll!DialogBoxIndirectParamA 7E3D6D7D 5 Bytes JMP 40F53C73 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3224] USER32.dll!MessageBoxIndirectW 7E3E64D5 5 Bytes JMP 40F53AD7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3224] ole32.dll!CoCreateInstance 774C057E 5 Bytes JMP 40E5D408 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3224] ole32.dll!OleLoadFromStream 774E9C85 5 Bytes JMP 40F53F78 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3980] USER32.dll!DialogBoxParamW 7E3A47AB 5 Bytes JMP 40D851FD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3980] USER32.dll!CreateWindowExW 7E3AD0A3 5 Bytes JMP 40E5D3AC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3980] USER32.dll!DialogBoxIndirectParamW 7E3B2072 5 Bytes JMP 40F53C10 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3980] USER32.dll!MessageBoxIndirectA 7E3BA082 5 Bytes JMP 40F53B42 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3980] USER32.dll!DialogBoxParamA 7E3BB144 5 Bytes JMP 40F53BAD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3980] USER32.dll!MessageBoxExW 7E3D0838 5 Bytes JMP 40F53A13 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3980] USER32.dll!MessageBoxExA 7E3D085C 5 Bytes JMP 40F53A75 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3980] USER32.dll!DialogBoxIndirectParamA 7E3D6D7D 5 Bytes JMP 40F53C73 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3980] USER32.dll!MessageBoxIndirectW 7E3E64D5 5 Bytes JMP 40F53AD7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3996] USER32.dll!DialogBoxParamW 7E3A47AB 5 Bytes JMP 40D851FD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3996] USER32.dll!SetWindowsHookExW 7E3A820F 5 Bytes JMP 40E59521 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3996] USER32.dll!CallNextHookEx 7E3AB3C6 5 Bytes JMP 40E4CB69 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3996] USER32.dll!CreateWindowExW 7E3AD0A3 5 Bytes JMP 40E5D3AC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3996] USER32.dll!UnhookWindowsHookEx 7E3AD5F3 5 Bytes JMP 40DC43F6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3996] USER32.dll!DialogBoxIndirectParamW 7E3B2072 5 Bytes JMP 40F53C10 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3996] USER32.dll!MessageBoxIndirectA 7E3BA082 5 Bytes JMP 40F53B42 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3996] USER32.dll!DialogBoxParamA 7E3BB144 5 Bytes JMP 40F53BAD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3996] USER32.dll!MessageBoxExW 7E3D0838 5 Bytes JMP 40F53A13 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3996] USER32.dll!MessageBoxExA 7E3D085C 5 Bytes JMP 40F53A75 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3996] USER32.dll!DialogBoxIndirectParamA 7E3D6D7D 5 Bytes JMP 40F53C73 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3996] USER32.dll!MessageBoxIndirectW 7E3E64D5 5 Bytes JMP 40F53AD7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3996] ole32.dll!CoCreateInstance 774C057E 5 Bytes JMP 40E5D408 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[3996] ole32.dll!OleLoadFromStream 774E9C85 5 Bytes JMP 40F53F78 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[4068] USER32.dll!DialogBoxParamW 7E3A47AB 5 Bytes JMP 40D851FD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[4068] USER32.dll!SetWindowsHookExW 7E3A820F 5 Bytes JMP 40E59521 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[4068] USER32.dll!CallNextHookEx 7E3AB3C6 5 Bytes JMP 40E4CB69 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[4068] USER32.dll!CreateWindowExW 7E3AD0A3 5 Bytes JMP 40E5D3AC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[4068] USER32.dll!UnhookWindowsHookEx 7E3AD5F3 5 Bytes JMP 40DC43F6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[4068] USER32.dll!DialogBoxIndirectParamW 7E3B2072 5 Bytes JMP 40F53C10 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[4068] USER32.dll!MessageBoxIndirectA 7E3BA082 5 Bytes JMP 40F53B42 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[4068] USER32.dll!DialogBoxParamA 7E3BB144 5 Bytes JMP 40F53BAD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[4068] USER32.dll!MessageBoxExW 7E3D0838 5 Bytes JMP 40F53A13 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[4068] USER32.dll!MessageBoxExA 7E3D085C 5 Bytes JMP 40F53A75 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[4068] USER32.dll!DialogBoxIndirectParamA 7E3D6D7D 5 Bytes JMP 40F53C73 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[4068] USER32.dll!MessageBoxIndirectW 7E3E64D5 5 Bytes JMP 40F53AD7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[4068] ole32.dll!CoCreateInstance 774C057E 5 Bytes JMP 40E5D408 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

.text C:\Program Files\Internet Explorer\iexplore.exe[4068] ole32.dll!OleLoadFromStream 774E9C85 5 Bytes JMP 40F53F78 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [bA6AB046] sppm.sys

IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [bA6AB142] sppm.sys

IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [bA6AB0C4] sppm.sys

IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [bA6AB7CE] sppm.sys

IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [bA6AB6A4] sppm.sys

IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [bA6B6D7A] sppm.sys

IAT \SystemRoot\System32\Drivers\afvwgv26.SYS[HAL.dll!KfAcquireSpinLock] 00000034

IAT \SystemRoot\System32\Drivers\afvwgv26.SYS[HAL.dll!READ_PORT_UCHAR] 0000008E

IAT \SystemRoot\System32\Drivers\afvwgv26.SYS[HAL.dll!KeGetCurrentIrql] 00000043

IAT \SystemRoot\System32\Drivers\afvwgv26.SYS[HAL.dll!KfRaiseIrql] 00000044

IAT \SystemRoot\System32\Drivers\afvwgv26.SYS[HAL.dll!KfLowerIrql] 000000C4

IAT \SystemRoot\System32\Drivers\afvwgv26.SYS[HAL.dll!HalGetInterruptVector] 000000DE

IAT \SystemRoot\System32\Drivers\afvwgv26.SYS[HAL.dll!HalTranslateBusAddress] 000000E9

IAT \SystemRoot\System32\Drivers\afvwgv26.SYS[HAL.dll!KeStallExecutionProcessor] 000000CB

IAT \SystemRoot\System32\Drivers\afvwgv26.SYS[HAL.dll!KfReleaseSpinLock] 00000054

IAT \SystemRoot\System32\Drivers\afvwgv26.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] 0000007B

IAT \SystemRoot\System32\Drivers\afvwgv26.SYS[HAL.dll!READ_PORT_USHORT] 00000094

IAT \SystemRoot\System32\Drivers\afvwgv26.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 00000032

IAT \SystemRoot\System32\Drivers\afvwgv26.SYS[HAL.dll!WRITE_PORT_UCHAR] 000000A6

IAT \SystemRoot\System32\Drivers\afvwgv26.SYS[WMILIB.SYS!WmiSystemControl] 00000023

IAT \SystemRoot\System32\Drivers\afvwgv26.SYS[WMILIB.SYS!WmiCompleteRequest] 0000003D

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Internet Explorer\iexplore.exe[3224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [003F1ACB] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[3996] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [003F1ACB] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)

IAT C:\Program Files\Internet Explorer\iexplore.exe[4068] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [003F1ACB] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 8898E1F8

Device \FileSystem\Fastfat \FatCdrom 8A5E41F8

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

Device \Driver\usbuhci \Device\USBPDO-0 8A57A1F8

Device \Driver\NetBT \Device\NetBT_Tcpip_{7689186F-F83D-4413-8AED-37877445DD99} 895AE1F8

Device \Driver\usbuhci \Device\USBPDO-1 8A57A1F8

Device \Driver\usbuhci \Device\USBPDO-2 8A57A1F8

Device \Driver\sptd \Device\1644309528 sppm.sys

Device \Driver\usbehci \Device\USBPDO-3 8A5791F8

Device \Driver\usbuhci \Device\USBPDO-4 8A57A1F8

Device \Driver\PCI_PNP3278 \Device\00000055 sppm.sys

Device \Driver\NetBT \Device\NetBT_Tcpip_{76FD8F72-25C8-41EE-AB2F-8923437E8BF1} 895AE1F8

AttachedDevice \Driver\Tcpip \Device\Tcp fssfltr_tdi.sys (Family Safety Filter Driver (TDI)/Microsoft Corporation)

Device \Driver\Ftdisk \Device\HarddiskVolume1 8A6541F8

Device \Driver\Ftdisk \Device\HarddiskVolume2 8A6541F8

Device \Driver\Cdrom \Device\CdRom0 8A3CB1F8

Device \Driver\Cdrom \Device\CdRom1 8A3CB1F8

Device \Driver\atapi \Device\Ide\IdePort0 8A5838E0

Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 8A5838E0

Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c 8A5838E0

Device \Driver\NetBT \Device\NetBt_Wins_Export 895AE1F8

Device \Driver\NetBT \Device\NetbiosSmb 895AE1F8

Device \Driver\NetBT \Device\NetBT_Tcpip_{8DFC1167-823A-4063-B79A-A9EE84DD6B61} 895AE1F8

Device \Driver\usbuhci \Device\USBFDO-0 8A57A1F8

Device \Driver\usbuhci \Device\USBFDO-1 8A57A1F8

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 89574500

Device \Driver\usbuhci \Device\USBFDO-2 8A57A1F8

Device \FileSystem\MRxSmb \Device\LanmanRedirector 89574500

Device \Driver\usbuhci \Device\USBFDO-3 8A57A1F8

Device \Driver\usbehci \Device\USBFDO-4 8A5791F8

Device \Driver\Ftdisk \Device\FtControl 8A6541F8

Device \Driver\afvwgv26 \Device\Scsi\afvwgv261Port1Path0Target0Lun0 8A3C81F8

Device \Driver\afvwgv26 \Device\Scsi\afvwgv261Port1Path0Target0Lun0 8A442DB0

Device \Driver\afvwgv26 \Device\Scsi\afvwgv261 8A3C81F8

Device \Driver\afvwgv26 \Device\Scsi\afvwgv261 8A442DB0

Device \FileSystem\Fastfat \Fat 8A5E41F8

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device \FileSystem\Cdfs \Cdfs 888F6500

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 52\

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x0A 0x61 0xE3 0xD4 ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x2B 0x03 0x74 0xE9 ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x6F 0x89 0xDD 0x00 ...

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 52\

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x0A 0x61 0xE3 0xD4 ...

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x2B 0x03 0x74 0xE9 ...

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x6F 0x89 0xDD 0x00 ...

Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 52\

---- EOF - GMER 1.0.15 ----

bonjour

c'est de plus en plus lent le pc est complétement plombé.......HELP!!!

Thanos · le 11 septembre 2009

salut

Est ce que tu peux refaire un scan RSIT, mais juste poster le rapport log.txt stp ? il y a un élément qui peutexpliquer cette lenteur soudaine.

pacha26 · le 11 septembre 2009

salut

Est ce que tu peux refaire un scan RSIT, mais juste poster le rapport log.txt stp ? il y a un élément qui peutexpliquer cette lenteur soudaine.

info.txt logfile of random's system information tool 1.06 2009-09-11 12:58:15

======Uninstall list======

-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL

-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu

-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL

-->C:\WINDOWS\UNNMP.exe /UNINSTALL

-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DD4F051C-1A2B-4A91-B187-B093C597418C}\SETUP.EXE" -l0x40c anything

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

3GP Video Converter 3-->C:\Program Files\ImTOO\3GP Video Converter 3\Uninstall.exe

Logfile of random's system information tool 1.06 (written by random/random)

Run by PACHA at 2009-09-11 12:57:37

Microsoft Windows XP Édition familiale Service Pack 3

System drive C: has 12 GB (21%) free of 57 GB

Total RAM: 2047 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:58:13, on 11/09/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\PnkBstrB.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe

C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\RocketDock\RocketDock.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Documents and Settings\PACHA\Local Settings\Temporary Internet Files\Content.IE5\ZVPPKM8X\RSIT[1].exe

C:\Program Files\Trend Micro\HijackThis\PACHA.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://portail.free.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [EOUApp] "C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe"

O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless

O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"

O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe

--

End of file - 8484 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\User_Feed_Synchronization-{BA72ADC1-A0D9-4FAB-8F45-7E5F70B0E960}.job

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

C:\WINDOWS\tasks\GlaryInitialize.job

C:\WINDOWS\tasks\Google Software Updater.job

C:\WINDOWS\tasks\User_Feed_Synchronization-{79D9A124-6176-4124-8D5F-6990D9C450E5}.job

C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-10 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-09-10 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]

Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-10 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-23 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-23 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-10 256112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"EOUApp"=C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe [2005-12-28 569413]

"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2005-12-28 602182]

"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2005-12-28 667718]

"Google Quick Search Box"=C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2009-06-19 68592]

"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]

"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-09-10 3885408]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]

C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe [2007-12-22 221056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Live Update]

C:\Program Files\ASUS\ASUS Live Update\ALU.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2005-08-12 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]

C:\Program Files\DNA\btdna.exe [2008-11-26 342336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISTray]

[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

C:\Program Files\iTunes\iTunesHelper.exe [2009-06-05 292136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]

C:\WINDOWS\sm56hlpr.exe [2005-05-26 544768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]

C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [2008-07-10 397312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]

[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-23 148888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-10-20 761945]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WireLessMouse]

C:\Program Files\Multimedia Mouse Driver\StartAutorun.exe [2005-11-30 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk]

[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^ASUS ChkMail.lnk]

C:\PROGRA~1\Asus\ASUSCH~1\ChkMail.exe [2003-09-12 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^PACHA^Menu Démarrer^Programmes^Démarrage^StarOffice 8.lnk]

C:\PROGRA~1\Sun\STAROF~1\program\QUICKS~1.EXE [2008-01-21 122880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

C:\WINDOWS\system32\Ati2evxx.dll [2005-12-20 48128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveAutoRun"=67108863

"NoDriveTypeAutoRun"=323

"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveAutoRun"=

"NoDriveTypeAutoRun"=

"NoDrives"=

"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe"="C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe:*:Enabled:Antivirus Firewall"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"

"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

"D:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe"="D:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008"

"C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009"

"C:\WINDOWS\System32\PnkBstrA.exe"="C:\WINDOWS\System32\PnkBstrA.exe:*:Enabled:PnkBstrA"

"C:\WINDOWS\System32\PnkBstrB.exe"="C:\WINDOWS\System32\PnkBstrB.exe:*:Enabled:PnkBstrB"

"D:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe"="D:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty® - World at War"

"D:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe"="D:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty® - World at War"

"D:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe"="D:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2"

"D:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe"="D:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"

"D:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe"="D:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editeur"

"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"

"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"

"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"

"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

"C:\Documents and Settings\PACHA\Bureau\ANIMOTICON\1 mcoinstall.exe"="C:\Documents and Settings\PACHA\Bureau\ANIMOTICON\1 mcoinstall.exe:*:Enabled:1 mcoinstall"

"C:\WINDOWS\System32\dpvsetup.exe"="C:\WINDOWS\System32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"

"C:\WINDOWS\System32\rundll32.exe"="C:\WINDOWS\System32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"

"C:\mcoinstall.exe"="C:\mcoinstall.exe:*:Enabled:mcoinstall"

"C:\Program Files\ATI Technologies\ATI.ACE\cli.exe"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:*:Enabled:CLI Application (Command Line Interface)"

"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

"C:\Program Files\TVAnts\Tvants.exe"="C:\Program Files\TVAnts\Tvants.exe:*:Enabled:TVAnts"

"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"

"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

"C:\Program Files\Zattoo\zattood.exe"="C:\Program Files\Zattoo\zattood.exe:*:Enabled:zattood"

"C:\Program Files\Ray-Ban Agenda\rbagenda.exe"="C:\Program Files\Ray-Ban Agenda\rbagenda.exe:*:Enabled:rbagenda"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe"="C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe:*:Enabled:Antivirus Firewall"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"

"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======List of files/folders created in the last 1 months======

2009-09-11 12:57:37 ----D---- C:\rsit

2009-09-10 10:43:02 ----HD---- C:\WINDOWS\$hf_mig$

2009-09-09 14:05:46 ----D---- C:\Program Files\Avira

2009-09-09 14:05:46 ----D---- C:\Documents and Settings\All Users\Application Data\Avira

2009-09-09 11:32:05 ----D---- C:\WINDOWS\BDOSCAN8

2009-09-04 14:35:54 ----D---- C:\Program Files\Fichiers communs\SWF Studio

2009-09-04 11:04:30 ----D---- C:\Program Files\Search Guard PlusU

2009-09-04 11:04:30 ----D---- C:\Program Files\Search Guard Plus

2009-09-01 13:00:37 ----D---- C:\Documents and Settings\PACHA\Application Data\Serif

2009-09-01 12:10:34 ----D---- C:\Program Files\GIMP-2.0

2009-09-01 11:53:12 ----D---- C:\Documents and Settings\PACHA\Application Data\InspireSoft

2009-09-01 11:47:46 ----D---- C:\Documents and Settings\PACHA\Application Data\Blender Foundation

2009-09-01 11:38:45 ----A---- C:\WINDOWS\Graphex3.ini

2009-09-01 11:38:19 ----D---- C:\Program Files\Graphex3

2009-09-01 11:38:10 ----A---- C:\WINDOWS\unin040c.exe

2009-08-31 18:56:04 ----HD---- C:\WINDOWS\msdownld.tmp

2009-08-31 18:52:30 ----HD---- C:\WINDOWS\ie8

2009-08-28 13:54:48 ----D---- C:\Documents and Settings\PACHA\Application Data\Windows Live Writer

======List of files/folders modified in the last 1 months======

2009-09-10 19:40:08 ----A---- C:\WINDOWS\SchedLgU.Txt

2009-09-10 17:15:26 ----A---- C:\WINDOWS\wincmd.ini

2009-09-10 10:41:22 ----RASH---- C:\boot.ini

2009-09-10 10:41:22 ----A---- C:\WINDOWS\win.ini

2009-09-10 10:41:20 ----A---- C:\WINDOWS\system.ini

2009-09-07 16:44:16 ----A---- C:\WINDOWS\NeroDigital.ini

2009-08-31 13:08:42 ----A---- C:\cleannavi.txt

2009-08-28 23:38:20 ----A---- C:\WINDOWS\system32\MRT.exe

2009-08-28 10:35:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []

R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]

R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]

R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-09-10 28520]

R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]

R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]

R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-09-23 21275]

R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-09-10 55656]

R2 CamthWDM;WebcamMax, WDM Video Capture; C:\WINDOWS\system32\DRIVERS\CamthWDM.sys [2008-02-09 941784]

R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]

R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-12-28 13568]

R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]

R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-12-20 1419264]

R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]

R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]

R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-09-07 3959808]

R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]

R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]

R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]

R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-07-12 51328]

R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888]

R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2005-11-16 78976]

R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2005-05-26 839724]

R3 SynMini;USB2.0 1.3M Web Cam; C:\WINDOWS\System32\Drivers\SynMini.sys [2005-10-03 720470]

R3 SynScan;USB2.0 1.3M Web Cam Still Image; C:\WINDOWS\System32\Drivers\SynScan.sys [2005-10-03 8278]

R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-10-20 191936]

R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2005-11-24 47104]

R3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2005-11-22 108800]

R3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2005-09-15 36480]

R3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2005-12-01 62848]

R3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]

R3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2005-11-15 36736]

R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]

R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

R3 w39n51;Intel® PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-12-05 1428096]

S3 abpi0nkt;abpi0nkt; C:\WINDOWS\system32\drivers\abpi0nkt.sys []

S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2008-12-11 10976]

S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2008-12-11 22368]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]

S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]

S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664]

S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016]

S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2008-02-01 138112]

S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2008-02-01 8320]

S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]

S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\WINDOWS\system32\DRIVERS\s1018bus.sys [2008-06-04 90408]

S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s1018mdfl.sys [2008-06-04 15016]

S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s1018mdm.sys [2008-06-04 122024]

S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s1018mgmt.sys [2008-06-04 115368]

S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\WINDOWS\system32\DRIVERS\s1018nd5.sys [2008-06-04 25768]

S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s1018obex.sys [2008-06-04 111784]

S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\WINDOWS\system32\DRIVERS\s1018unic.sys [2008-06-04 117544]

S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]

S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]

S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]

S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2005-11-11 52864]

S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]

S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []

S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]

S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064]

S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]

S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]

S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-09-10 108289]

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-09-10 185089]

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-12-20 405504]

R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]

R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-12-28 114753]

R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-06-12 111928]

R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-12-28 217164]

R2 S24EventMonitor;Intel® PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-12-28 540745]

R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-19 182768]

S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]

S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-24 29744]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]

S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-06-05 541992]

S3 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]

S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-06-12 66872]

S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-08-07 575488]

S3 sfrem01;SF FrontLine Drivers Auto Removal (v1); C:\WINDOWS\system32\sfrem01.exe [2006-05-10 353912]

S3 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2007-05-28 275968]

S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Reader 9.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}

Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe

Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}

Asus ChkMail-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Asus\Asus ChkMail\Uninst.isu"

Asus_A_Series_ScreenSaver-->C:\WINDOWS\ASUS A Series ScreenSaver Uninstaller.exe

ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe

ATI Catalyst Control Center-->MsiExec.exe /I{F4582820-D4A2-4F60-8761-B0D93723FE97}

ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean

ATI Parental Control & Encoder-->MsiExec.exe /I{90437E5F-0A9E-4B63-AD8B-D232897D18BF}

ATK0100 ACPI UTILITY-->C:\WINDOWS\ATK0100\XPunin.exe

Avanquest update-->C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\setup.exe -runfromtemp -l0x040c -removeonly

Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE

Bluetooth Stack for Windows-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}

Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}

Call of Duty® - World at War-->C:\Program Files\InstallShield Installation Information\{D80A6A73-E58A-4673-AFF5-F12D7110661F}\setup.exe -runfromtemp -l0x040c

CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"

CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"

Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}

CueClub-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\Real\RealGames\CueClub\setup.exe"

dBpoweramp m4a Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp m4a Codec.dat

dBpoweramp Music Converter-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.dat

DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN

eMule-->"C:\Program Files\eMule\Uninstall.exe"

Far Cry 2-->"C:\Program Files\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x040c -removeonly

FlatOut2-->MsiExec.exe /I{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}

Free Mp3 Wma Converter V 1.7.3-->"C:\Program Files\Free Audio Pack\unins000.exe"

Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}

Glary Utilities 2.7.268-->"C:\Program Files\Glary Utilities\unins000.exe"

Google Chrome-->"C:\Program Files\Google\Chrome\Application\1.0.154.53\Installer\setup.exe" --uninstall --system-level

Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall

Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}

Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

Google Earth-->MsiExec.exe /X{548EAC70-EE00-11DD-908C-005056806466}

HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""

Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe

Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}

iTunes-->MsiExec.exe /I{5D601655-6D54-4384-B52C-17EC5385FBBD}

Java 6 Update 12-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}

Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}

K-Lite Codec Pack 2.74 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"

Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

Logiciel Intel® PROSet/Wireless-->C:\WINDOWS\Installer\iProInst.exe

Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}

mDriver-->MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}

mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}

mEoU-->MsiExec.exe /I{B502B428-3386-40A9-98DB-079AAB72E64F}

Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"

mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}

Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"

Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}

Microsoft .NET Framework 3.0 French Language Pack-->MsiExec.exe /X{E3C080B0-23F5-49AF-89F8-8E8DBC89E659}

Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}

Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}

Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}

Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}

Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}

Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL

Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}

Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}

Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}

Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}

Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}

Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}

Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"

Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"

Mise à jour pour Windows Internet Explorer 8 (KB973874)-->"C:\WINDOWS\ie8updates\KB973874-IE8\spuninst\spuninst.exe"

mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}

mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}

mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}

Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe

Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0-->C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 French Language Pack\setup.exe

Monopoly Deluxe-->"C:\Program Files\Zylom Games\Monopoly Deluxe\GameInstlr.exe" --uninstall UnInstall.log

Motorola SM56 Data Fax Modem-->C:\WINDOWS\Motorola\SMSERIAL\sm56unst.exe

Mozilla Firefox (3.0.1)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}

mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}

mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}

MSN Polygamy 8.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{952DEE45-7C0B-4CDF-80B3-D14BE6B02678}\Setup.exe"

MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}

MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 6.0 Parser-->MsiExec.exe /I{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}

Multimedia Mouse Driver-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{B8C11C23-F46C-48C1-8EA8-CEA82115586A} /l1036

mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}

mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}

mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}

Nero Suite-->C:\Program Files\Fichiers communs\Nero\Uninstall\Setupx.exe /uninstall ExtraUninstallID=""

Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall

Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}

Pack Vista Inspirat 2 1.0-->C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe

PC Connectivity Solution-->MsiExec.exe /I{1A524CFE-DF85-4555-8BC2-0C89DBD8BC2C}

Picasa 3-->"C:\Program Files\Picasa2\Uninstall.exe"

Power4 Gear-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4462AD13-F2AA-4CBD-9F95-293C38EED870}\setup.exe" -l0x9

PowerQuest PartitionMagic 8.0 Demo-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}

Pro Evolution Soccer 2008-->C:\Program Files\InstallShield Installation Information\{2FDFD600-7338-4738-90D5-FC4ACA08DC36}\setup.exe -runfromtemp -l0x040c

Pro Evolution Soccer 2009-->MsiExec.exe /X{A8DB611A-D80E-450D-85F6-3ACDD164BE31}

PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u

QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}

Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly

REALTEK PCIE NIC Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E2F183-BAC4-4D01-BD7A-59F781E17EFA}\setup.exe" -l0x40c REMOVE

RocketDock 1.3.5-->"C:\Program Files\RocketDock\unins000.exe"

Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}

Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}

Security Update for 2007 Microsoft Office System (KB960003)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F04F8702-18D0-458D-921E-146FB7CD38CF}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for Microsoft Office Excel 2007 (KB959997)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {9EAC3AEC-5C81-4856-A05B-DE9DC236D740}

Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}

Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}

Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}

Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}

Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}

Security Update for Outlook 2007 (KB946983)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {66B9496E-C0C3-4065-9868-85CCA92126C3}

Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}

Sony Ericsson PC Suite 4.005.00-->C:\Program Files\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}\ISAdmin.exe -runfromtemp -l0x040c -removeonly

SopCast 2.0.4-->C:\Program Files\SopCast\uninst.exe

Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}

Spybot - Search & Destroy-->"C:\Documents and Settings\PACHA\Mes documents\Spybot - Search & Destroy\unins000.exe"

StarOffice 8-->MsiExec.exe /I{009D5105-14DB-4FF9-A9DA-EC28C88472D7}

Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall

Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe

TVAnts 1.0-->C:\PROGRA~1\TVANTS\UNWISE.EXE C:\PROGRA~1\TVANTS\INSTALL.LOG

Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe

Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""

Update for Office 2007 (KB934391)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5}

Update for Outlook 2007 Junk Email Filter (kb973514)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {03B11C77-336F-43B4-9B43-79890BA84504}

USB2.0 1.3M Web Cam-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A87869D7-B133-498C-A347-D9BE109FF6C8}\Setup.exe" -l0x40c

VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}

Virtua Tennis 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9B63540D-D942-4C38-B42E-A48AE0145970}\setup.exe" -l0x40c -removeonly

VSO Image Resizer 2.1.8.2-->"C:\Program Files\VSO\Image Resizer\unins000.exe"

WebcamMax-->"C:\Program Files\WebcamMax\uninst.exe"

Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"

Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}

Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}

Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919}

Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}

Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}

Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}

Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}

Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

Windows Presentation Foundation Language Pack (FRA)-->MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494}

Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}

Windows Workflow Foundation FR Language Pack-->MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836}

WinFlash-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE10AB76-4756-4913-BE25-55D1C1051F9A}\setup.exe" -l0x9

WinFlip 0.50-->C:\Program Files\WinFlip\Uninstall.exe

Wireless Console 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{83F73CB1-7705-49D1-9852-84D839CA2A45}\setup.exe" -l0x9 -removeonly

=====HijackThis Backups=====

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) [2009-08-28]

======Hosts File======

127.0.0.1 www.007guard.com

127.0.0.1 007guard.com

127.0.0.1 008i.com

127.0.0.1 www.008k.com

127.0.0.1 008k.com

127.0.0.1 www.00hq.com

127.0.0.1 00hq.com

127.0.0.1 010402.com

127.0.0.1 www.032439.com

127.0.0.1 032439.com

======Security center information======

AV: AntiVir Desktop

======System event log======

Computer Name: PAT

Event Code: 7035

Message: Un contrôle Démarrer a correctement été envoyé au service NLA (Network Location Awareness).

Record Number: 49331

Source Name: Service Control Manager

Time Written: 20090828110120.000000+120

Event Type: Informations

User: AUTORITE NT\SYSTEM

Computer Name: PAT

Event Code: 4

Message: Le pilote a détecté une erreur interne dans ses structures de données pour .

Record Number: 49330

Source Name: sptd

Time Written: 20090828110059.000000+120

Event Type: erreur

User:

Computer Name: PAT

Event Code: 6005

Message: Le service d'Enregistrement d'événement a démarré.

Record Number: 49329

Source Name: EventLog

Time Written: 20090828110044.000000+120

Event Type: Informations

User:

Computer Name: PAT

Event Code: 6009

Message: Microsoft ® Windows ® 5.01. 2600 Service Pack 3 Multiprocessor Free.

Record Number: 49328

Source Name: EventLog

Time Written: 20090828110044.000000+120

Event Type: Informations

User:

Computer Name: PAT

Event Code: 6006

Message: Le service d'Enregistrement d'événement a été arrêté.

Record Number: 49327

Source Name: EventLog

Time Written: 20090828105906.000000+120

Event Type: Informations

User:

=====Application event log=====

Computer Name: PAT

Event Code: 1102

Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Succesfully compiled: System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089

Record Number: 6150

Source Name: .NET Runtime Optimization Service

Time Written: 20090426121426.000000+120

Event Type:

User:

Computer Name: PAT

Event Code: 1100

Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Began compiling: System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089

Record Number: 6149

Source Name: .NET Runtime Optimization Service

Time Written: 20090426121426.000000+120

Event Type: Informations

User:

Computer Name: PAT

Event Code: 1102

Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Succesfully compiled: System.Security, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a

Record Number: 6148

Source Name: .NET Runtime Optimization Service

Time Written: 20090426121426.000000+120

Event Type:

User:

Computer Name: PAT

Event Code: 1100

Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Began compiling: System.Security, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a

Record Number: 6147

Source Name: .NET Runtime Optimization Service

Time Written: 20090426121426.000000+120

Event Type: Informations

User:

Computer Name: PAT

Event Code: 1102

Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Succesfully compiled: System.Data.SqlXml, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089

Record Number: 6146

Source Name: .NET Runtime Optimization Service

Time Written: 20090426121426.000000+120

Event Type:

User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\PC Connectivity Solution;C:\Program Files\QuickTime\QTSystem;C:\Program Files\ATI Technologies\ATI.ACE;C:\Program Files\ATI Technologies\ATI.ACE\;C:\Program Files\QuickTime\QTSystem\

"windir"=%SystemRoot%

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 14 Stepping 8, GenuineIntel

"PROCESSOR_REVISION"=0e08

"NUMBER_OF_PROCESSORS"=2

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

Thanos · le 11 septembre 2009

salut

Retente stp un scan en ligne mais de ce fichier >> C:\WINDOWS\System32\Drivers\afvwgv26.SYS

Est ce que tu as installé un programme depuis le début de notre discussion ? (peut être un conflit entre deux progs).

J'ai pensé un moment que l'espace disque était peut être insuffisant sur ton pc (ce qui aurait pu expliquer ces ralentissements), mais il dispose de 12 GB.

pacha26 · le 11 septembre 2009

salut

Retente stp un scan en ligne mais de ce fichier >> C:\WINDOWS\System32\Drivers\afvwgv26.SYS

Est ce que tu as installé un programme depuis le début de notre discussion ? (peut être un conflit entre deux progs).

J'ai pensé un moment que l'espace disque était peut être insuffisant sur ton pc (ce qui aurait pu expliquer ces ralentissements), mais il dispose de 12 GB.

je suis désolé ca me mets fichier introuvable ....trés frustrant

Connexion

Pas encore inscrit ?

Trop de publicités lorsque j'ouvre une page internet sur mon PC

Messages recommandés

Thanos

pacha26

pacha26

Thanos

pacha26

pacha26

Thanos

pacha26

Thanos

pacha26

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer